Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Security experts all agree: it's time to get rid of SHA-1

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

March 20, 2017

After last month's loud controversy over whether or not Google's SHA-1 security vulnerability broke GitHub, its community has taken the first steps towards replacing the aging hash function.

In February, Google produced the first reproduceable SHA-1 'data collision' needing relatively low computing power, something that renders a hash function obsolete since it's no longer possible to prove that a hashed document is unique.

For several years already, internet security researchers all over the world standard's advice has been: “get rid of SHA-1”, and that led to some criticism of Linus Torvalds' famous Git version control system for holding onto it.

But Torvalds' response was that SHA-1 is used for version control, not security, so while replacing it is a good idea, it's not that urgent. Of course, there are many people, both in the security community as well as in the Linux blogosphere that didn't agree with him since SHA-1 is so deprecated.

But Torvald kicked off discussions among the Git developer community early this month by asking how SHA-1 can best be replaced.

It's not a trivial “out with the old, in with the new” exercise, as Torvalds' request for comment states-- it has to happen with minimal disruption to developers who depend on Git. To be sure, Git itself has to stay maintainable throughout the transition, and in the end, the community will need “a generalized repository conversion tool”.

The commits are now landing apace in the Git repo, and it's sparked a lively discussion about which hash should be the successor. For your information, the Git development community has settled on SHA3-256.

Source: SAP.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer