Date: Fri, 9 Jun 2000 17:01:25 -0700 From: "David O'Brien" <obrien@FreeBSD.org> To: Brian Fundakowski Feldman <green@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/comms/minicom/files md5 Message-ID: <20000609170125.B62028@dragon.nuxi.com> In-Reply-To: <Pine.BSF.4.21.0006091716370.59266-100000@green.dyndns.org>; from green@FreeBSD.org on Fri, Jun 09, 2000 at 05:21:20PM -0400 References: <200006091911.MAA57180@freefall.freebsd.org> <Pine.BSF.4.21.0006091716370.59266-100000@green.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 09, 2000 at 05:21:20PM -0400, Brian Fundakowski Feldman wrote: > The diffing-to-find-what-makes-an-md5-change practice is a good > thing, but how good is it really when the MD5 from a new version is > generated and we act on blind trust? That happens more often than > bouncing md5 hashes, so isn't there even _more_ of a chance of a trojan > coming in? EXACTLY. Except on one but me understood this on IRC. -- -- David (obrien@FreeBSD.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000609170125.B62028>