> On Dec 1, 2013, at 10:43 AM, Quincey Morris > <quinceymor...@rivergatesoftware.com> wrote: > > > I doubt I can talk you out of it, but the truth is that you — like every one > of the rest of us, because we’ve got human brains — are really, really lousy > at intuiting about randomness and probabilities. What we *think* isn’t worth > the paper our emails are printed on.
In this case, the collision probabilities of SHA-1 are pretty well-known. And unlike other implementations, Graham’s use case isn’t really concerned with malice. But as a matter of principle, it’s negligent to knowingly design a system that will silently drop user data in normal operation. There are plenty of times you can make a reasonable argument for “that’s good enough,” but as far as I’m concerned, preserving user data is never one of them. --Kyle Sluder _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
