Unsafe ISO-file signatures
- Inicie sesión o regístrese para enviar comentarios
Hello friends,
Why does Trisquel use the notorious unsafe MD5 for verification of downloaded ISO-files?
http://cdimage.trisquel.info/trisquel-images/md5sum.txt
And why does the web page where you check the signatures not support HTTPS?
To me it looks like people easily could get tricked into getting a tampered Trisquel installation media by somebody with bad intentions.
Liberty
On 15/09/13 20:10, Liberty wrote:
> Hello friends,
>
> Why does Trisquel use the notorious unsafe MD5 for verification of
> downloaded ISO-files?
>
> http://cdimage.trisquel.info/trisquel-images/md5sum.txt
Yes, this isn't ideal. IMHO GnuPG signatures would be best, maybe
alongside SHA-2 for people who don't use GnuPG.
You could file a bug report:
https://trisquel.info/en/project/issues
Andrew.
There is detached GnuPG signature for the sums file: http://cdimage.trisquel.info/trisquel-images/md5sum.txt.gpg
It more and more appears to me like security is not high priority in the distribution. I see a lot of bugreports regarding privacy and security.
> It more and more appears to me like security is not og high priority
> in the distribution. I see a lot of bugreports regarding privacy and
> security.
Privacy and security are a priority for Trisquel. However, lack of
development resources can make this difficult. Some package helpers
(e.g. Abrowser) need updating when new packages are released.
I plan on working on the Abrowser package helper in two weeks time when
I get a week off. Yes, you can hold that against me if I don't end up
doing it. ;-)
I think the increase of privacy/security bug reports might also relate
to the recent NSA disclosures a little bit.
Extra developer resources wouldn't go astray. If you can help at all,
please do.
PS. I'm not a Trisquel developer, or represent Trisquel in any way.
Andrew.
@Liberty: MD5 is essentially not unsafe simply because it was possible to produce checksum duplicates. Try to modify any file inside the ISO for a specific purpose and produce a duplicate MD5 checksum which matches the current one. Good luck.....
Not every possible attack vector does work in reality and not everywhere you have smoke, there is a fire ;)
Just my two cents,
Holger
It sounds like he means a man-in-the-middle attack could change the MD5 checksum.
No, here refers directly to MD5 as hashing algorithm:
...
Why does Trisquel use the notorious unsafe MD5 for verification of downloaded ISO-files?
...
MD5 is not unsafe simply because people were able to produce different files with identical values (= hash collisions). It simply means that MD5 should be replaced by another hash algorithm in real world scenarios.
And when it comes to modifying checksums, a MD5 sum as well as a SHA1 sum or a PGP key for verifying the signed ISO are only as save as the webserver they are stored on.
Hot air...nothing more....
It is a fact that collisions exists in MD5 and the internet is abundant with information about it. Some have even made executables with different contents, with the same MD5 signature. Here is a pretty good explanation:
http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/
MD5 was compromised in 2004. You can se a pretty neat overview of the different hash functions and their safety here:
- Inicie sesión o regístrese para enviar comentarios