archive about

MD5 is dead

As shown in MD5 Collisions, it is (relatively) easy to construct 2 documents that have the same MD5 hash. Which means, that you should not trust MD5 as a digital signature.

[via me and mostly libre software]