SHA1 is crumbling fast. Get to higher ground.https://twitter.com/mik235/status/597370994655821826 …
-
-
@bascule@matthew_d_green I'm still unconvinced on this, but people claim this won't break githttp://stackoverflow.com/questions/9392365/how-would-git-handle-a-sha-1-collision-on-a-blob … -
@typed@matthew_d_green git has a lot of potential attack surface. Before someone makes that claim they should enumerate it all… -
@typed@matthew_d_green it’s easy to say “it won’t break git” when you’re only thinking of feature X and don’t know features Y and Z -
@typed@matthew_d_green breaking signed tags probably would involve a second preimage attack but still that’d be devastating if you use them
End of conversation
New conversation -
-
-
@bascule@matthew_d_green and it also seems to be pretty common to use only a subset of the hash, or did I get that wrong?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.