Sound and fury, signifying nothing
Given enough time and resources, all security will be breached. The point of security is not to stop the inevitable, but merely to slow it down long enough for the breach to no longer matter.
Calculating just a single collision in 6,500 years of CPU time is not exactly what I'd call the death blow for SHA1. That's still significant enough that manufacturing collisions for low-grade material just won't be worth the effort, and even military stuff will be old news by the time you've compromised it.
Maybe if you could spoof target coordinates in under 60 seconds using a smartphone you might have a problem, or if you'd be inclined to waste 100k+ on the equipment necessary to fiddle with the terms of somebody's 50k contract, but as it stands none of that is likely any time soon, which means the security is doing its job as designed.
That will not always be the case for SHA1, but it's far too soon to hit the panic button, unless your primary interest is hype not security.
Biting the hand that feeds IT
