On Mon, Jan 4, 2021 at 3:44 PM Poul-Henning Kamp <phk_at_phk.freebsd.dk> wrote: > Shattered is less impressive when you take into account that you > can stuff as much much garbage into a PDF file as you need, without > affecting the files normal function. > > Compact data formats, formats which leave no wiggle-room and do not > offer extension-space for "attic-junk", are much harder to produce > *meaningful* collisions for. > > (I take no opinion in where git is on that spectrum.) FWIW, a coworker of mine had a little hobby of introducing commits into our internal repro that had hashes that all started with deadc0de. As I understand it, it was able to do this by adding an bogus attribute with the right value to the commit object. Now, brute-forcing 8 digits in the hash is one thing and doing it for all 40 is quite another, but I suspect that this demonstrates that it's *possible* to do it for a git hash, given enough computing resources.Received on Mon Jan 04 2021 - 20:44:12 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:26 UTC