[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

Wouter Verhelst <wouter@debian.org> writes:

> Or is it useful to be able to say "if it doesn't check out, it's
> certainly corrupt, and if it does check out, it may be corrupt"? Didn't
> think so.

I don't understand why you say this.  Cryptographic attacks on MD5 aren't
going to happen as a result of random file corruption.  The MD5 checksums
are still very effective at finding file corruption or modification from
what's in the Debian package unless that modification was done by a
sophisticated attacker (MD5 preimage attacks are still not exactly easy).
Detecting compromises is useful, but only a small part of what the MD5
checksums are useful for.  I'd more frequently use them to detect
well-intentioned but misguided meddling by a local sysadmin.

I certainly don't object to replacing them with SHA1 hashes, although
signed deb packages would still be my preferred solution to this problem.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: