Lifetimes of cryptographic hash functions

“Quick summary of my recommendations on compare-by-hash: If you are using compare-by-hash to generate addresses for data that can be supplied by malicious users, you should have a plan to migrate to a new hash every few years. For example, BitTorrent falls into this category, but rsync doesn’t. Keep in mind that new, more secure hashes are likely to have larger outputs (e.g., 256 bits for SHA-2 vs. 160 bits for SHA-1) and be more computationally expensive…”

http://valerieaurora.org/hash.html

The paranoid #! Security Guide

“You’re dealing with a somewhat paranoid security setup for debian-based systems like #!.
[This is the end-user and not the |-|4xx0|2-version. We are not getting into virtual-virtual-virtual-machine-double-vpn-ssh-proxy-chain-from-your-internet-cafe-type-stuff.]

In this small guide I simply provide several “recipes” for securing both your box and your internet-connection and web-applications. I won’t go into the why of all of this in too much detail as I want to provide a simple how-to that people can follow to make their system more secure without having to read through hundreds of pages of explanations. This information can easily be found elsewhere. If you’re interested in a certain topic then just fire up a web-search and give it a read.

This guide is not exhaustive of course. As they say, security is a process – and so this guide can only be a place to start which needs to be adjusted to your personal needs.

If you consider to use this information and you find something to be too overcautious for your particular need – just ignore it and move on. One last thing before we begin: I am not a “security-guru” (far from it) – but more appropriately (as my nick suggests) some dude wrapping his head around things…”

http://crunchbang.org/forums/viewtopic.php?id=24722