So I'm only a novice at such things, but there seems to be an irregularity with kali live-usbs, which is not present on other debian based live-usbs. I have downloaded and tested 5 kali-2016.1.iso's from the main site (64b full, light and mini, and 32b full and light), through the browser, using torrent, and using wget, and have tried creating the live-usbs using dd with bs=512 and bs=1M, with and without sync, and using the win32 disk imager. I have used a variety of machines, usb drives, connections and mirrors, and this issue seems to persist across all of them.

The sha1sums of the downloads match, no problems there, but I like to re-verify the files integrity using the sha1sum after the live usb or cd is created (more to check for corruption than subversion). This won't work for any of the kali isos i have tried. The same procedure works perfectly for the 2 ubuntu isos i have tried, as well as for the debain-cinnamon.iso, the subgraph.iso, and the security onion.iso. Perhaps there is a reason why this won't work for kali-usbs?

Here is an example using the Kali Linux 64 bit Light iso.

#sha1sum kali-linux-light-2016.1-amd64.iso
4132238042deba9e3bc1702afbdb1b4672b64bcb kali-linux-light-2016.1-amd64.iso

#fdisk -l
(shows usb to be /dev/sdb)

#umount /dev/sdb

#dd if=kali-linux-light-2016.1-amd64.iso of=/dev/sdb bs=512


#fdisk -l
Disk /dev/sdb: 30 GiB, 32227983360 bytes, 62945280 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x6e82b618

Device Boot Start End Sectors Size Id Type
/dev/sdb1 * 64 1894399 1894336 925M 17 Hidden HPFS/NTFS
/dev/sdb2 1894400 2070783 176384 86.1M 1 FAT12

#/sbin/isosize -x /dev/sdb
sector count: 473600, sector size: 2048

#umount /dev/sdb

#dd if=/dev/sdb count=473600 bs=2048 | sha1sum
473600+0 records in
473600+0 records out
969932800 bytes (970 MB, 925 MiB) copied, 52.5889 s, 18.4 MB/s

As I said, the exact same process returns the correct sha1sum/sha256sum for ubuntu, subgraph, debian-cinnamon and security onion, so I think that rules out hardware fault, or mistakes in the process. Does anyone know of a reason why this doesn't work for kali? Also, why does a security distro like kali use weaker verification (sha1sum) than a casual distro like ubuntu?

Thanks in advance for any ideas you might have.