I thought they were there for security; to check that the file hasn't been tampered with. But surely if someone is capable of modifying the file then they are also capable of modifying the page with the hash!
What security does this actually offer?
views:
138answers:
8
+1
A:
It is not just for security. The hashes are provided so that you can check if the file that you downloaded is corrupt or not.
Alan Haggai Alavi
2009-12-22 10:48:18
A:
The MD5 is to check if the file you downloaded has been downloaded correctly, it is often done with large files as ISOs for Linux distributions.
zpon
2009-12-22 10:48:24
doesn't tcp take care of this?
Matt
2009-12-22 10:54:58
It does, (more or less), but there have been plenty of buggy protocol layers higher up that "eat" data where TCP transmitted them perfectly. I've fallen victim to a number of them over the years. :(
nitzmahone
2009-12-22 11:17:02
Also, tcp doesn't take care of spurious dropped connections.
GregS
2009-12-27 02:42:51
+2
A:
Yes it is for ensuring the file integrity.
Suppose you get the executable from another source, say from a different site, a CD/DVD, you can be sure that what you are using is the right executable.
gameover
2009-12-22 10:49:47
+3
A:
They're usually there just to ensure you got the download complete and correct.
It does help with one security-related issue: malicious modification happens as a result of a trojan running on the target machine inserting itself. This isn't a "targeted" attack per se- the trojan just "infects" whatever exe's it can- wouldn't be smart enough to fix the hash.
nitzmahone
2009-12-22 10:50:30
+2
A:
It improves security in case file is downloaded from a mirror location.
E.g. apache.org provides many mirror download locations to reduce load on their servers. However they have no means to control validity of files on those locations. Therefore MD5 checksum is provided: The checksum file is always downloaded from apache.org, not mirrors.
Vilmantas Baranauskas
2009-12-22 12:04:07
A:
Besides it is a unique id for the whole distribution. Distributing the hash and distribution must have a legal enforcement.
smallbug005
2009-12-22 12:14:42
A:
Actually, MD5 or SHA1 alone is not sufficient to verify the file integrity. You need to use a MAC, or a HMAC. Otherwise, length-extension attacks are possible.
rFactor
2009-12-23 11:44:29
that's untrue - you can't use a [H]MAC because it would mean sharing the secret with all verifying parties (ie; anyone downloading the payload!) which would defeat the purpose of the [H]MAC.
Michael Howard-MSFT
2010-04-15 15:17:21
A:
the correct way to do it is to provide the hashes on a web server that lists all the files and their hashes. the connection to the server must be over SSL/TLS to make sure the server is the correct server and not an imposter.
in short - keep the hashes out of band from the files.
Michael Howard-MSFT
2010-04-15 15:18:32