diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-02-23 17:11:46 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-02-23 17:11:46 -0400 |
commit | a6ee171c9b2b50598f909ac8ed01355cb06bfd15 (patch) | |
tree | 1085638262983612caa26d10c8c1c80c9ee44cab /doc | |
parent | 9516aae38cc3593b58fe60c4dc780522cdf2950a (diff) |
slight correction
Diffstat (limited to 'doc')
-rw-r--r-- | doc/devblog/day_449__SHA1_break_day.mdwn | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/devblog/day_449__SHA1_break_day.mdwn b/doc/devblog/day_449__SHA1_break_day.mdwn index 0342582f3..df140be2f 100644 --- a/doc/devblog/day_449__SHA1_break_day.mdwn +++ b/doc/devblog/day_449__SHA1_break_day.mdwn @@ -2,7 +2,8 @@ produced by an identical-prefix collision attack. After looking into it all day, it does not appear to impact git's security -immediately. But we're well past the time when it seemed ok that git +immediately, except for targeted attacks against specific projects by +very wealthy attackers. But we're well past the time when it seemed ok that git uses SHA1. If this gets improved into a chosen-prefix collision attack, git will start to be rather insecure. |