Re: md5sums files
On Tue, 2010-03-02 at 18:21 -0800, Russ Allbery wrote:
> Wouter Verhelst <firstname.lastname@example.org> writes:
> > Or is it useful to be able to say "if it doesn't check out, it's
> > certainly corrupt, and if it does check out, it may be corrupt"? Didn't
> > think so.
> I don't understand why you say this. Cryptographic attacks on MD5 aren't
> going to happen as a result of random file corruption. The MD5 checksums
> are still very effective at finding file corruption or modification from
> what's in the Debian package unless that modification was done by a
> sophisticated attacker (MD5 preimage attacks are still not exactly easy).
> Detecting compromises is useful, but only a small part of what the MD5
> checksums are useful for. I'd more frequently use them to detect
> well-intentioned but misguided meddling by a local sysadmin.
> I certainly don't object to replacing them with SHA1 hashes, although
> signed deb packages would still be my preferred solution to this problem.
Signed debs may introduce a fake sense of security (Only apt repository
provide security updates). By signing packages, user may assume that a
package is safe when it isn't.
Debian is 15/20 years ahead of commercial operating system on that