This is irrational. If you assume everything is secretly crackable, then whatever alternative you propose — also is.
In reality, public progress gives a ballpark idea of what is approaching possibility, and pre-image attacks are barely scratching MD4.
Conversation
Replying to
It's not irrational. It's how cryptography and security are approached in general. Public progress does give a good idea of what's becoming practical for attackers with far more motivation and resources, which is why sha1 isn't considered secure and is considered a vulnerability.
2
Replying to
The whole crypto fetish is useless when the practical attack scenario is someone putting malware straight into the source, and releasing it, because everyone just downloads the code (very well signed!) without reviewing it.
1
Replying to
I would not call avoiding depending on everyone having a strong password to be a crypto fetish. Taking an irresponsible and negligent approach is your prerogative and demonstrates the problem with trusting a bunch of developers, many of them treating security as an annoyance.
1
1
3
Security nihilists don't have a place in design discussions around security. Go do your trolling somewhere else and leave the discussions to people that are actually trying to make things better rather than excusing one thing based on another and claiming everything is hopeless.
2
1
1
The biggest blocker to improving software supply chain security are security nihilists fighting against making improvements including excusing insecurity and negligence based on separate kinds of issues. Software security as a whole is garbage precisely because of this attitude.
1
2
1
The status quo is bad. There are too many dependencies, too many people trusted, barely any proper code review at any level, lack of secure software distribution, lack of reproducible builds and build transparency, etc. It shouldn't be so easy to compromise a software ecosystem.
2
1
2
Replying to
With that I agree. Plenty of problems much more real and urgent, than a conspiracy theory of some unknown party making unexpected breakthrough in preimage attacks, rather than going via the front door.
1
Replying to
It's not a conspiracy theory. Git has a poor implementation of verification exposing tons of attack surface and in addition to that depends on sha1 which as I said is increasingly problematic. It's not appropriate to be building critical infrastructure depending on sha1 today.
1
There's a big difference with dealing with phasing out sha1 elsewhere and introducing new dependence on it. Projects adopting sha1 today are not just betting on the security of it today, but rather betting on the security of it many years from now when they are still being used.
1
I said it was increasingly insecure to be depend on it. It's already considered insecure even for existing use cases that were incredibly entrenched like TLS. There's a reason to move away from it before a damaging attack becomes public (no guarantee that it'll be noticed).
The state of public research is not the state of research. Even for academic research, it's not the case. Results aren't published immediately. Waiting until it's completely broken publicly is too late and it doesn't make much sense to me to start depending on it today.