Comment Re:Google Gears (Score 1) 85
just like some are injecting bogus packets into eDonkey networks, as MD4 is not secure anymore
Do you have reference on that? I mean, the injection part, no the MD4 is broken part.
Since preimage attacks on MD4 are far from practical, you cannot inject bogus packet to infect a given file. You need to create a special file that exists in two versions: a legitimate one and a bogus one. Then you would have to get people to download you file, and now you can inject the bogus version. But I would be really surprised if someone was actually doing this: it's much easier and just as efficient to infect some file with a trojan and distibute it.
You need a really badly broken hash in order to be able to inject packets in a random file.