diff options
| -rw-r--r-- | doc/devblog/day_449__SHA1_break_day.mdwn | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/devblog/day_449__SHA1_break_day.mdwn b/doc/devblog/day_449__SHA1_break_day.mdwn index 0342582f3..df140be2f 100644 --- a/doc/devblog/day_449__SHA1_break_day.mdwn +++ b/doc/devblog/day_449__SHA1_break_day.mdwn @@ -2,7 +2,8 @@ produced by an identical-prefix collision attack. After looking into it all day, it does not appear to impact git's security -immediately. But we're well past the time when it seemed ok that git +immediately, except for targeted attacks against specific projects by +very wealthy attackers. But we're well past the time when it seemed ok that git uses SHA1. If this gets improved into a chosen-prefix collision attack, git will start to be rather insecure. |