Musings - 8th December 2004 - Jason Stirk's Blog

Your Shameless Host

Hi! Welcome to the personal blog of Jason Stirk (Griffin) - a slightly unhinged web application developer living in Lismore, NSW (yes, that's in Australia).

I am Development Manager with reInteractive where I do a lot of Ruby on Rails Development.

The opinions on this site do not necessarily reflect the opinions of my employer, regardless of how awesome either party may be.

I work almost exclusively with Ruby and Ruby and Ruby on Rails, although my sordid past has seen me work in a variety of languages, as well as administering various flavours of Linux servers.

Development Services

RubyX provide a range of development services, including Ruby on Rails Development, emergency application support, maintenance, code reviews and training.

Recently, On The Blog

Our 3 Laws (of Cucumber) 13Sep2010
Facebooker and Cucumber: Within the Canvas and Without 19Jul2010
Vim Tricks for Ruby and Rails Developers 09Jun2009
The New Adventures of Aurora Software 29Mar2009
Dynamic Routes in Rails Redux 14Aug2008
Ruby Enterprise Edition Gem Install Script 10Jun2008
Thoughts and Observations on ICT in Education 28May2008
Maybe I Should Be a Plumber? 04Apr2008

or, view the full archive of posts.

Pieces of Me

Seems I'm spread all over the net these days...

Link Love

Here are a few trendy folks that I know, or have worked with.

Syndicate

It was an awesome game, but that's not what I meant! I meant FEEDS! Of the RSS and ATOM flavours! Get them while they're still meaty!

Musings - 8th December 2004

Wed, 08 Dec 2004 12:44:00 GMT | Permalink

Slashdot mentioned today that MD5 To Be Considered Harmful Someday (PDF here).

I must admit, I was quite suprised by the way that the attack takes place. I'd always been under the impression that the collisions in the MD5 algorithm were collisions with data of vastly different sizes. Instead, it appears that it is possible to swap out chunks of a file to produce the same MD5 hash.

Thankfully, it appears that SHA1 (which I am quite suprised is a W3C specification) is not (yet) vulnerable to this attack. However, as was noted on Slashdot, by the entire way a hashing algorithm works you expect there to be some collisions. If you want no collisions, then just use the raw binary data.

Also this morning, I came across an interesting post by Drew McLellan titled Mental Clarity. Anyone who has been involved developing a project larger than "Hello World" knows what he is talking about. My response is here.

If you found this post useful, please recommend me on WorkingWithRails.

Comments are gone until I sort them out, sorry!

Feel free to hit me up on Twitter as j_stirk.

Griffin::blog()