Revision history [back]
 | 1 | initial version | posted 2018-03-07 23:54:37 +0200  |
Isn't using SHA1 checksums for SDK files a security risk
As mentioned in this question, SHA1 has been obsoleted/cracked in early 2017.
Still, the checksums (e.g. qtcreator) used for the SDK downloads are SH1.
Doesn't this introduce a security risk, since the hashes could potentially be reproduced despite of having modified the packages?
| | 2 | No.2 Revision |
Isn't using SHA1 checksums for SDK files a security risk
As mentioned in this question, SHA1 has been obsoleted/cracked in early 2017.
Still, the checksums (e.g. qtcreator) used for the SDK downloads are SH1.
Doesn't this introduce a security risk, since the hashes could potentially be reproduced despite of having modified the packages?
| | 3 | No.3 Revision |
Isn't using SHA1 checksums for SDK files a security risk
As mentioned in this question, SHA1 has been obsoleted/cracked in early 2017.
Still, the checksums (e.g. qtcreator) used for the SDK downloads are SH1.
Doesn't this introduce a security risk, since the hashes could potentially be reproduced despite of having modified the packages?
| | 4 | No.4 Revision |
Isn't using SHA1 checksums for SDK files a security riskrisk?
As mentioned in this question, SHA1 has been obsoleted/cracked in early 2017.
Still, the checksums (e.g. qtcreator) used for the SDK downloads are SH1.
Doesn't this introduce a security risk, since the hashes could potentially be reproduced despite of having modified the packages?