/!\ Beware sourceforge
#13
(19 Aug 15, 06:38PM)damien Wrote: https://www.schneier.com/blog/archives/2...roken.html

It's breakable by anybody having a "little" money... We don't know who controls sourceforge. And today, cloud computing is quite easily available. No need to get paranoid, but as a common matter of principle, let's avoid them.

And anyway, we don't need to worry when using sha256 isn't more complicated.
That's old news. That is the theoretical vulnerability that I mentioned. 10 years later, there are still no practical attacks that work for SHA1, even if you have a "little" money. And anyway, it's no extra effort to include SHA1 hash for those who don't have the tools for other hashes.
Thanks given by:


Messages In This Thread
/!\ Beware sourceforge - by damien - 11 Aug 15, 12:22PM
RE: /!\ Beware sourceforge - by ExodusS - 11 Aug 15, 02:41PM
RE: /!\ Beware sourceforge - by damien - 11 Aug 15, 02:55PM
RE: /!\ Beware sourceforge - by Mousikos - 11 Aug 15, 03:28PM
RE: /!\ Beware sourceforge - by damien - 11 Aug 15, 03:40PM
RE: /!\ Beware sourceforge - by Waffles - 11 Aug 15, 11:27PM
RE: /!\ Beware sourceforge - by damien - 12 Aug 15, 09:50AM
RE: /!\ Beware sourceforge - by Mousikos - 12 Aug 15, 03:37PM
RE: /!\ Beware sourceforge - by JMM - 13 Aug 15, 05:35AM
RE: /!\ Beware sourceforge - by damien - 19 Aug 15, 06:38PM
RE: /!\ Beware sourceforge - by Mousikos - 19 Aug 15, 08:22PM
RE: /!\ Beware sourceforge - by MorganKell - 20 Aug 15, 09:09AM
RE: /!\ Beware sourceforge - by JMM - 20 Aug 15, 09:49AM
RE: /!\ Beware sourceforge - by Brett - 22 Aug 15, 06:14AM