From beee1c562bce149a7338d7516eaa9c08d97bd0e0 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Thu, 23 Feb 2017 19:06:06 -0400
Subject: add para

---
 doc/devblog/day_449__SHA1_break_day.mdwn | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/devblog/day_449__SHA1_break_day.mdwn b/doc/devblog/day_449__SHA1_break_day.mdwn
index df140be2f..a5287ff7c 100644
--- a/doc/devblog/day_449__SHA1_break_day.mdwn
+++ b/doc/devblog/day_449__SHA1_break_day.mdwn
@@ -7,6 +7,13 @@ very wealthy attackers. But we're well past the time when it seemed ok that git
 uses SHA1. If this gets improved into a chosen-prefix collision
 attack, git will start to be rather insecure.
 
+Projects that store binary files in git, that might be worth $100k for an
+attacker to backdoor **should** be concerned by the SHA1 collisions.
+A good example of such a project is
+<git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git>.
+Using git-annex (with a suitable backend like SHA256) and signed commits
+together is a good way to secure such repositories.
+
 git-annex's SHA1 backend is already documented as only being 
 "for those who want a checksum but are not concerned about
 security", so no changes needed here.
-- 
cgit v1.2.3