Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

To: debian-user@lists.debian.org
Subject: Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
From: Stefan Monnier <monnier@iro.umontreal.ca>
Date: Thu, 25 Feb 2016 09:07:17 -0500
Message-id: <[🔎] jwvmvqoholz.fsf-monnier+gmane.linux.debian.user@gnu.org>
References: <[🔎] 20160223110830.GA2082127@phare.normalesup.org> <[🔎] 24646577331486804721@scdbackup.webframe.org> <[🔎] 20160223121538.GA2202247@phare.normalesup.org> <[🔎] 20160223145203.GA7538@alum> <[🔎] 20160223150437.GA2355900@phare.normalesup.org> <[🔎] 20160223155054.GB7538@alum> <[🔎] 20160225135033.GA23773@khazad-dum.debian.net>

> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky, you are going to hit a
> colision and corrupt-or-lose-data-on-dedup sooner or later.

it doesn't seem worried about this.  Admittedly, they use sha1 rather
than md5, so they have 160bit instead of 128bit, with a correspondingly
lower probability of collisions, but I'd be interested to know about
cases where md5 lead to accidental collisions.


        Stefan

Reply to:

Follow-Ups:
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Stefan Monnier <monnier@iro.umontreal.ca>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Christian Seiler <christian@iwakd.de>

References:
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Nicolas George <george@nsup.org>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: "Thomas Schmitt" <scdbackup@gmx.net>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Nicolas George <george@nsup.org>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Nicolas George <george@nsup.org>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: aptitude purge vlc removes approximately 116 other KDE packages
Next by Date: Re: aptitude purge vlc removes approximately 116 other KDE packages
Previous by thread: Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
Next by thread: Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
Index(es):
- Date
- Thread