So basically you guys are suspecting a massive hack of Ubuntu website.
Sigh, nothing I can do here. I'm out.
No, I was simply pointing out that a checksum is a mathematical transfom of a bunch of bits into a number. If someone was able to replace the ISO AND provide a checksum that matched that ISO on a single website, then if an unsuspecting user downloaded that ISO from that website and verified the checksum against the one on THAT website, they could have a false sense of security. Hence the good practice of getting the checksum from a different website that you download the ISO from.
Yes, it has happened. Is it common? No. But unless at least one or two anal retentive types notice it, no one will.
I think you are overreacting, Aura. Neither the OP nor I suggested that Ubuntu has been hacked, OP noticed something unusual for him, I was simply being more precise on what a checksum actually gives a person.
It's likely I'll get in a bit of trouble for this, but really, lighten up.