From owner-freebsd-current@freebsd.org Fri Jan 1 16:56:55 2021 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 953DA4CD7C9 for ; Fri, 1 Jan 2021 16:56:55 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D6rlp5tCTz3Kbf for ; Fri, 1 Jan 2021 16:56:54 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wr1-x435.google.com with SMTP id w5so22281487wrm.11 for ; Fri, 01 Jan 2021 08:56:54 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ShMvuFWBOxLJI5yVygtGVqgdNjLEzjFbgL1ujj+uFvg=; b=OsuzA7rEDLQi2ntUJO8EJTsYnGmuo6fNmEqaFB/6/wDv21lz0wdMBerTI/5QIERfNM K6WQ6wYfYrnRSBXFUAd7SHHyS72B9vRWBuRslVzlc3/HHPfSoZ7rY23bXBGa/0xHVwdj 2aCqvQnHlmcxsTYJx3KOD/xONp9FhQU9wDynrMPEmqq8baRKuXRwm7A9iwUdvA8YeXFU z7fKWmjQ41XwPXbPcdoRoEZJ1wIi0s8vLF3/TXpEa8vPF3lBHL+PsXuLYuXEhSm5WWEF 31qBHwR1W5bCfe5m5cDLoWnefqngzaELvp4ZWQo6oYL+q6dVtm+5tZNvUsOUPNT1QDXA a9Bw== X-Gm-Message-State: AOAM533doy0CUGlDSdCawlBYZu9dpi5QH6VPMjHe+FzuHl98QpiHI62s qaVh0lxSZhBblIPPrQmtjN0xc7IrnwyB52rm X-Google-Smtp-Source: ABdhPJy0wxtAkdGB3KzNjfz4vWBKIaz4HLMSkJR03J70TNfgwkqRy3YT472B/YOE+ML+Duc9kr1IhQ== X-Received: by 2002:a5d:684b:: with SMTP id o11mr69625562wrw.157.1609520213157; Fri, 01 Jan 2021 08:56:53 -0800 (PST) Received: from gumby.homeunix.com ([90.195.197.185]) by smtp.gmail.com with ESMTPSA id e16sm82685806wra.94.2021.01.01.08.56.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Jan 2021 08:56:52 -0800 (PST) Date: Fri, 1 Jan 2021 16:56:51 +0000 From: RW To: freebsd-current@freebsd.org Subject: Re: HEADS UP: FreeBSD src repo transitioning to git this weekend Message-ID: <20210101165651.7319af5a@gumby.homeunix.com> In-Reply-To: References: <5fdc0b90.1c69fb81.866eb.8c29SMTPIN_ADDED_MISSING@mx.google.com> <20201218175241.GA72552@spindle.one-eyed-alien.net> <20201218182820.1P0tK%steffen@sdaoden.eu> <20201223023242.GG31099@funkthat.com> <20201223162417.v7Ce6%steffen@sdaoden.eu> <20201229011939.GU31099@funkthat.com> <20201229210454.Lh4y_%steffen@sdaoden.eu> <20201230004620.GB31099@funkthat.com> <20201231193908.GC31099@funkthat.com> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; amd64-portbld-freebsd12.1) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4D6rlp5tCTz3Kbf X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[googlemail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[googlemail.com:+]; DMARC_POLICY_ALLOW(-0.50)[googlemail.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RECEIVED_SPAMHAUS_PBL(0.00)[90.195.197.185:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[googlemail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::435:from]; DWL_DNSWL_NONE(0.00)[googlemail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[googlemail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::435:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::435:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jan 2021 16:56:55 -0000 On Thu, 31 Dec 2020 21:25:08 -0500 grarpamp wrote: > > Is there any reason to think [bittorrent] insecure? > > Cost under $50k of compute to break sha-1, AFAIK you cannot break SHA-1 in the sense of creating data that matches a specific hash. What you can do is create a collision between two blocks of data, varying both blocks in the process. This makes SHA-1 unsuitable for digital signatures. A *third-party* attacker cannot create a bogus torrent using a collision attack against SHA-1 because the attacker would need to match a specific hash value. What may be possible is that the creator of the legitimate torrent might create two torrents with the same hash, but this seems very contrived and not very useful. It has all sorts of problems as a way of delivering targeted malware.