On Tue, Sep 16, 2014 at 5:11 AM, Gordon Pettey <petteyg...@gmail.com> wrote: > On Mon, Sep 15, 2014 at 7:02 AM, hasufell <hasuf...@gentoo.org> wrote: >> >> hasufell: >> > >> > * there is no known SHA-1 collision afais >> > * calculating one isn't that hard. NSA might be able to do it in >> > reasonable time >> > * however, the algorithms to do that will come up with random garbage, >> > so it's a completely different thing to hide a useful vulnerability >> > behind a SHA-1 collision >> > >> >> That said... an attacker who has that much resources to calculate a >> _random_ hash collision in reasonable time would certainly have a lot of >> easier attack vectors than forging a _non-random_ hash collision that >> contains actual working code (which, afaiu doesn't effectively work with >> the current attack algorithms on SHA-1). >> >> He could simply break into one of the ~200 developer computers. There's >> a pretty high chance at least one of them is running windows or known >> vulnerable versions of the kernel or other random packages. >> >> No need to waste millions of dollars on SHA-1. > > > Even if you wanted to burn the money to find that magical collision that > actually contains working code, you've still got to somehow propagate that > to other repositories, since they'll just ignore it for having the same hash > as an already-existing object.
In the fetch/pull case, if you receive the "same" object that you already have, git performs byte-to-byte comparison and warns loudly if the "new"object does not match yours. -- Duy
