Re: That's not how hashes work
The approach you describe (hiding random data in a comment) would be much more difficult to hide from Git than 'merely' generating a collision of the sort being discussed. Git doesn't just hash the content--it prepends a header that includes the size of the object in question. This means that the 'doctored' content must either be the exact same size as the original, or the collision must also take the header into account. Accomplishing either of these things is significantly more difficult than simply generating a collision. Not impossible, but not--for the moment--a credible threat. Really it just means that they should move to a larger hash some time within the next few years or so.
Oh yeah.. It also just occurred to me that this type of attack also assumes that nobody is going to bother looking at the commit diff for some reason. "Some random person just made a +1329 / -7 commit to the kernel, you say? About time those bums did something substantial. I'm sure it's fine."
On a side note, I've only recently started digging in to how Git works under the covers, and I hadn't quite worked out what the reason was for including size information when hashing 'blob' objects. Well, now I know.
Biting the hand that feeds IT
