sorry if this is a double post, but i got some mailer-deamon writing to me... and I think the original did not go to the list.
---------- Forwarded message ---------- > From: Robert Tomsick <rob...@tomsick.net> > Date: Mon, Jan 3, 2011 at 7:52 PM > - Hide quoted text - > Subject: Re: Fwd: Fwd: question regarding verification of a debian > installation iso > To: Naja Melan <najame...@gmail.com> > > > On Mon, 2011-01-03 at 19:23 +0100, Naja Melan wrote: > > If the author of such instructions > > would be forced to justify say md5, I am quite confident that md5 would > > instantly be scrapped and replaced by better algorithm and we would > > instantly already have better and safer instructions. > > Given the attacks on MD5, it's useful as a check against corruption but > basically useless against tampering. Implicitly suggesting otherwise > (such as by presenting MD5 hashes as an alternative to SHA/RIPEMD > hashes) is IMHO a rather bad idea, especially since the folks who need > instructions on its use are likely to be unaware of its flaws. Still, > this is a relatively minor issue since Debian also provides SHA-1 hashes > alongside the MD5 ones. > > As far as the problem of trust, I really don't understand why HTTPS > isn't the default for the page(s) serving the checksums. Yes, there are > still a ton of ways that the sums could be altered (compromise of > project servers, CA coercion/negligence + MITM, shadowy cabals, etc.) -- > but that doesn't mean that we shouldn't try to raise the bar for > attackers! > > Naja makes a good point: right now the only requirement to compromise a > novice user's installation is to be able to conduct some form of MITM on > their connection. If they're not a GPG user and download a Debian ISO > over, say, a publicly-accessible wireless network or a sniffable LAN > they're basically screwed -- at that point they've got to bank on not > being worth attacking. Now it's true that that could be a pretty safe > bet (it is for me) -- but I don't think it's one that we should force > novice users to make.
