[oe] Recent wordpress attacks and md5sum
Richard Purdie
rpurdie at rpsys.net
Sun Mar 4 23:43:41 UTC 2007
On Sun, 2007-03-04 at 21:53 +0100, Holger Freyther wrote:
> Am 04.03.2007 um 18:53 schrieb Erik Hovland:
>
> > On Sun, Mar 04, 2007 at 05:54:08PM +0100, Holger Freyther wrote:
> >> PPS: Yeah md5 is cracked, so is the sha family, any other options?
> >
> > Use sha256sum? NIST strongly encourages users to switch to sha-256 now
> > until they finish their hash competition.
> >
> > sha256sum does come with modern versions of coreutils. SHA-256 should
> > not be compromised yet...
> not being a crypto expert I heard complains of inbreed of the whole
> sha family. But I think sha256 is totally fine for our purpose (only
> the sums are so long...)
Would it be better to have a file with a list of urls and a list of
checksums?
Richard
More information about the Openembedded-devel
mailing list