Plurrrr

SHA1 should no longer be used anymore

Everyone should switch to (in order of preference):

• BLAKE2b / BLAKE2s
• SHA-512/256
• SHA3-256
• SHA-384
• Any other SHA2-family hash function as a last resort

...unless they're storing passwords! In which case, they should switch to (in order of preference):

• Argon2id with memory >= 32MiB, >= 2 rounds, and >= 2 parallelism
• scrypt / yescrypt with memory >= 32 MiB, >= 4 rounds, and >= 1 parellelism
• bcrypt (for PHP devs, password_hash() and password_verify() does the trick)
• PBKDF2-SHA512 with 85,000 iterations as a last resort

But SHA1 should no longer be used anymore. No excuses.

― Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprises.

Source: SHA-1 collision attacks are now actually practical and a looming danger.

• cryptography
• security

How does Docker work?

How does Docker actually work? It’s a simple question that has a surprisingly complex answer. You’ve probably heard the terms “daemon” and “runtime” thrown around, but never really understood what they meant and how they fit together.

In the evening I read How does Docker work? by Cameron Lonsdale, a (very) technical walk-through of how Docker works.

• container