2007/5/7, Adam Hawes <[EMAIL PROTECTED]>:
MD5 is proven weak. It's possible to take almost any file and its MD5 then create an identically sized file with the same hash in a reasonable time. This can be used to pass out an arbitrary CD image that completely trashes the contents of your hard disk. It doesn't even need to be OpenBSD on the CD.
Your mixing collision and preimage attacks. The former are possible, the latter not. Still, it's certainly time to switch to something better. PGP comes to mind... Best Martin
