I have permission to install gedit on this MSWindows8 notebook at work, based on the assumption that I am fully confident that there will be no parasitic functionality installed in the process. In the present political climate, I no longer assume that tools like gedit will not be subject to MIM attacks, so I would like to see some assertion from the project that what I have is what the project has put up for download.
As an alternative, I could download the installer from three or more mirrors and do a binary compare of each copy, but that's kind of abusing the bandwidth. I'm rather considering compiling from source, but I haven't been able to open up enough time yet. Would Cygwin or MinGW be the preferred environment for compiling for source, if checksums are not available for the installer downloads?
--
