• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [NSPipe pipe] returning nil (running out of filehandles?)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [NSPipe pipe] returning nil (running out of filehandles?)

  • Subject: Re: [NSPipe pipe] returning nil (running out of filehandles?)
  • From: John Stiles <email@hidden>
  • Date: Wed, 02 Apr 2008 09:19:15 -0700
John Stiles wrote:
Jens Alfke wrote:


Also, you're aware that MD5 shouldn't be used for anything security-related anymore? Last I heard it's pretty close to being fully broken. SHA-1 is a lot more secure, and has a larger output which itself makes collisions less likely.

"Fully broken"? I don't know about that. Simpler variants—I think it was MD4?—have some kind of non-threatening attacks, e.g. the keyspace for finding a packet with the same signature is several powers of 2 less than the full keyspace. But the matching packet will basically be identical except a handful of bits are flipped. And AFAIK nobody is even remotely close to finding a technique which would let you write arbitrary data and then tack on a few bytes to get the signature you want, and that's what I'd call "fully broken," at least that's what you'd need to find in order to make an exploit. Nobody has done any of this for real MD5 yet as far as I know. (In fact, I am not sure that anyone has found any two packets that generate an identical MD5 signature!)

If you are not CPU bound, SHA-1 is probably better anyway, but don't feel obligated to use it if it turns out to be a performance concern. I think it's going to be quite some years before we see a viable approach for hacking MD5 in such a way that it would create an actual security concern.
I take it all back; in 2007 there was an MD5 attack discovered which actually allows for completely different binaries that sign the same. Check Wikipedia for the details, but basically MD5 is totally broken now. Wow, times change!!

SHA-1 it is, if security is a concern.

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: [NSPipe pipe] returning nil (running out of filehandles?)

      • From: Alastair Houghton <email@hidden>
      • 

    • Re: [NSPipe pipe] returning nil (running out of filehandles?)

      • From: "Michael Ash" <email@hidden>
      • 





References: 


 >[NSPipe pipe] returning nil (running out of filehandles?) (From: Martin Redington <email@hidden>)


 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Jim Correia <email@hidden>)


 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Martin Redington <email@hidden>)


 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Jens Alfke <email@hidden>)


 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: John Stiles <email@hidden>)






    

  • Prev by Date:
Re: [NSPipe pipe] returning nil (running out of filehandles?)

    • 

  • Next by Date:
Re: [NSPipe pipe] returning nil (running out of filehandles?)

    • 

  • Previous by thread:
Re: [NSPipe pipe] returning nil (running out of filehandles?)

    • 

  • Next by thread:
Re: [NSPipe pipe] returning nil (running out of filehandles?)

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •