Brian Smith (:briansmith, :bsmith, use NEEDINFO?) Reporter
	Description • 11 years ago

MD5 should not be considered a secure hash algorithm. In metro/base/content/browser.js, it is used to compress URIs in the function pinSite. Instead SHA256 should be used.

As a general rule, nobody should ever be using MD5 for any purpose.

	Brian R. Bondy [:bbondy]
	Comment 1 • 11 years ago

> As a general rule, nobody should ever be using MD5 for any purpose.

What exactly is the concern here? Hash functions have uses outside of security and it is used in this case to generate an ID which we don't care if it is reversible via a dictionary attack or any other attack.  Unless it makes the machine insecure for some reason I'm not sure why we need or want to do this.

	Brian Smith (:briansmith, :bsmith, use NEEDINFO?) Reporter
	Comment 2 • 11 years ago

The hash is used to compress a URI to identify that URI. So, how is that not security-sensitive? The comment says that a unique identifier per site is needed but MD5(site) doesn't give you that property because MD5 is broken.

	Brian R. Bondy [:bbondy]
	Comment 3 • 11 years ago

> The hash is used to compress a URI to identify that URI. So, how is 
> that not security-sensitive?

security sensitive in which way? Do you mean privacy wise? They can just see the URL anyway if pinned to the start screen no matter what the ID is. 

> The comment says that a unique identifier per site is needed but MD5(site) 
> doesn't give you that property because MD5 is broken.

No hashing function gives you a unique value but it gives you a close enough to unique value.

	Brian R. Bondy [:bbondy]
	Comment 4 • 11 years ago

marking as invalid since we're not using hashing for security, just to generate an ID.