Re: That's not how hashes work
Sorry, but no it doesn't! Any hash key can produce only a limited number of distinct results, and while the greater the number of bits in use, the less chance of *accidentally* encountering a collision. To go from "the chances of a random collision are vanishingly small" to "it always produces a unique result" is the sort of dangerous mistake that hackers love to exploit.
Linus was using SHA-1 as a cheap way of calculating a hash that was *very unlikely* to collide, the hackers are using a known algorithm to produce a predetermined result.
Imaging Linus was simply summing the bits mod 1024. there would a 1 in 1024 chance of a collision. If a hackers target has a hash of 512 and the code they want to use has a hash of 384, then they just have to add 128 to produce a valid fake.
Biting the hand that feeds IT
