[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Compromising Debian Repositories

On Sat, Aug 03, 2013 at 12:17:06PM +0200, Volker Birk wrote:
> Not to mention the build tool chains.

It reminds me of Ken Thompson's article Reflections on Trusting Trust.
In which he explains how to train the C compiler.


  "The moral is obvious. You can't trust code that you did not totally
  create yourself. (Especially code from companies that employ people
  like me.) No amount of source-level verification or scrutiny will
  protect you from using untrusted code. In demonstrating the
  possibility of this kind of attack, I picked on the C compiler. I
  could have picked on any program-handling program such as an
  assembler, a loader, or even hardware microcode. As the level of
  program gets lower, these bugs will be harder and harder to detect. A
  well installed microcode bug will be almost impossible to detect."

Attachment: signature.asc
Description: Digital signature

Reply to: