piyush-kurur 2017-02-23 18:56:50
sha1 collided https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
piyush-kurur 2017-02-23 18:57:13
if you have not yet heard that is.
geekosaur 2017-02-23 18:57:48
(asked in -infra, but no response yet)
piyush-kurur 2017-02-23 18:59:14
geekosaur: Linus has been adamant about changing sha1 in git
geekosaur 2017-02-23 18:59:33
gt has a specific problem there
geekosaur 2017-02-23 18:59:43
sha1 hashes are what tie the whole thing together
piyush-kurur 2017-02-23 18:59:44
although it is still "safe" the way it is used in git, I think it is a problem
geekosaur 2017-02-23 19:00:30
fixing existing repos will more or less require export/reimport, and *every remote checkout will break*
piyush-kurur 2017-02-23 19:01:07
what are folks planning to do about github repositories ?
geekosaur 2017-02-23 19:01:11
basically, there is no "quick fix" for git; it's going to have to be very carefully planned and executed
piyush-kurur 2017-02-23 19:02:23
I hate this
geekosaur 2017-02-23 19:03:15
and a repo will pretty much have to be migrated along with all clones everywhere all at once, because the way patches get identified is the sha1 hash --- if you migrate some clones, others won't be able to commit or pull or ... until they also migrate
geekosaur 2017-02-23 19:03:50
(well, comit but the commit won't be able to go upstream and potentially might need to be undone and redone with new hash before it can)
geekosaur 2017-02-23 19:04:05
really, this is a major mess for git
MarcelineVQ 2017-02-23 19:04:09
sha1 for commits is a fingerprint rather than a security measure, will it matter?
geekosaur 2017-02-23 19:04:28
that's why linus is sitting tight for now
piyush-kurur 2017-02-23 19:04:47
MarcelineVQ: not so much but still problem in settings like commit signing
geekosaur 2017-02-23 19:04:54
no security implications (where security is involved they use gpg signing, iirc)
geekosaur 2017-02-23 19:05:06
but the fingerprint is what identifies a commit *everywhere*
geekosaur 2017-02-23 19:05:20
you can;t change it and it's not designed for upgrading
piyush-kurur 2017-02-23 19:05:40
time for a haskell clone of git I guess
MarcelineVQ 2017-02-23 19:05:59
we could call it something cool, like darcs
geekosaur 2017-02-23 19:06:24
heh
jle` 2017-02-23 19:07:27
attack is called 'shattered'. cute
piyush-kurur 2017-02-23 19:09:01
MarcelineVQ: I still have lots of love for darcs but you know the network effect.
piyush-kurur 2017-02-23 19:09:23
darcs will have its day I am sure of that
piyush-kurur 2017-02-23 19:09:46
like the way Haskell now has become almost mainstream
nshepperd_ 2017-02-23 19:12:48
Hm, migrating git repositories will break existing signed commits
nshepperd_ 2017-02-23 19:13:00
That's a bit sad
nshepperd_ 2017-02-23 19:19:13
Oh, i suppose not if they do it in such a way that the old sha1 based objects can be mechanically recovered.
geekosaur 2017-02-23 19:20:24
I *think* they're literally just hashes of the commit + author etc. info, so it should be recoverable, yes
geekosaur 2017-02-23 19:20:31
it'll be really slow though
geekosaur 2017-02-23 19:21:01
like darcs2 on a darcs1/old hash repo, before they removed old hash support (pretty much the same situation except they also changed what they hashed iirc?)
geekosaur 2017-02-23 19:23:15
and ... github's going to be screwed regardless, I suspect, but especially if they handle migration by on the fly rehashing
geekosaur 2017-02-23 19:23:22
their load'll go through the root
geekosaur 2017-02-23 19:23:24
*roof
geekosaur 2017-02-23 19:25:16
in any case, there's no quick patch answer because sha1 hashes are so central to the whole git model and pretty much eveyr option sucks horribly one way or another
geekosaur 2017-02-23 19:26:12
(also it has occurred to me that this *does* have security implications, but I think it best to hold that one close for now)
nshepperd_ 2017-02-23 19:26:54
The commit contains hashes of parent commits and blobs etc. It's one giant merkle tree
geekosaur 2017-02-23 19:27:08
yep
pikhq 2017-02-23 19:27:28
Mercifully, that does also make attacks rather harder to achieve.
nshepperd_ 2017-02-23 19:27:44
Oh, you could keep the old sha1 hashes around actually, then it would no slower than now
pikhq 2017-02-23 19:28:00
Still, pretty imperative to move away from SHA-1 *before* the attack gets extended enough to make git break.
geekosaur 2017-02-23 19:28:30
mm, looks like reddit's already on the case anyway
athan 2017-02-23 19:40:26
@ask ski Have you looked into Curry?
lambdabot 2017-02-23 19:40:26
Consider it noted.
athan 2017-02-23 19:40:29
:v!!
JuanDaugherty 2017-02-23 19:40:51
he undoubtedly has
athan 2017-02-23 19:43:00
JuanDaugherty: Have you? He mentioned Oz to me recently, but I feel like it's a bit out of my league
JuanDaugherty 2017-02-23 19:44:18
yes, they (Curry) have a channel here (assume that's what you meant by have I). Oz is new to me or have forgotten
JuanDaugherty 2017-02-23 19:44:52
i.e., they the main implementation in de
