Simon Willison’s Weblog

Hash Collisions (The Poisoned Message Attack). Demonstrates the MD5 weakness by providing two deliberately engineered PostScript documents with the same MD5 hash but radically different rendered output.

Posted 4th April 2008 at 7:24 pm

Recent articles

OpenAI are quietly adopting skills, now available in ChatGPT and Codex CLI - 12th December 2025
GPT-5.2 - 11th December 2025
Useful patterns for building HTML tools - 10th December 2025

collisions 2 hashing 12 md5 4 postscript 1 security 569

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe