Bruce Schneier predicts we’ll see the first SHA-1 hash collision within a year, based on recent cryptanalytic results:
In other words, systems relying on the lack of collisions in SHA-1 (such as BitTorrent) for correct operation will start having interesting bugs in the next year, as I predicted in 2003.
I updated The code monkey’s guide to cryptographic hash functions (and moved it to my own web site). I also created a summary page of my writings on cryptographic hashes, including the most up-to-date version of the “Breakout Chart” of cryptographic hash life cycles.
[Humorous hyperbole deleted since humor + intertubes = fail.] I don’t think it made sense to write this paper, since I don’t think anyone changed their software as a result of reading it, and it didn’t have a positive effect for me personally either.
[Added so the comments don’t fill up with git-related flamewars.] Git and rsync are fine, as are any hash-based systems which only allow trusted users to add data to the system. (Trusted not to deliberately add colliding inputs, that is.) BitTorrent, Venti, CAS-based shared caches, and anything else which allows potentially malicious users to add data to the system is another story.