Just downloading some updates and checking #SHA hashes, like you do. Insofar as people actually bother, I wonder how many people just look at the first few digits and the last few digits and call it a day. Which raises a question: has anyone ever explored the idea of hash "partial" collisions in a crypto context? I.e. if the first and last 8 hex digits are the same, but the middle could differ. Might be a useful thing for some attackers trying to deposit nasty things in public repositories. #Malware#HashCollisions#Cryptography#Software#InfoSec#SupplyChain
Could you give me some advice (and sources!) towards #openLDAP? Is #SSHA (seeded #SHA) in any way still a valid scheme in 2023? I see only "SHA-1" and then I'm quitting.
Is there any way to somehow see SSHA as acceptable nowadays or should I enforce use of crypt/sha-512 "$6$%.16s"?