Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
On Tue 23 Feb 2016 at 13:15:38 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> > i wrote:
> > > > The ISO checksums are provided more for transport verification than
> > > > for the fight against intentional mainpulation.
>
> > Nicolas George wrote:
> > > If that were true, CRC32 would be enough.
>
> > For detecting most glitches, yes.
> > But not if we want to use it for identifying files in benevolent
> > environments.
>
> You are changing the terms of the problem at each messages, it does not make
> for a constructive discussion.
But it's raised an issue that interests me...
> I am sure that you can come up with enough far-fetched conditions to build a
> situation where MD5 would be the best choice, but this is not relevant for
> real world situations.
>
> For real world situations, to protect against hostile tampering MD5 is
> broken, and to protect against accidental tampering, faster hashes exist.
Any faster ones that you recommend from the lists below? (I've rolled
my own implementation of fdupes (which uses MD5) in python.)
Python 3.4.2 (default, Oct 8 2014, 13:14:40)
...
>>> hashlib.algorithms_guaranteed
{'md5', 'sha1', 'sha224', 'sha512', 'sha384', 'sha256'}
>>> hashlib.algorithms_available
{'MD4', 'md5', 'md4', 'sha1', 'MD5', 'dsaWithSHA', 'whirlpool', 'sha',
'SHA512', 'SHA256', 'ripemd160', 'sha512', 'SHA384', 'sha384',
'dsaEncryption', 'RIPEMD160', 'sha256', 'SHA224', 'SHA1',
'ecdsa-with-SHA1', 'DSA', 'SHA', 'sha224', 'DSA-SHA'}
>>>
Cheers,
David.
Reply to: