diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2017-02-24 00:28:15 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2017-02-24 00:28:15 -0400 |
| commit | ef24392f8488cf3649c422eeab614a056d89d2d0 (patch) | |
| tree | 0d382b36ca734691caa57e90a1fa42914b0b117b /doc/devblog | |
| parent | 7c97656dda76c83383554005bd0f7b5e24993efa (diff) | |
updates
Diffstat (limited to 'doc/devblog')
| -rw-r--r-- | doc/devblog/day_449__SHA1_break_day.mdwn | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/doc/devblog/day_449__SHA1_break_day.mdwn b/doc/devblog/day_449__SHA1_break_day.mdwn index a5287ff7c..df7085602 100644 --- a/doc/devblog/day_449__SHA1_break_day.mdwn +++ b/doc/devblog/day_449__SHA1_break_day.mdwn @@ -11,9 +11,11 @@ Projects that store binary files in git, that might be worth $100k for an attacker to backdoor **should** be concerned by the SHA1 collisions. A good example of such a project is <git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git>. + Using git-annex (with a suitable backend like SHA256) and signed commits -together is a good way to secure such repositories. +together is a good way to secure such repositories. -git-annex's SHA1 backend is already documented as only being -"for those who want a checksum but are not concerned about -security", so no changes needed here. +Update 12:25 am: However, there are some ways to embed SHA1-colliding data +in the names of git-annex keys. That makes git-annex with signed +commits be no more secure than git with signed commits. I am working +to fix git-annex to not use keys that have such problems. |