At 18:07 -0500 27 Nov 2012, Jeff King <> wrote:
PS I also think the OP's "sockpuppet creates innocuous bugfix" above is
  easier said than done. We do not have SHA-1 collisions yet, but if
  the md5 attacks are any indication, the innocuous file will not be
  completely clean; it will need to have some embedded binary goo that
  is mutated randomly during the collision process (which is why the
  md5 attacks were demonstrated with postscript files which _rendered_
  to look good, but contained a chunk of random bytes in a spot ignored
  by the postscript interpreter).

I don't think that really saves us though. Many formats have parts of the file which will be ignored, such as comments in source code. With the suggested type of attack, there isn't a requirement about which version of the file is modified. So the attacker should be able to generate a version of a file with an innocuous change, get the SHA-1 for that, then add garbage comments to their malicious version of the file to try to get the same SHA-1.
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to
More majordomo info at

Reply via email to