> Yep, this is basically same as explained by Thompson back in 1984. You cannot “automate” trust,
or trust blindly.
Well, assuming that you’ve got no access to the compiler sources what he describes is a major
undertaking…unless you do it under Windows where you can make any process of interest that runs under the same user account with yours behave the way you wish. In fact, the entire Windows process model seems to be just specifically designed for someone who wants to launch an attack like that. In practical terms, I guess the most efficient approach would be, instead of subverting the compiler, simply to pass an bit modified info to a linker that will link the malicious binary code in .obj format into the target executable…
Believe or not, it seems that they are very busy exactly doing that, and we may see something quite soon.
I am intrigued…
After all, as they say, there is nothing that a complete rewrite cannot fix…
Anton Bassov