Robin H. Johnson wrote: > Joey Hess discussed this two years ago, and again last week: > http://kitenet.net/~joey/blog/entry/size_of_the_git_sha1_collision_attack_surface/ > > This is easy in the kernel tree, it's got lots of eyeballs and only few > binary files. This isn't true for lots of other Git trees, a tree with a > JPEG image or a gzip file would be a great target. The most credible attack I have so far does not involve binary files in tree. Someone pointed out that git log, git show, etc stop printing commit messages at NULL. So colliding binary garbage can be put in a commit message and be unlikely to be noticed, and the commit can later be altered to point to a different tree. https://github.com/joeyh/supercollider joey@gnu:~/tmp/supercollider>git log commit 24f30db5790b209fa412ce81c5ef2bf8af5fd4d7 Author: Joey Hess Date: Fri Sep 9 11:49:21 2011 -0400 an innocent commit If this were a sha1 colliding attack, there would be some sort of binary garbage below. Which there isn't. So this can be safely merged. joey@gnu:~/tmp/supercollider>git cat-file commit 24f30db5790b209fa412ce81c5ef2bf8af5fd4d7 tree 735a7633237c07b398856005de3bc9ea00446747 author Joey Hess 1315583361 -0400 committer Joey Hess 1315583361 -0400 an innocent commit If this were a sha1 colliding attack, there would be some sort of binary garbage below. Which there isn't. So this can be safely merged. ??b???[?i??ͯ?t? 2??????os??Q??H?޸*zl?RA˂q?E ?E7???\?m???U?>MU GY?d)?ȼ??'g?~D??ɯhQ????/"E??X?m???^͸??S?D??;w6(?`??>?縘?AѲ?*!??@v????>?8??2?!??=*?J  ???ynH???c?w?\??K7???N?6?????A5?FM?wZ?~?pKY?R???s7??(?ƶ?_"??m%????1a??ʀ??K[ t????!A0?ΈfT.?T?w?򁛵ƌ ?р???aco?V/2??nَ? ?}?6?_?z?{ It might be worth ameloriating that attack by making git log always show the full buffer. Or it would be easy to write a tool that finds any commits that have a NULL in their message. -- see shy jo