Author: Will 2013-04-01 22:10:26
Published on: 2013-04-01T22:10:26+00:00
In a discussion on the Bitcoin-development mailing list in April 2013, Melvin Carvalho raised concerns about the potential for a SHA1 collision attack to insert a malicious pull request. However, Petr Praus responded that the likelihood of such an attack was small, as it would require finding a collision between two specific pieces of code. The discussion then turned to other potential threats, such as Github being compromised or one of the core developers' passwords being compromised. The participants agreed that peer review and open source collaboration were important for detecting and preventing suspicious commits.
Updated on: 2023-06-06T11:30:05.778922+00:00