New Toppler Version 1.1.1

Toppler Icon Yet another version of Tower Toppler, version 1.1.1 was releases by Andreas Röver. This comes quickly on the heels of the 1.1.0 version. The main changes are:

  • Included Pasis 2 Towers
  • New Finnish translation
  • Updated French Translation

I’ve updated the OS X packages on my Toppler page. Worth a download for the new level set!

Thanks Andreas!

Update, December 24, 2004: The issue with Toppler not running on 10.2.8 systems has been fixed. It was due to a missing function in the 10.2 C libs. The new version is 1.1.1-1

New Toppler Version 1.1.0

Toppler Icon Andreas Röver has released a new version of the Tower Toppler source code, 1.1.0. The basic changes are:

  • Joystick support (though I have no way of testing this…)
  • In the level designer, elevators can now be made to pass doors
  • There was a condition where the little green guy could get stuck
  • A Windows bug with a strange .dll was fixed (not that this affects you Mac users)

I’ve updated the OS X packages on my Toppler page, though this update for Mac users probably isn’t that big a deal.

Thanks Andreas!

MD5 Begins Its Downward Slide

It appears that the usefulness of MD5 checksums is finally beginning to wane. This security analysis by Dan Kaminsky gives some frightening details of how to create two files that perform different tasks, but have the same MD5 checksum. Bad news. Now this attack relies on the possession of two specially-computed files that have the same checksum, as detailed by Joux and Wang previously:

For MD5 (and actually a number of popular hashing algorithms, SHA-1 not among them), it is possible to compute particular classes of input data for which subtle changes can be silently introduced without causing apparent changes in the final MD5 hash. Capacity is not huge – of the two 128 byte proof-ofconcept files released by Wang, only six bits differ. But many ”doppelganger” sets can be computed, each of which may be swapped out with the other at no effect to the resultant hash. The sets are two MD5 blocks long. Because it’s possible to compute new blocks on demand, a generic ”antivirus” style colliding block detector isn’t possible. It may be possible to generate a custom weak class detector. The ability to generate colliding datasets exposes a fundamentally new mode of operation for MD5.

Now, you don’t have to start worrying about this immediately. Fully-practical attacks are still over the horizon. However, as Dan’s paper shows us, the horizon may be closer than you think. You may want to read up on SHA-1.