similar to: Checksums for git repo content?

On 02/23/2017 01:03 PM, Lamar Owen wrote: > On 02/23/2017 03:32 PM, James Hogarth wrote: >> On 23 February 2017 at 19:55, Lamar Owen <lowen at pari.edu> wrote: >>> Not to stir up a hornets' nest, but how does Google's announcement at >>> https://shattered.it affect this now? (Executive summary: Google has >>> successfully produced two different

On 02/23/2017 03:32 PM, James Hogarth wrote: > On 23 February 2017 at 19:55, Lamar Owen <lowen at pari.edu> wrote: >> Not to stir up a hornets' nest, but how does Google's announcement at >> https://shattered.it affect this now? (Executive summary: Google has >> successfully produced two different PDF files that hash to the same SHA-1.) >> There is a whole

On Tue, 2006-02-21 at 14:58 -0800, rsync2eran@tromer.org wrote: > A year ago we discussed the strength of the MD4 hash used by rsync and > librsync, and one of the points mentioned was that only collision > attacks are known on MD4. Could you please forward this into the bug tracker so it's not lost? -- Martin -------------- next part -------------- A non-text attachment was

On 02/09/2017 03:12 PM, Johnny Hughes wrote: > The patch files are in git as text files, right? Why would you need > checksums of those? That is the purpose of git, right? > Not to stir up a hornets' nest, but how does Google's announcement at https://shattered.it affect this now? (Executive summary: Google has successfully produced two different PDF files that hash to the

We still have MD5 as our default password hash, even though known-hash attacks against MD5 are relatively easy these days. We've supported SHA256 and SHA512 for many years now, so how about making SHA512 the default instead of MD5, like on most Linux distributions? Index: etc/login.conf =================================================================== --- etc/login.conf (revision

if( you_want_to_make_a_game_with_ruby ) { http://shattered.hastilymade.com/shattered_ruby.png http://shattered.hastilymade.com/shattered_ruby.png http://shattered.hastilymade.com/shattered_ruby.png Shattered 0.3 has just been released! Inspired by Ruby on Rails, Shattered is doing for game development what rails has done for web development. Get it here ! We''ve made this

Some time ago I mentioned the online version of the book "Numerical Recipes in C" http://www.ulib.org/webRoot/Books/Numerical_Recipes/ and inadvertantly stirred up a hornets' nest. I obtained from this book code to calculate the Incomplete beta function. It appears in: 6.4 Incomplete Beta Function, Student?s Distribution, F-Distribution, Cumulative Binomial Distribution, p.226, and

https://wiki.asterisk.org/wiki/display/AST/STIR+and+SHAKEN The Wiki above is misleading in what Stir-Shaken means and how it works. End users cannot get a certificate, they cannot self-certify their calls. Somebody completely misunderstood the model. I am afraid the moment will come and thousands of Asterisk operators will be unable to terminate calls. To start with, the model is a hierarchical

Hi, I was sure I sent this to openssh at openssh.com, but cannot find that email now in my Sent mailbox, so I am sending it to the developers list. I took a liberty and wrote an I-D with accompanying patch (with contributions from Ondrej Caletka) to support ECDSA in the SSHFP DNS resource record. The I-D is here: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa-sha2 (and the source XML

Hi, I just completed a really big rsync described earlier. Ie about 13,945 directories transfered about 600GB of data. Of 13,945 directories, 13,9441 directories transfer with matching du -b sizes of the preimage to the size of the destination machine image. of the 4 remaining directories i found source vs destination in bytes --------- a) 20480 vs 34922496 b) 28672 vs

Is there a list anywhere of the DTrace FBT provider calls for each version of Solaris since the Nevada build that hosed the DTrace Toolkit. I have no issue with rewriting what I need, but I am hoping to stave off having to look at all the source code to find everything. I know there is a new provider under development, but I need to be able to program DTrace routines for all the updates in

I am new to R, so please forgive me if there is an obvious answer to this question. I have done fairly extensive searching through R docs, google and a few R users and have not found an answer to my question. Is there a way to create a non-interpreted string object in R? For example, I am using R in a MS Windows environment and I would like to paste DOS paths into some R command:

In a few weeks, no SIP call is going to terminate unless they are signed properly, as mandated by law. We are in the business of Stir-Shaken, signing calls, as an FCC-approved provider. A big differentiator between our service and the rest: we are the only ones who don't need to receive the calls in our servers to sign them. We do this over a MySQL call, easily connectable to Asterisk via

I am looking for a decent provider of SIP Trunks but it has to pass the Stir Shaken token to the next carrier. Does anybody know about any? Sipstation from Sangoma, does not support Stir Shaken. ( Case #01466843 / 0013000000G8PLG / MAIN / Open [ ref:_00D306mPe._5004U1BlBLF:ref ]) Although it's mandatory, somehow they think it's ok. Go figure. -------------- next part -------------- An

On 01/08/2013 03:45 PM, Chris Lattner wrote: > It's seems like a quiet and peaceful day, lets stir things up a bit :) > > How crazy would it be for us to start using basic C++'11 language features (but not C++'11 library features) in LLVM: things like auto, rvalue-refs, lambdas, etc? I think that we can keep things well defined with a few simple requirements: language

I need to point out the this is factually misleading and materially false: "I think this, being the basis of your whole argument, is the fallacy. S/S is forcing people to take responsibility, for sure, but carriers won't just let their customers leave because they don't want to sign calls. It will force them to make sure they know who their customers are, and make it impossible for

> > There is a big confusion here about Stir Shaken. It is NOT a provider > issue. Un fact, all providers are whasing their hands and modifying their > swihtches to pass-through the Signature. They cannot sign the call because > then the become the responsible party for the call before the FCC, and > liable for any illegal call. Every owner of a PBX that sends calls to the >

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have done some additional testing, and gotten it a bit close to what I was looking for. I had to modify the cat.c to eliminate the printing of the arguments and file name, and added a Press Enter to return menu line. With the below isolinux.cfg the options do display the files, and pressing enter than returns to the vesamenu. DEFAULT

Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the

There are known Collision Attacks for the MD5SUM method of hashing, so it is possible to modify a file and make it have the same MD5SUM as another file. See this link for details on Collision Attacks: http://en.wikipedia.org/wiki/Collision_attack Recommendation from the US-CERT concerning MD5SUM hashes: http://www.kb.cert.org/vuls/id/836068 Based on the above information, the CentOS team will