On Sat, Aug 03, 2013 at 12:17:06PM +0200, Volker Birk wrote: > Not to mention the build tool chains. It reminds me of Ken Thompson's article Reflections on Trusting Trust. In which he explains how to train the C compiler. http://cm.bell-labs.com/who/ken/trust.html "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."
Description: Digital signature