I have never checked and compared the MD5 hash to the real MD5 hash at programs homepages. Programs which I have downloaded have always worked.
Is it possible that someone can put their own code during downloading?
So it is not a security measure.
Masi
2009-04-18 21:04:43
+3
A:
A hash provides a (sort of) unique identifier for a file based on its contents. With lossy connections and poor transmission methods, as well as malicious file copies floating around, a hash provides a way of proving your file is the same file you tried downloading from the server.
You validate it by hashing the copy of the file you got, and seeing if the hashes are the same.
People can inject nasty code, change out the file being downloaded, or you could just get a corrupt download.
Tony k
2009-04-18 21:04:38
How much are there this kind of attacks in the web? I would like to know the probability.
Masi
2009-04-18 21:06:07
It's -incredibly- unlikely. Basically, you'd have to have someone on your own network or someone attacking the server to accomplish this. It basically doesn't ever happen - but allllways check hashes whenever they're provided. It's a very good practice, and very good idea for security-critical environments.
Tony k
2009-04-18 21:08:40
It's theoretically easy and rarely done in practice. However, if it happened to you, you would be upset. So check. Technically, it's a pretty poor security measure -- if a malicious attacker can replace a binary on some server, they can replace the checksum published on the same server to match. There are various schemes that distribute the checksums, so you can compare; but in practice it's mostly a precaution against incomplete downloads.
SquareCog
2009-04-18 21:09:37
Ubuntu's package manager (based on apt) does two things. Firstly, it verifies a master list of all packages, which are signed used GnuPG by a key the system knows to trust. This package list contains checksums (SHA1) of each package that is available to download.PKI methods (such as GPG) are much better than simply providing the hash. You have no idea who provided the hash, but *may* be able to ascertain who controls the signing key.
Yann Ramin
2009-04-18 21:15:29
+1
A:
Is it possible that someone can put their own code during downloading?
Yes. If the download is done via unencrypted HTTP, then it's being routed through a number of networks, and there most definitely is an opportunity for people to manipulate it and insert a trojan or virus.
And this is exactly the goal of the MD5 checksums for downloads, though this is of course not perfect security, since the checksum may be manipulated in the same way. But it would require more effort and coordination on the part of the attacker.
All in all, this is not a very common problem though, since there are other vectors of attack that are currently much more useful for bad guys (mainly webbrowser vulnerabilities).
Michael Borgwardt
2009-04-18 21:07:03
@Michael: How often do you get corrupted files? Do you ever check MD5 yourself?
Masi
2009-04-18 21:09:32
+1
A:
An MD5 hash is a form of validation. If a single bit in the file is different, the provided hash will not match the one generated from the file you downloaded. This alerts you to an error in transmission or foul play (rare).
Tricon
2009-04-18 21:10:15
+1
A:
In terms of corrupt downloads, it's pretty rare. I don't think I've ever had a corrupted download except if it somehow got truncated and the error not reported (old FTP clients back in the day).
There might be some security benefit if you're downloading from a mirror, and you trust the real site (which publishes the MD5) more than you trust the mirror (which might be out of date, or evil, or buggy, or pwned, or something, and so might a caching web proxy between it and you). Pretty unlikely situation, though, since there's normally no reason to think that the main site is any more or less trustworthy or secure than the mirror. Still, it's a second opinion.
I don't usually bother checking published checksums unless there's a particular reason to think that they are correct and the download isn't secure (e.g. the checksum is on an https URL and the download isn't). If you're worried about evil-doers then you need signing, not just an insecurely-transmitted checksum.
I do occasionally use the hash-based virus scan reports at virustotal, though. I guess a published MD5sum could allow you to virus-check the file before even downloading it, and then you'd have to check the sum after download to confirm that the value you virus-checked really was for the file you downloaded.
Note that MD5 checksums are not secure if the evil-doer generates the genuine file as well as the dodgy virus-loaded one. It's possible to generate MD5 collisions, although there is not (yet) a full pre-image attack. Anyone serious about security has switched to SHA256 sums where possible. Which is less than you might hope, for legacy and resource reasons.
Steve Jessop
2009-04-18 21:46:24
A:
It basically answers the same question as authentication - whether the one who says he is the one is actually the one. It helps you to make sure that the program you've downloaded is actually what author is provided in the first place and was not tampered on the way from the vendor all the way through the maze of the internet into your desktop.
Dima
2009-04-18 21:46:46
+1
A:
In addition to enabling you to be sure you got the code you tried to download (it wasn't corrupted either intentionally or accidentally), if you check the hash, the practice of including hashes when publishing code is good social hygiene. Since people who share or sell software often include hashes with their code, and we believe that some people routinely check them (because some download tools do it automatically) crackers will find this to be a less useful way of spreading malware. Therefore, those who only check the hash on security-critical software, or those who never check can have more confidence that the software is what it purports to be. If crackers tried to start injecting viruses or trojans into often-used download sites, they would be detected pretty quickly, and the attack repaired and publicized.
So, you can help everyone by occasionally checking, and even if you don't, the presence of the hashes should provide some reassurance that the code is probably as the author intended it, and the same code downloaded by many other people.
PanCrit
2009-04-18 22:35:44
A:
I check md5 most of the time. Although maybe just once or twice, yes, I did get corrupt downloads.
If you download something, check its md5 and store along with file, it may also be a way later to check if the publisher has secretly changed the file without telling it to anyone.
User
2009-04-18 22:48:39