[Slackbuilds-users] MD5 hash sums

thyr at airmail.cc thyr at airmail.cc
Fri Aug 24 11:03:26 UTC 2018

> However, you absolutely cannot assume that because the MD5 sum matches 
> that the file is in any way "safe" or was not tampered with /before/ 
> the maintainer got to it.

Can I assume that because MD5 sum matches that the file was not tampered 
after the maintainer got it? I believe this was the original scope of 
the thread in the first place.

Quoting https://en.wikipedia.org/wiki/MD5#Preimage_vulnerability

> In April 2009, a preimage attack against MD5 was published that breaks 
> MD5's preimage resistance. This attack is only theoretical, ...

It was theoretical in 2009. The question is whether or not it was made 
practical in the past nine years? There are two possible outcomes. One: 
it was made practical and is not yet published. Two: it is still 
theoretical. Do you really want to wait until it becomes practical *and* 

More information about the SlackBuilds-users mailing list