Re: md5sums files

To: debian-devel@lists.debian.org
Subject: Re: md5sums files
From: Russ Allbery <rra@debian.org>
Date: Tue, 02 Mar 2010 18:21:19 -0800
Message-id: <[🔎] 874okyuov4.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> (Wouter Verhelst's message of "Wed, 3 Mar 2010 03:06:20 +0100")
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be>

Wouter Verhelst <wouter@debian.org> writes:

> Or is it useful to be able to say "if it doesn't check out, it's
> certainly corrupt, and if it does check out, it may be corrupt"? Didn't
> think so.

I don't understand why you say this.  Cryptographic attacks on MD5 aren't
going to happen as a result of random file corruption.  The MD5 checksums
are still very effective at finding file corruption or modification from
what's in the Debian package unless that modification was done by a
sophisticated attacker (MD5 preimage attacks are still not exactly easy).
Detecting compromises is useful, but only a small part of what the MD5
checksums are useful for.  I'd more frequently use them to detect
well-intentioned but misguided meddling by a local sysadmin.

I certainly don't object to replacing them with SHA1 hashes, although
signed deb packages would still be my preferred solution to this problem.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: md5sums files
  - From: Erik de Castro Lopo <erikd@mega-nerd.com>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: md5sums files
Next by Date: Position of the generic description (was: Re: Bug#555743: dpkg-gencontrol: add support for Description:-s in the Source package stanza)
Previous by thread: md5sums files
Next by thread: Re: md5sums files
Index(es):
- Date
- Thread