[Python-ideas] Using sha512 instead of md5 on python.org/downloads
steve at pearwood.info
Fri Dec 7 23:09:26 EST 2018
On Fri, Dec 07, 2018 at 04:35:56PM -0800, Nathaniel Smith wrote:
> On Fri, Dec 7, 2018 at 3:38 PM Steven D'Aprano <steve at pearwood.info> wrote:
> > On Fri, Dec 07, 2018 at 01:25:19PM -0800, Nathaniel Smith wrote:
> > > For this specific purpose, md5 is just as good as a proper hash. But all
> > > else being equal, it would still be better to use a proper hash, just so
> > > people don't have to go through the whole security analysis to check
> > > that.
> > I don't understand what you are trying to say here about "the whole
> > security analysis" to check "that". What security analysis, and
> > what is "that"?
> The analysis that people posted in this thread, demonstrating that for the
> particular purpose at hand, md5 and sha-whatever are equally useful.
Okay, so your position is that even though there's no actual increase in
security from using sha512, we ought to use it so that people who don't
know any better won't complain that we're using a "less secure" hash. Is
As security theatre goes, I guess its less harmful than most :-)
> If you're worried about giving people a false sense of security, I think it
> would be more effective to post a prominent notice or link describing how
> people should interpret the hashes.
I want to avoid encouraging a false sense of security. I'm not sure
that we ought to extend that further to actively taking on the
responsibility of teaching users about this.
On the other hand, perhaps threads like this suggest that this is
inevitable... on the gripping hand, many users won't read the notice
regardless of what we do...
How often does this issue come up? I'm not sure it is common enough to
bother fixing, but others' judgement on that may differ.
> Maybe some people see md5 and think
> "ah-hah, this is their way of warning me that the hash is suitable for
> defending against accidental corruption but not malicious actors", but it
> must be a small minority :-). (That's certainly not what the OP thought.)
I didn't think they would.
> Most people will just think we're fools who don't realize or care md5 is
> broken. Statistically, that's a pretty reasonable guess when you see
> someone using md5.
I don't think there's any way to know for sure, but I'd be shocked if
"most people" even thought about the issue, or checked the hash,
regardless of whether it is sha512, md5 or a CRC checksum. In my
experience, browsers and downloaders like wget either download the data
correctly, or they make it damn obvious that the download failed. YMMV.
As for those who "think we're fools", that's not a reasonable guess by
any means. Since we're not fools, and for the purposes we're using the
hash there is no difference between md5 and sha512, such a guess would
be a classic example of "a little knowledge is dangerous" and "not as
clever or well-informed as you think you are" (that's a generic "you",
not you personally). If they don't think we're fools for using md5,
they'll probably think we're fools for some other reason.
More information about the Python-ideas