Re: perl's hash randomization in the news

On Thu, Dec 29, 2011 at 02:25:37PM -0800, Greg Lindahl wrote:
>  The researchers concluded that the best way of avoiding the problem is
>  to use randomised hash functions such as those used in Perl, which
>  were included after a security conference paper on the technique was
>  published in 2003PDF. CRuby 1.9 has used a similar randomisation
>  technique since 2008.
> 
> http://www.h-online.com/open/news/item/28C3-Denial-of-Service-attacks-on-web-applications-made-easy-1401863.html

It's really strange watching what seems to be general mass panic* about
something that we calmly fixed the better part of a decade ago.

Nicholas Clark

* sky is falling, etc

• perl's hash randomization in the news by Greg Lindahl
• Re: perl's hash randomization in the news by Reini Urban
• Re: perl's hash randomization in the news by Nicholas Clark
• Re: perl's hash randomization in the news by David Nicol
• Re: perl's hash randomization in the news by demerphq
• Re: perl's hash randomization in the news by Tom Christiansen
• Re: perl's hash randomization in the news by Reini Urban
• Re: perl's hash randomization in the news by Zsbán Ambrus
• Re: perl's hash randomization in the news by Nicholas Clark
• Re: perl's hash randomization in the news by demerphq