This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ITP] clamav-0.75.1-1 - A GPL virus scanner


Lapo Luchini wrote:

> Moreover (citing Schneier's from last Crypto-Gram) there's an old saying
> inside the NSA: "Attacks always get better; they never get worse."
> These techniques will continue to improve, and probably someday there
> will be practical attacks based on these techniques.

Anyone that had sufficient access to the server to modify the binary
could just insert a modified md5sum as well.  Its only useful purpose is
detecting accidental transmission errors and it does that just fine
regardless of the "attacks".  It's not being used in a cryptographically
secure manner so it doesn't matter that the algorithm might not be
cryptographically secure.

Brian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]