Can someone explain these 2 terms to me in regards to computer forensics? I kind of understand md5 as being a way to prove that the evidence was not tampered with or altered in anyway. But I can't seem to get a grasp on it completely. So what is MD5 or MD5 hash and what is a checksum?

MD5 is just a one-way decoding function (I won't explain how it works 'cause it's available in online documentation), which takes some clear value and creates a decoded value of it, which is always 128 bits long (or 32 alphanumerical chars long).

Checksum, incl. MD5-checksum, means this generated value, and is used to distinguish any change to a file's contents; if we have a file A1, and even if 1 byte has been changed (so then the file becomes A2), then the checksums should be different for A1 and A2. Hash also could be used to compare values (for example, if password hashes are stored in database as MD5, there is a way to compare them by the user's input from a web form).

Unfortunately, MD5 is not ideal for some examples; a collision could be produced for quite a lot of cases, and that makes this algorithm insecure.

Despite it still could be used for some "human" phrases, as longer and binary-difficult is the phrase, as more obvious collision could happen.