https://bugs.kde.org/show_bug.cgi?id=415978
Bug ID: 415978
Summary: KDE Connect only has SHA1 as authentication, but SHA1
is insecure, because it can be faked since 2017
Product: kdeconnect
Version: unspecified
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: common
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
SUMMARY
SHA1 is insecure - but the only authentication method available in KDE Connect
STEPS TO REPRODUCE
Example of brokenness ob SHA1:
https://sha-mbles.github.io/
https://hackaday.com/2017/02/23/shattered-sha-1-is-broken/
SOFTWARE/OS VERSIONS
All systems
--
You are receiving this mail because:
You are watching all bug changes.
