Support for BitTorrent v2 in our Torrents
I'd like to request that the installer torrents be compatible with BitTorrent v2.
The salient difference is that BitTorrent v2 uses SHA-256 for data verification, whereas the v1 specification uses SHA-1. It is possible to make v1/v2 backward-compatible .torrent files.
The v2 spec is fairly old and hasn't been widely supported in torrent clients, but support has increased recently since the cost of SHA-1 collision attacks has dropped.
A few sources say the cost of SHA-1 attacks is now in the USD 10k-100k range, which seems potentially relevant to tails users. It seems doubly relevant since the tails download page advises users to specifically rely on bittorrent hash checks to verify the download, and since users would probably do this anyway even if tails advised against it, since gpg signature checking is... onerous.