

The Ken Thompson Hack - Kitesage
http://c2.com/cgi/wiki?TheKenThompsonHack

======
Vraxx
_All manner of controls and monitors could be secreted this way in the OSes of
all the devices we all use day to day. It isn 't very far fetched to suggest
that the hack, in software, can create an updatable backdoor. This way every
piece of software on the planet can be KTH bugged without any possibility of
detection by any mortal engineer anywhere._

Man, if you weren't paranoid about security already, this will keep you up at
night compiling your systems from source. If you think you have a clean
compiler that is.. I think I might just wait for the non-mortal engineer to
save us all.

------
dunstad
It's really interesting to think about how impractical it would be to ensure
that you can trust a piece of software. Unless you go down to the lowest
levels and validate what every machine instruction is doing (which I certainly
don't know how to do, nor plan on doing), you really just have to trust that
it all does what you expect.

Good thing people are trustworthy, right?

