Erik de Castro Lopo <er...@mega-nerd.com> writes: > Russ Allbery wrote:
>> I don't understand why you say this. Cryptographic attacks on MD5 >> aren't going to happen as a result of random file corruption. The MD5 >> checksums are still very effective at finding file corruption or >> modification from what's in the Debian package unless that modification >> was done by a sophisticated attacker (MD5 preimage attacks are still >> not exactly easy). Detecting compromises is useful, but only a small >> part of what the MD5 checksums are useful for. > If the machine has been compromised, *nothing* on the machine can be > trusted, whether its gpg signed or not. However, for detecting > corruptions and the local sysadmin meddling Russ mentioned, md5sum is > more than adequate and using something 'more secure' than md5sum is > overkill. Also, while they're no substitute for a more thorough and careful check, it's always worth remembering that most attackers are stupid or lazy. Doing something simple frequently and something more thorough but resource-intensive at a longer interval is often a good move. That said, I would never recommend debsums as a security tool. It is, however, useful when figuring out if anyone's been helpfully "fixing" things on a system by editing scripts or replacing binaries that came in packages originally. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87d3zmroqi....@windlord.stanford.edu
