<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Mar 17, 2015 at 11:35 AM, Dave Horsfall <span dir="ltr"><<a href="mailto:dave@horsfall.org" target="_blank">dave@horsfall.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Mon, 16 Mar 2015, Henry Baker wrote:<br>
<br>
[...]<br>
<span class=""><br>
> What's the point of verifying md5sums against official values, if Kali<br>
> can't even get the "official values" securely ??<br>
<br>
</span>I'm a bit concerned about the use of MD5; was it not broken i.e.<br>
collisions detected some years ago?<div class="HOEnZb"><div class="h5"></div></div></blockquote></div><div class="gmail_extra"><br></div>Broken, chipped, cracked... ???</div><div class="gmail_extra">All the package tools Redhat, Debian, Kali ... all need to be improved.</div><div class="gmail_extra">The missing bits are how to design a robust & improved package system</div><div class="gmail_extra">and having done that transition to the new system. </div><div class="gmail_extra"><br></div><div class="gmail_extra">Collisions happen but can a replacement package be promptly generated</div><div class="gmail_extra">with specifically hacked new code bits with any level of usefull (to the hacker)</div><div class="gmail_extra">reliability and timeliness. </div><div class="gmail_extra"><br></div><div class="gmail_extra">A baby step would be for the top level to publish multiple checksums and</div><div class="gmail_extra">bit counts for all packages old and new and sign that file PGP style with</div><div class="gmail_extra">a strong key. This file can (should) be behind a https server and those that worry</div><div class="gmail_extra">can first pull packages from the mirror system. And second check them all ways to Sunday</div><div class="gmail_extra">and then update if and only if the packages match the set of hash function</div><div class="gmail_extra">results and the tabulation of multiple functions be correctly signed.<br><br>Hash collisions that apply to three or more hash functions demand that</div><div class="gmail_extra">all the functions be broken.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Other baby steps may yield more value.</div><div class="gmail_extra">A baby step does not break current methods but adds additional validation to the side.</div><div class="gmail_extra">It can be cast aside after the replacement is designed, tested and deployed.</div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>