EmptyCrate.com: Reflections on Trusting Trust

In 1984 the Communications of the ACM published an article, Reflections on Trusting Trust. Which is an amazing, and disturbing read about software trust. The article begins with the exercise, “create a program which can replicate itself.” This leads deftly to the idea of modifying a compiler such that every time code is compiled it adds a security vulnerability. The author points out that this kind of problem in a compiler could and would be found rather quickly. However, it takes a compiler to compile a new compiler.

With this in mind, and the techniques in place for writing self replicating code, one could write a compiler that detected when it was compiling a new compiler and inject its self replicating code into the new compiler. Thompson certainly makes you question just how much you can trust your code - unless you fully control every aspect of your system.

Website Status - News - Updates - Following Jason
C++ Weekly - Ep 61 - Storage Duration with Lambdas
C++ Weekly - Ep 60 - std::quoted
C++ Weekly - Ep 59 - Negative Cost Embedded C++ - Part 2
C++ Weekly - Ep 58 - Negative Cost Embedded C++ - Part 1
C++ Weekly - Ep 57 - Dissecting An Optimization
C++ Weekly - Ep 56 - Zero Cost Embedded C++ - Part 3
C++ Weekly - Ep 55 - Zero Cost Embedded C++ - Part 2
C++ Weekly - Ep 54 - Zero Cost Embedded C++ - Part 1
C++ Weekly - Ep 53 - Gotos Are Everywhere

EmptyCrate

About Me | Contact Me | Training | C++ Weekly (YouTube) | C++ Evolution Viewer | Awesome C++ T-Shirts

Reflections on Trusting Trust - by Ken Thompson