Just to clarify some topics.

hashDoS vulnerability Eric pointed is the problem of String(-ish)#hash.
 The fix for 1.8.7-p357 is for String(-ishes) so Fixnum#hash is still
stable (3).  The most confusing part for the original poster is
Symbol#hash (== Kernel#object_id) looks stable for each process invocation.

Can you imagine what's happening inside?

% ruby187 -v
ruby 1.8.7 (2012-02-08 patchlevel 358) [x86_64-linux]
% ruby187 -e 'puts({:omg! => 1}.hash)'
437103
% ruby187 -e 'puts({:ZOMG! => 1}.hash)'
437103
% ruby187 -e 'puts({:omg! => 1}.hash == {:ZOMG! => 1}.hash)'
false #### ZOMG!!!!

So for an answer to Jens: In 1.8.7, "ruby -e 'puts ({:a => 1}.hash)'"
shows the same hash value by accident.  But in Ruby, both on 1.8 and
1.9, you cannot expect the same hash value across processes.

Best regards,
// NaHi