Please start using SHA-256 checksums

What features/apps/bugfixes needed in a future Puppy
Post Reply
Message
Author
pcalvert
Posts: 4
Joined: Sat 02 Mar 2013, 00:57

Please start using SHA-256 checksums

#1 Post by pcalvert »

I just noticed that MD5 checksums are still being used for Puppy ISO files that are available for download. MD5 is now considered to be insecure. Please use SHA-256 instead. Thank-you. :)

Phil

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#2 Post by Flash »

I think most Puppies come with the ability to calculate MD5 checksums but not SHA-256 ones. Am I wrong?

belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

Re: Please start using SHA-256 checksums

#3 Post by belham2 »

pcalvert wrote:I just noticed that MD5 checksums are still being used for Puppy ISO files that are available for download. MD5 is now considered to be insecure. Please use SHA-256 instead. Thank-you. :)

Phil

pcalvert,

I've written about this before, but I am always banging my head against the table because people do not understand what md5/sha sums do.

All md5/Sha1/256/512 and every other checksum out there ONLY provide file integrity check.They have nothing to do with security. Do not confuse the two.

If you want security, then one of two (preferably both) things need to happen:

1) developers/maintainers start using gnupg, get themselves a gpg key, get it up in the key repos, and start making downloaders get used to gpg --verify checking if that checksum they used actually came from the develop/maintainer. This is common practice for nearly every Linux OS in existence on the web right now. In Puppyland, well, you just gotta still take everything on faith it is ok :roll:

2) the 2nd thing that needs to happens is https on the murga site itself: why we (the users) who continually ask about this (to Flash) and keep getting put off, as if John Murga will not respond about it, just makes a person shake their head to the point of inventing a new dance. Why does this keep occurring? I ask again: is John dad or something?? The fact that a move to https might even be covered thru us murga-goers & posters funding it, we still cannot even get an answer to that.

It's just damn laziness, and inertia, on Murga here. And it looks to stay that way until something real sh!tty happens and ISOs of one of the popular pups get hits, and downloaders, many downloaders, get screwed over royally over a period of months. Maybe then something will happen, or someone will get off their collective hands & start moving forward with what every website on the web is doing---going to https and forcing their site developers/maintainers to issue gpg keys for the checksums.

Until then, be forewarned: you are your own security apparatus when it comes to anything puppy. Do not ever confuse that with simple file download integrity.

dancytron
Posts: 1519
Joined: Wed 18 Jul 2012, 19:20

#4 Post by dancytron »

I mostly agree with Benham.

The MD5/SHA's are to check the integrity of the download. That's all they are intended to do.

However, the security of this board doesn't effect the ISO's either. They are controlled by the security of the sites they are uploaded and downloaded from. If someone is going to tamper with an ISO, hacking this forum doesn't help them. They have to hack ibiblio and/or it's mirrors (or github, dropbox or wherever else a particular ISO is stored).

Like with almost everything else related to computer security, the real vulnerability is social. If someone want to put a tampered evil ISO into circulation, the most effective way would be to build one, put it on dropbox or wherever, and then post it to this forum and convince people to download it. There is no technical way to protect against that.

User avatar
Galbi
Posts: 1098
Joined: Wed 21 Sep 2011, 22:32
Location: Bs.As. - Argentina.

#5 Post by Galbi »

If I understand it correctly, in this context, saying that MD5 sum is insecure, means that someone can inject malicious code into any file in an ISO Puppy Linux, and then, for some method, force the infected ISO to report the same MD5 sum as the original.

Am I right?

If I'm right, it's worth the effort?
Remember: [b][i]"pecunia pecuniam parere non potest"[/i][/b]

User avatar
Mike Walsh
Posts: 6351
Joined: Sat 28 Jun 2014, 12:42
Location: King's Lynn, UK.

#6 Post by Mike Walsh »

Y'know, belham, don't take this the wrong way, but.....why are you so obsessed with this? It's a computer operating system we're talking about here, and associated software. It's not the Crown Jewels, or the irreplaceable Seventh Wonder of the World, right?

Anyway, I wouldn't worry too much about the software. I don't think you have even the remotest glimmerings of just how far-spread Puppy's resources are. I can guarantee you that in the event of the server going down, there is so much Puppy-related stuff mirrored privately on individual cloud 'hosting' accounts (and sundry other locations, too!), that the whole operation would be up-and-running again in less than a month.

(Don't forget, too, there's the 'alternate' forum at puppylinux.info. I believe aarf set that up originally some years ago when there was a major problem at John's end.....and for a while, it was pretty busy, 'cos Puppians migrated across for the duration.

Aarf still maintains it to this day.)

No, Puppy don't keep keep all her bones in one kennel, old son. And you know darn well there's no central organisation controlling Puppy, as there is with Canonical and Ubuntu. Diverse, diluted control has its advantages sometimes.

And so what if the community was to suffer an attack of compromised hardware? What do most of us run? That's right; old 'crap' most other folks would turn their noses up at as not being fit for the scrapyard, even. How long's it gonna take to replace that old 'crap', and re-install Pup? Days, man; hours, even, for many of us. And for those running from a flash drive, only minutes....

Keep calm, and 'Carry on...' (as we Brits used to say during the dark days of the last World War..!) :D


Mike. :wink:
Last edited by Mike Walsh on Wed 01 Nov 2017, 23:08, edited 7 times in total.

dancytron
Posts: 1519
Joined: Wed 18 Jul 2012, 19:20

#7 Post by dancytron »

Galbi wrote:If I understand it correctly, in this context, saying that MD5 sum is insecure, means that someone can inject malicious code into any file in an ISO Puppy Linux, and then, for some method, force the infected ISO to report the same MD5 sum as the original.

Am I right?

If I'm right, it's worth the effort?
No, it can't do that. Even if it could, it couldn't do it without defeating the security on ibiblio or wherever else the ISO resides.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#8 Post by 8Geee »

The only thing here of relevance is that the OP has a misunderstanding of a checksum. Any alterations to a file or iso, etc will cause the checksum to be different.

Thus if I upload an iso and publish an sha1 checksum, the download can be compared to the published sha1sum. If the two match, the download is OK, else toss and try again.

At best its an implied security, but with merit. It does indicate the quality of the download connection.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#9 Post by 8Geee »

Flash wrote:I think most Puppies come with the ability to calculate MD5 checksums but not SHA-256 ones. Am I wrong?
Separately...
Slacko5.7 can and does generate sha256sums. I have used it for U/L's of a browser.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

pcalvert
Posts: 4
Joined: Sat 02 Mar 2013, 00:57

#10 Post by pcalvert »

I remember reading a few years ago that MD5 is insecure. The person also claimed that an attacker could modify a file in such a way that the MD5 value would not change. Unfortunately, I did not save a link to it.

Apparently, that person was mistaken. Or maybe the scenario he was referring to is purely theoretical, and of no practical significance.

Phil

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#11 Post by Flash »

I believe a few different files were found that gave the same checksum. That's nothing at all like being able to modify a file at will and come up with the same checksum as the original file. In that sense, MD5 is still plenty secure.

If you must worry, then worry that someone could crack a download site (such as Ibiblio), replace files with modified files containing malware and change the associated checksums to match the modified files. It seems to me that would take a lot more ambition and/or ability than most people have who might want to do such a thing.


User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#13 Post by Flash »

I stand corrected. :oops:

It does appear that an arbitrary file can be somehow appended to a good file without changing the MD5 checksum of the resulting composite file. Anyway that's the way I interpret that last article. But to be useful it would require either the download site be cracked in order to replace the good file with the modified one, or the modified file to be circulated on the Internet.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#14 Post by 8Geee »

I also stand corrected. It appears that you can have two different files with same md5sum. Thus using md5 as a "file-checker" is a bad choice.

I do recall Google announcing a 128-bit (SHA-1) collision, so that is also going to be deprecated shortly.

The OP stands as correct, we should use SHA-256 as file-checker.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
6502coder
Posts: 677
Joined: Mon 23 Mar 2009, 18:07
Location: Western United States

#15 Post by 6502coder »

8Geee wrote:I also stand corrected. It appears that you can have two different files with same md5sum. Thus using md5 as a "file-checker" is a bad choice.
The existence of collisions is not unique to MD5. ANY checksum/hash must have collisions. This has to be true because every checksum/hash has a finite length, and therefore can only take on finitely many distinct values. Whereas there are infinitely many possible files/strings as inputs. You can't uniquely map infinitely many values onto a finite number of values. Collisions are inevitable. The question is, how easy is it to exploit the collisions? The presumption is that it is harder with SHA256 than with MD5.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#16 Post by 8Geee »

Right, the more complex the algorithm the more difficult it is to have a collision. Early this year Google said they had generated a collision using SHA-1(28). IIRC MD5 collisions existed around 2005.

Funny thing is how "low" a priority this is according to brrowsers... my FF27 still allows a MD5 key to be set! In fact, there are only 2 true SHA256 keys with Foreward Secrecy, and a third without FS. When I ran FF45.8esr many poor algorithms were still included/available.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Post Reply