What's the point in providing an MD5 or SHA1 hash along with a downloadable executable?

I thought they were there for security; to check that the file hasn't been tampered with. But 开发者_运维百科surely if someone is capable of modifying the file then they are also capable of modifying the page with the hash!

What security does this actually offer?

They're usually there just to ensure you got the download complete and correct.

It does help with one security-related issue: malicious modification happens as a result of a trojan running on the target machine inserting itself. This isn't a "targeted" attack per se- the trojan just "infects" whatever exe's it can- wouldn't be smart enough to fix the hash.

It improves security in case file is downloaded from a mirror location.

E.g. apache.org provides many mirror download locations to reduce load on their servers. However they have no means to control validity of files on those locations. Therefore MD5 checksum is provided: The checksum file is always downloaded from apache.org, not mirrors.

It is not just for security. The hashes are provided so that you can check if the file that you downloaded is corrupt or not.

Yes it is for ensuring the file integrity.
Suppose you get the executable from another source, say from a different site, a CD/DVD, you can be sure that what you are using is the right executable.

The MD5 is to check if the file you downloaded has been downloaded correctly, it is often done with large files as ISOs for Linux distributions.

Actually, MD5 or SHA1 alone is not sufficient to verify the file integrity. You need to use a MAC, or a HMAC. Otherwise, length-extension attacks are possible.

the correct way to do it is to provide the hashes on a web server that lists all the files and their hashes. the connection to the server must be over SSL/TLS to make sure the server is the correct server and not an imposter.

in short - keep the hashes out of band from the files.