

Ken Thompson - Reflections on Trusting Trust - eru
http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

======
iigs
_Acknowledgment. I first read of the possibility of such a Trojan horse in an
Air Force critique [4] of the security of an early implementation of Multics.
I cannot find a more specific reference to this document. I would appreciate
it if anyone who can supply this reference would let me know._

The date of this article is 1984, and by this time the aforementioned Air
Force paper was effectively already lost. It saddens me to think of all of the
stuff of this type we're going to have to relearn (possibly badly) because we
failed to keep/retain/organize the information.

Archive.org retaining so much stuff and Google searching it is initially
exciting, but there's so much still behind closed doors, whether they're those
of the US DoD or just a simple commercial pay-to-read interface.

The ability to distill something as seemingly boring as a product (early/beta
Multics) security review into an important and generally applicable treatise
on software trust definitely earns my admiration (aside from the important
obvious work that he's done on UNIX), and I would be delighted if I could ever
contribute something so important to the world of Computer Science.

------
pius
Definitely a classic CS paper.

------
ashish1
awesome!!!

