alt Hacker NewsIt's trivially easy to create a malicious file with the same CRC as another file.
So "verifying" using CRC is very stupid if you're trying to prevent malicious execution. You need to use cryptographic signatures.
It's trivially easy to create a malicious file with the same CRC as another file.
So "verifying" using CRC is very stupid if you're trying to prevent malicious execution. You need to use cryptographic signatures.