On Mon, 27 Sep 2010, grarpamp wrote:
> If
Ad nauseum... to each shall entertain their own use case scenarios.
The overall point is that MD5 is not suitable for data integrity
beyond it's known [and unknown] weaknesses.
But the flip side is that rsync is not a security tool. MD5 is fine for
> If
Ad nauseum... to each shall entertain their own use case scenarios.
The overall point is that MD5 is not suitable for data integrity
beyond it's known [and unknown] weaknesses. I've no faith
in an algorithm with such freely generatable collisions to not
have other collisions/rot with any of t
On Mon 27 Sep 2010, grarpamp wrote:
> > Yes, right now "rsync -c" is not good if an attacker has had the
> > opportunity to plant files on the destination and you want to make sure
> > the files get updated properly, but that's an uncommon use case
>
> Or whitehat people backing up cracked box
> Yes, right now "rsync -c" is not good if an attacker has had the
> opportunity to plant files on the destination and you want to make sure
> the files get updated properly, but that's an uncommon use case
Or whitehat people backing up cracked boxes.
Or anyhat people backing up data generated
