The real "fuck you, cryptanalysts" option is two-pass hashing:
H(m) = H0( H0(m) ~ m )
where H0 can be MD5 or any other normal hash and ~ is concatenation. This effectively adds a random salt to the hash, and even if a collision is found in the base hash, the salted version will 'start' (reach the start of the message) in a different state, so the collision blocks that carefully cancel out differences in the H0 state won't work on the salted state and vice versa.
This doesn't eliminate the possibility of cryptanalysis in principle, but it does make it much, much harder.
H(m) = H0( H0(m) ~ m )
where H0 can be MD5 or any other normal hash and ~ is concatenation. This effectively adds a random salt to the hash, and even if a collision is found in the base hash, the salted version will 'start' (reach the start of the message) in a different state, so the collision blocks that carefully cancel out differences in the H0 state won't work on the salted state and vice versa.
This doesn't eliminate the possibility of cryptanalysis in principle, but it does make it much, much harder.