Hacker News new | past | comments | ask | show | jobs | submit login

Thompson didn't invent or prove anything. He based his work off MULTICS Security Evaluation where Karger et al invented the compiler attack and submitted it in the report. See p 17:

https://www.acsac.org/2002/papers/classic-multics-orig.pdf

They invented many other attacks and risk areas you see today despite INFOSEC not existing back then. This was one 2 or 3 pentests that started the hacking part of our field.




I never said invented, but he did execute it successfully on a scale that may be larger than he admits.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: