[PLUG] RedHat 7.3 MD5 Sums
Russ Johnson
russj at dimstar.net
Mon Aug 5 17:00:57 UTC 2002
Wouldn't that type of thing sort of defeat the purpose of a checksum?
If it's really that easy to spoof a checksum, what's to stop anyone from
doing that, and why do we trust checksums?
Why didn't the guy that trojaned the openssh source do this to avoid
detection if it's really that easy?
At 09:19 PM 8/4/2002 +0000, you wrote:
>Or couldn't they have used a hex editor to make the durn thing have the same
>MD5....
Russ Johnson
http://www.dimstar.net
You can measure a programmer's perspective by noting his attitude on
the continuing viability of FORTRAN.
-- Alan Perlis
More information about the PLUG
mailing list