views:

54

answers:

2

Has anyone ever had an incidence of downloading software from a genuine site, where an MD5 or SHA series hash for the download is also supplied and then discovered that the hash calculated from the downloaded artifact doesn't match the published hash?

I understand the theory but am curious how prevalent the problem is. Many software publishers seem to discount the threat.

A: 

I had a similar problem once in a Linux distro (I believe it was Fedora, but I can't recall the details): the built-in "Verify media" application had a wrong hash embedded and it would always report the disk as faulty. However, what you describe seems rare: most likely, you have a virus scanner or some sort of software that's corrupting the download.

Álvaro G. Vicario
Thanks for the answer, however I should perhaps have given an example such as http://commons.apache.org/attributes/download_attributes.cgi The idea is you download the zip, jar, whatever and generate the md5 / sha1 hash locally from what you've downloaded and then verify against the corresponding hash published on the download page. Any difference suggests that the download request has been intercepted.
Don Mackenzie
That's quite a paranoid point of view. Downloads sometimes get interrupted; computers are not bulletproof. A corrupted download doesn't imply a man-in-the-middle attack.
Álvaro G. Vicario
A: 

I have had it quite a few times, but it turned out that there was a router with faulty RAM, which was corrupting data in transit. Most of the faults were transparently handled through the TCP checksum, but some got through. In practice, I was getting one wrong bit every 30 MB or so.

I also encountered software packages with a wrong MD5 probably due to a human error on the packager side (he just forgot to rerun the MD5 after having updated the package; or it could have been his computer which had faulty memory). Last it occurred to me, it was with a binary package for NetBSD on a PowerPC architecture.

As far as I know, such random errors are orders of magnitude more frequent than real attacks from malevolent individuals. And yet they are quite rare nowadays; the Internet at large is much more reliable than 15 years ago.

Thomas Pornin
Useful perspective, thanks. Thinking more about where this technique is used, it seems to be limited to open source sites where mirroring is used.
Don Mackenzie