Re: md5sums files
On Wed, 03 Mar 2010 21:58:11 +0100, Frank Lin PIAT wrote:
> On Tue, 2010-03-02 at 18:21 -0800, Russ Allbery wrote:
> > Wouter Verhelst <email@example.com> writes:
> > > Or is it useful to be able to say "if it doesn't check out, it's
> > > certainly corrupt, and if it does check out, it may be corrupt"? Didn't
> > > think so.
> > I don't understand why you say this. Cryptographic attacks on MD5 aren't
> > going to happen as a result of random file corruption. The MD5 checksums
> > are still very effective at finding file corruption or modification from
> > what's in the Debian package unless that modification was done by a
> > sophisticated attacker (MD5 preimage attacks are still not exactly easy).
> > Detecting compromises is useful, but only a small part of what the MD5
> > checksums are useful for. I'd more frequently use them to detect
> > well-intentioned but misguided meddling by a local sysadmin.
> > I certainly don't object to replacing them with SHA1 hashes, although
> > signed deb packages would still be my preferred solution to this problem.
> Signed debs may introduce a fake sense of security (Only apt repository
> provide security updates). By signing packages, user may assume that a
> package is safe when it isn't.
it should actually be possible to do this securely. dpkg could be
made to work like apt where it only blindly trusts packages signed
by keys in /etc/apt/trusted.gpg. the downfall is that there is nothing
stopping the user from adding additional (potentially less than
trustworthy keys), but that isn't really solvable without destroying
freedom, and it isn't any different from the current state for apt.