Joerg Jaspert <joerg@debian.org> writes: > On 14026 March 1977, Vincent Lefevre wrote: > >>> > contents that match in size and sum(1). I did it just with an >>> > editor, ddrescue and data from /dev/urandom, by brute force, without >>> > any knowledge about the algorithm of sum. And I did it not once, but >>> > twice. >>> sum(1) just gives a 16-bit checksum! So, it suffices to generate >>> N*65536 random compressed tarballs to get around N collisions with >>> a given file. Then the only problem is to get the right size, but >>> if one has random input, it is (almost) not compressible, so that >>> one will get "almost" the same size for each tarball. By controlling >>> how compression is done to reach the right size, this should even be >>> easier. >> The following script gives lzip collisions after a few seconds between >> arbitrary lzip tarballs. This is easier that a collision with a fixed >> tarball because of the birthday paradox. But one can do something >> similar by going to at most a few millions to get a collision with >> some given tarball of about 64 KB. > > Is it only me thinking it now or is this really gone over way into the > comedy section? Why isn't this on -curiosa? NO, it definitely isn't just you -- and the rest of your post was spot on too. Please stop this nonsense forthwith. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
Attachment:
signature.asc
Description: PGP signature