I would really like to see if we are attackable like that (I skim through the slides). Levente I'm also interested in your other attack.
Stef On Dec 30, 2011, at 5:45 PM, Levente Uzonyi wrote: > On Fri, 30 Dec 2011, Levente Uzonyi wrote: > >> On Fri, 30 Dec 2011, Philippe Marschall wrote: >> >>> Hi >>> As you probably noted string hash collisions are all the rage these days >>> [1]. Has anybody looked into whether this applies to Pharo as well? >> >> I'm sure it does. > > Ok, I read the slides. Pharo is vulnerable, but the hash function is more > complex than those in PHP, Java, etc. (though it has only 28 bits), so I > guess it's a bit harder to find enough strings with clashing hashes. > > > Levente > >> >> >> Levente >> >>> [1] http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html >>> Cheers >>> Philippe >> >> >
