> what stops them from generating a new SHA-1 or MD5 hash?
The hash is communicated through a different channel. If somebody forges
Microsoft's announcement message or intercepts and changes it during delivery
(omnipotent MITM) then a fake hash can be planted as you suggest. However, the
omnipotent...
The hash is communicated through a different channel. If somebody forges
Microsoft's announcement message or intercepts and changes it during delivery
(omnipotent MITM) then a fake hash can be planted as you suggest. However, the
omnipotent...
[ more ]