If you want to be sure you got the iso image I created, please verify the OpenPGP signature! A short tutorial you may find in our online help: https://anonymous-proxy-servers.net/en/ ... turen.htmljust as a short tip: you could use sha256 check sums for your jondo live-dvd. tails already has sha256. md5 check sums are not really state of the art in my view.
Hashes like MD5 or SHA256 or what ever are only for download verification. It is NOT a cryptografic verification you got the file created by the developer. If an attacker hacked the server he can modify the downloads AND the signature hashes published on the website like MD5 or SHA256 or what ever too.
State of the art are public key signatures created with a private key. Almost all security related projects (like TorBrowserBundle, JonDonym, TAILS and others) offer OpenPGP signatures created by the developers for verification.
I think, for simple download verification MD5 hashes are more than enough for this purpose. But I don't want a discussion. If you prefer SHA256 you will get it - no problem.