On 29.01.2012 16:34, Bojan Smojver wrote: > On Mon, 2012-01-30 at 02:22 +1100, Bojan Smojver wrote: >> we could run the hash value produced by hashing the strings through >> the hash function twice
This is overkill. If the current hash function isn't good enough, running stuff through it twice isn't going to help. I posit that the results are good enough now, since the default implementation isn't meant to be cryptographically secure, let alone unattackable. Spending more time grinding on the same set of bits isn't going to make a badly designed application any more robust. -- Brane
