| From: | Sim Zacks <sim(at)compulab(dot)co(dot)il> |
|---|---|
| To: | PostgreSQL general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Using bytea field... |
| Date: | 2011-03-10 08:09:31 |
| Message-ID: | 4D78873B.4060804@compulab.co.il |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> > The question is, if it screws up and says that an image already exists
> > and then returns a different image when querying for it, how bad would
> > that be.
> >
>
>
> It'll never happen:
>
> http://stackoverflow.com/questions/862346/how-do-i-assess-the-hash-collision-probability
>
>
> Sure you CAN go out of your way to generate collisions, but I'd bet
> money you never see one from your setup.
>
> The probability is extremely slim. And if thats too much of a chance,
> use sha2, its mind numbingly slim.
>
> If you were doing cryptography it would be a problem, yes, but not
> checking file equality.
>
> -Andy
Never is a long time. The question that I asked is precisely: how much
money you would bet that you'll never hit a collision. It depends on the
use case. If you are talking about privacy issues, which can include
lawsuits, loss of reputation and/or damages, then I wouldn't take that
risk, even on sha2. Especially not with all the publicly available
documentation explaining why not to do it. If you are talking about a
minor inconvenience or professional pride because the wrong image showed
up, or the right image was never stored, then it may be worth the risk.
Sim
| From | Date | Subject | |
|---|---|---|---|
| Next Message | ray | 2011-03-10 10:36:55 | Re: Ad hoc report writer |
| Previous Message | Pavel Stehule | 2011-03-10 07:36:15 | Re: output screen in psql |