>>30so basically, the good thing about md5 is that it's a quick checksum algorithm -- making sure file transfers didn't fuck up, or things like that -- areas in trust zones where you're not concerned about security because something else handled security beforehand
the bad thing is that it's too quick for security
the large checksum collider
I'm assuming "length extension attacks" means padding a file to get one checksum to be identical to another, due to the pigeonhole principle