perlquestion kschwab There's an [http://slashdot.org/articles/03/05/31/2157254.shtml?tid=126&tid=172|interesting article] on [http://slashdot.org|/.] today about using hash collisions to create a denial of service. The [http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/index.html|white paper] referred to in the article is a bit light on details, but I did find the premise interesting.<p> They specifically mention attacking Perl's hash implementation, including specific attacks for 5.6.1 and 5.8.0.<p> An obvious defense is to avoid putting untrusted data into a hash. Sounds easy, but associative arrays are probably already being used this way all over the place. Any ideas on workarounds and fixes to reduce the risk of being DOS'ed ?