On 02/21/2016 06:49 PM, Ted Roche wrote: > According to > > http://fossforce.com/2016/02/linux-mint-hacked-iso-for-17-3-cinnamon-edition-modified/ > > Original web site posting here: > > http://blog.linuxmint.com/?p=2994 > > Be careful out there.
And he says "check its MD5 signature".... So many things wrong with that. But I notice that there are also sha256sum files, alongside the md5sum files-- and those sha256sum files also have OpenPGP signatures that can be checked with GnuPG to actually verify their source. I'd say it's advisable to actually *ignore the MD5 checksums*, check the sha256sums instead, and actually verify *the authenticity of the sha256sums* by checking the OpenPGP signatures. MD5 has been broken for over a decade now..., though I guess MD5 is maybe still kinda-sorta OK-ish for stuff like this (since the known pre-image attacks are still kind-of expensive)..., assuming you don't try to `skim' through verifying the checksum visually (because... <http://www.finnie.org/software/vanityhash/>).... And assuming that you can actually trust the MD5 checksum. Because MD5 is a checksum, *not a signature*. Can we trust the checksums (at least the ones given in the blog post) haven't been compromised? Who knows? It's actually a little scary to see a blog-post that says `someone broke into my server and changed stuff, but this web page is still trustworthy'. Looks like they are actually different servers, at least. Using actual *signatures* should let us bypass pretty much all of these uncertainties. At least, it would if he was using strong signing key with a strong signing hash.... He's actually using an old DSA key with SHA-1. D'oh. I guess it could be a lot worse, e.g.: http://rdist.root.org/2009/05/17/the-debian-pgp-disaster-that-almost-was/ If you're ever in a position to use hashes/checksums in your own project, check out the "Lifetimes of popular cryptographic hashes" chart first: http://valerieaurora.org/hash.html And then check back regularly :) -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr))))." _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
