Change Details

Files use plain SHA1 hashes in some cases, and an attack in this form may be possible in some situations now that a SHA1 collision is well-known: # Construct `evil.exe` and `good.exe`, which have the same SHA1 checksum. # Upload `evil.exe` first. # Give another user `good.exe` and convince them to upload it. # If the stars align, they may be served the file data for `evil.exe` instead of the data for `good.exe`. I believe there are a lot of other intermediate issues and (3) is probably pretty suspicious in most situations, but we should move to a stronger hash in the next iteration on Files.

Files use plain SHA1 hashes in some cases, and an attack in this form may be possible in some situations now that a SHA1 collision is well-known: # Construct `evil.exe` and `good.exe`, which have the same SHA1 checksum. # Upload `evil.exe` first. # Give another user `good.exe` and convince them to upload it. Then, convince them to download it and execute it. # If the stars align, they may be served the file data for `evil.exe` instead of the data for `good.exe`. I believe there are a lot of other intermediate issues and (3) is probably pretty suspicious in most situations, but we should move to a stronger hash in the next iteration on Files.

Files use plain SHA1 hashes in some cases, and an attack in this form may be possible in some situations now that a SHA1 collision is well-known: # Construct `evil.exe` and `good.exe`, which have the same SHA1 checksum. # Upload `evil.exe` first. # Give another user `good.exe` and convince them to upload it. Then, convince them to download it and execute it. # If the stars align, they may be served the file data for `evil.exe` instead of the data for `good.exe`. I believe there are a lot of other intermediate issues and (3) is probably pretty suspicious in most situations, but we should move to a stronger hash in the next iteration on Files.