Yeah, the lack of progress on the hash agility project is sad.
Git doesn’t use raw SHA-1, it has safety guards designed by an expert on breaking SHA-1, so it is less disastrous than it could be.
I wonder what are the interop risks of using either SHA1 or SHA1dc without any feature negotiation. I suppose accidentally triggering the collision detection mitigations is vanishingly unlikely in practice.
I’m guessing Microsoft wants to use all those CPU credits for continuing to rip people off with Large language models? Moving to sha2 would use too many credits they would keep our AI overlords Sad?
It seems git and github still use SHA-1 by default. This is very unfortunate
Yeah, the lack of progress on the hash agility project is sad.
Git doesn’t use raw SHA-1, it has safety guards designed by an expert on breaking SHA-1, so it is less disastrous than it could be.
I wonder what are the interop risks of using either SHA1 or SHA1dc without any feature negotiation. I suppose accidentally triggering the collision detection mitigations is vanishingly unlikely in practice.
I’m guessing Microsoft wants to use all those CPU credits for continuing to rip people off with Large language models? Moving to sha2 would use too many credits they would keep our AI overlords Sad?