<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 24, 2016 at 5:52 PM, Joshua Judson Rosen <span dir="ltr"><<a href="mailto:rozzin@hackerposse.com" target="_blank">rozzin@hackerposse.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 02/21/2016 06:49 PM, Ted Roche wrote:<br>
> According to<br>
><br>
> <a href="http://fossforce.com/2016/02/linux-mint-hacked-iso-for-17-3-cinnamon-edition-modified/" rel="noreferrer" target="_blank">http://fossforce.com/2016/02/linux-mint-hacked-iso-for-17-3-cinnamon-edition-modified/</a><br>
><br>
> Original web site posting here:<br>
><br>
> <a href="http://blog.linuxmint.com/?p=2994" rel="noreferrer" target="_blank">http://blog.linuxmint.com/?p=2994</a><br>
><br>
> Be careful out there.<br>
<br>
And he says "check its MD5 signature"....</blockquote><div><br></div><div>Check 'em all :-)</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
If you're ever in a position to use hashes/checksums in your own project,<br>
check out the "Lifetimes of popular cryptographic hashes" chart first:<br>
<br>
<a href="http://valerieaurora.org/hash.html" rel="noreferrer" target="_blank">http://valerieaurora.org/hash.html</a><br>
<br>
And then check back regularly :)</blockquote><div><br></div><div>And hashes are not just for security. Ms Aurora worked on both ZFS and btrfs. Those filesystems use the hashes for ECC. If the hash for a block is wrong, they get the dupe block (in RAID-1, etc) with a good hash and fix it. Object FS like S3, swift, ceph use hashes also.</div><div><br></div><div>Collisions are particularly bad for ECC.</div></div></div></div>