From: "Chí-Thanh Christopher Nguyễn" <chithanh@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] ChangeLog
Date: Wed, 4 Nov 2015 17:33:05 +0100 [thread overview]
Message-ID: <563A3341.3040504@gentoo.org> (raw)
In-Reply-To: <563A2FDC.1090801@gentoo.org>
hasufell schrieb:
> On 11/04/2015 09:56 AM, Andrew Savchenko wrote:
>> No, it is not. The whole git tree is insecure and no better than
>> rsync or CVS in terms of data security because SHA1 is vulnerable.
>>
> Another one who is confusing _any_ collision with _preimage attack_ ;)
While Andrew's view is very pessimistic here, yours is decidedly optimistic.
There is no known computationally feasible preimage attack against MD5,
still that hash function is broken in serious ways with attacks already
having real-world consequences.
It would be quite naïve to assume that SHA1 will remain secure until a
preimage attack is found.
Best regards,
Chí-Thanh Christopher Nguyễn
next prev parent reply other threads:[~2015-11-04 16:33 UTC|newest]
Thread overview: 103+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-01 12:16 [gentoo-dev] ChangeLog Patrick Lauer
2015-11-01 12:22 ` Anthony G. Basile
2015-11-02 20:05 ` Daniel Campbell
2015-11-02 20:22 ` Vadim A. Misbakh-Soloviov
2015-11-02 21:17 ` Aaron W. Swenson
2015-11-03 4:24 ` Jeroen Roovers
2015-11-03 14:33 ` Aaron W. Swenson
2015-11-01 12:33 ` Мисбах-Соловьёв Вадим
2015-11-01 12:53 ` Rich Freeman
2015-11-01 13:25 ` Patrick Lauer
2015-11-03 21:17 ` Pacho Ramos
2015-11-01 13:24 ` hasufell
2015-11-01 13:28 ` Patrick Lauer
2015-11-01 13:33 ` hasufell
2015-11-01 13:47 ` Alexis Ballier
2015-11-01 13:53 ` hasufell
2015-11-04 8:56 ` Andrew Savchenko
2015-11-04 16:18 ` hasufell
2015-11-04 16:28 ` Kristian Fiskerstrand
2015-11-04 16:33 ` Chí-Thanh Christopher Nguyễn [this message]
2015-11-04 16:38 ` hasufell
2015-11-04 16:44 ` Chí-Thanh Christopher Nguyễn
2015-11-04 17:23 ` hasufell
2015-11-01 14:19 ` Rich Freeman
2015-11-01 15:00 ` Alexis Ballier
2015-11-01 15:17 ` Rich Freeman
2015-11-01 15:24 ` Alexis Ballier
2015-11-01 17:26 ` Rich Freeman
2015-11-01 22:10 ` Alexis Ballier
2015-11-01 15:29 ` [gentoo-dev] ChangeLog Martin Vaeth
2015-11-01 17:31 ` Rich Freeman
2015-11-01 13:51 ` [gentoo-dev] ChangeLog Мисбах-Соловьёв Вадим
2015-11-01 13:57 ` hasufell
2015-11-01 16:01 ` [gentoo-dev] ChangeLog Martin Vaeth
2015-11-01 16:19 ` Мисбах-Соловьёв Вадим
2015-11-01 16:30 ` Ciaran McCreesh
2015-11-01 16:34 ` Мисбах-Соловьёв Вадим
2015-11-01 20:33 ` Martin Vaeth
2015-11-01 20:38 ` Kristian Fiskerstrand
2015-11-01 20:59 ` Rich Freeman
2015-11-01 21:26 ` Martin Vaeth
2015-11-01 20:24 ` Martin Vaeth
2015-11-02 12:10 ` Tobias Klausmann
2015-11-01 22:38 ` Chí-Thanh Christopher Nguyễn
2015-11-01 16:11 ` [gentoo-dev] ChangeLog Мисбах-Соловьёв Вадим
2015-11-01 22:30 ` Michael Orlitzky
2015-11-02 1:22 ` [gentoo-dev] ChangeLog Duncan
2015-11-02 1:56 ` Rich Freeman
2015-11-02 6:08 ` Dale
2015-11-02 12:06 ` Rich Freeman
2015-11-02 20:00 ` Dale
2015-11-02 20:09 ` Ciaran McCreesh
2015-11-02 21:54 ` Dale
2015-11-02 22:02 ` hasufell
2015-11-03 1:20 ` Dale
2015-11-03 1:52 ` Matt Turner
2015-11-03 2:15 ` Dale
2015-11-03 7:22 ` Patrick Lauer
2015-11-03 12:00 ` Rich Freeman
2015-11-03 15:04 ` Chí-Thanh Christopher Nguyễn
2015-11-03 15:16 ` hasufell
2015-11-03 15:28 ` Rich Freeman
2015-11-05 14:33 ` Alexis Ballier
2015-11-07 4:25 ` Raymond Jennings
2015-11-07 22:24 ` Robin H. Johnson
2015-11-03 2:12 ` Rich Freeman
2015-11-03 2:31 ` Dale
2015-11-03 3:17 ` Rich Freeman
2015-11-03 6:43 ` Duncan
2015-11-03 6:52 ` Duncan
2015-11-03 11:41 ` Rich Freeman
2015-11-03 8:07 ` Dale
2015-11-03 2:32 ` Dale
2015-11-02 21:40 ` Daniel Campbell
2015-11-02 6:24 ` Patrick Lauer
2015-11-02 12:17 ` Rich Freeman
2015-11-02 8:04 ` Duncan
2015-11-02 2:04 ` Michael Orlitzky
2015-11-02 6:27 ` Patrick Lauer
2015-11-02 15:04 ` Michael Orlitzky
2015-11-14 16:36 ` Peter Stuge
2015-11-02 5:50 ` [gentoo-dev] ChangeLog - Infra Response Robin H. Johnson
2015-11-02 6:18 ` Michał Górny
2015-11-02 7:05 ` Ulrich Mueller
2015-11-02 20:18 ` Robin H. Johnson
2015-11-05 11:54 ` Alexis Ballier
2015-11-05 12:39 ` Ulrich Mueller
2015-11-07 23:07 ` Markos Chandras
2015-11-08 11:34 ` Andreas K. Huettel
2015-11-11 23:11 ` [gentoo-dev] ChangeLog - Infra Response; update 2015/11/11, potential impact to 30min rsync cycle Robin H. Johnson
2015-11-12 2:08 ` [gentoo-dev] " Duncan
2015-11-12 10:46 ` [gentoo-dev] " Alexis Ballier
2015-11-12 10:49 ` Jason Zaman
2015-11-12 10:52 ` Alexis Ballier
2015-11-12 10:57 ` Alexander Tsoy
2015-11-12 11:50 ` Alexander Tsoy
2015-11-12 11:12 ` Ulrich Mueller
2015-11-15 8:01 ` [gentoo-dev] " Ryan Hill
2015-11-14 17:01 ` [gentoo-dev] " Peter Stuge
2015-11-18 14:48 ` Peter Stuge
2015-11-18 17:55 ` Michael Orlitzky
2015-11-18 18:01 ` Michael Orlitzky
2015-11-02 16:37 ` [gentoo-dev] ChangeLog - Infra Response Brian Dolbec
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=563A3341.3040504@gentoo.org \
--to=chithanh@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox