Hi! I just installed a fresh Silverblue 42 via Fedoras Media Writer. I initially thought that it does all the security checks by itself, but I just read on the Media Writer Github that this isn’t the case for Atomic versions. Does that mean that the check is not necessary or that I need to perform it manually?
Thanks in advance 
How did you reach that conclusion?
You will find the sha256sums used by Mediawriter at https://fedoraproject.org/releases.json
The page you mentioned is about 9 years old, and although I’m not entirely sure, it probably refers to Fedora Atomic Host (which is now Fedora CoreOS) and not Fedora Atomic Desktops.
FWIW Fedora CoreOS currently also has SHA256 verification, which is build in their installer.
Oh, I see. So, just to be 100% sure, all security checks are done automatically for Silverblue as well while using Fedoras Media Writer?
Yes, and if you want, you can check it yourself. Instructions on how to do this are provided in the “We take security seriously” section in Fedora Silverblue | The Fedora Project page.
Thanks for clarifying! Is it common to check it manually in addition to what the Media Writer does, or is it more for people who download the iso separately?
I am not sure that MediaWriter can verify an iso that is downloaded separately. So, if you download the file separately, you should also verify it separately.
I agree with Villy Kruse and also think that Fedora Media Writer performs the necessary checks and manual verification is only necessary if the ISO file was downloaded manually.
Thank you both for your kindness in taking the time to explain all of this It is really appreciated! I wish you a great day!
