

Making a total hash of it - bootload
http://www.economist.com/science/tq/displaystory.cfm?story_id=10789298

======
tptacek
And, of course, this is old news, and, of course, it only works with MD5 (and
--- we expect, but do not yet know --- SHA1, but not SHA256).

Your takeaway from this article is, "don't ever use MD5 again". It has no
value. Use CRC's for error detection, and use a SHA hash for security.

~~~
mattmaroon
This is probably not old news to most readers of The Economist.

~~~
tptacek
It's also not useful to most readers of The Economist, since nothing they
commonly use relies on MD5.

~~~
mattmaroon
The Economist is basically general interest stuff for smart people. They seem
to like that sort of thing.

~~~
davidw
Yeah, there is a bunch of news there that's not personally that relevant to
me, but I like reading it just the same, being a bit of an information junkie.

------
aston
I can't believe it's 2008 and we're still reading _new_ stories about MD5
collision-resistance. We get it, anybody can manufacture N files with the same
hash and different content. Don't use MD5 as a piece of your vote commitment
scheme and move on. All of this was news years ago.

edit: MD5 is still good for random other stuff. If you MD5 something, it's not
_that_ easy for someone to find a collision with it. I'm anxiously awaiting
the revelatory article on rainbow tables in The Economist.

~~~
tptacek
What is MD5 good for? It's slower than a CRC and less secure than SHA1. It's a
crappy universal hash (bad constant factors) and it's usually much too large
for a unique identifier.

~~~
aston
My intent isn't to bat for MD5, really. But since you asked me, I'll point out
that MD5 is actually not that bad if you want a deterministic string of
randomly distributed bits. If you don't need all 128 bits, nobody's forcing
you to keep the extra ones. That said, you might as well use SHA1.

~~~
tptacek
For what it's worth, almost any random number generator is better than MD5 at
giving a deterministic random bit string, given a seed. You might start with
OpenBSD arc4random.

