Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
petertodd
on Feb 23, 2017
|
parent
|
context
|
favorite
| on:
Announcing the first SHA-1 collision
Git's workflow makes first-preimage attacks dangerous, because a mallicious third-party may submit a pull-req to your repo that contains files for which they've pre-generated a collision:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017...
Git
is
vulnerable to SHA1 collisions in standard development workflows.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Git is vulnerable to SHA1 collisions in standard development workflows.