this post was submitted on 11 Nov 2023
32 points (64.8% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54443 readers
211 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm curious, I thought with DHT the hash of the file would suffice?
easy for the malicious to spoof...
What do you mean? Are you talking about the hash being spoofed?
It's fairly trivial to craft a dummy file that has the same hash as any given file, the chance of that happening randomly is infinitesimal, hence the usefulness of hashing, but it has been done in the past as a way to poison torrents.
This is FUD. There is no publicly known pre-image attack against SHA1, the hash used in mainline DHT.
Huh, there has been a detected SHA1 hash collision in 2017. But unless your malicious actor is the NSA it’s unlikely they would be able to crack the hash
https://shattered.io/
Collision, not pre-image attack (the two are different)