Re: md5sums files
Erik de Castro Lopo <erikd@mega-nerd.com> writes:
> Russ Allbery wrote:
>> I don't understand why you say this. Cryptographic attacks on MD5
>> aren't going to happen as a result of random file corruption. The MD5
>> checksums are still very effective at finding file corruption or
>> modification from what's in the Debian package unless that modification
>> was done by a sophisticated attacker (MD5 preimage attacks are still
>> not exactly easy). Detecting compromises is useful, but only a small
>> part of what the MD5 checksums are useful for.
> If the machine has been compromised, *nothing* on the machine can be
> trusted, whether its gpg signed or not. However, for detecting
> corruptions and the local sysadmin meddling Russ mentioned, md5sum is
> more than adequate and using something 'more secure' than md5sum is
> overkill.
Also, while they're no substitute for a more thorough and careful check,
it's always worth remembering that most attackers are stupid or lazy.
Doing something simple frequently and something more thorough but
resource-intensive at a longer interval is often a good move. That said,
I would never recommend debsums as a security tool. It is, however,
useful when figuring out if anyone's been helpfully "fixing" things on a
system by editing scripts or replacing binaries that came in packages
originally.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: