My recollection is that Larry Wehr ran nm on the compiler, possibly in response to the extra-byte quirk, and found a subroutine reference with no appearance in the source. If Ken hadn't kept the code so modular, they might never have noticed. On Mon, Sep 20, 2021 at 9:53 AM Ken Thompson wrote: > > pwb recompiled the compiler and it got 1 byte larger. > again, another byte. after that they played with it > until they broke the quine part. i am not sure that > if they ever realized what was going on. > > the extra byte was my bug. > > > On Mon, Sep 20, 2021 at 4:58 AM Douglas McIlroy < > douglas.mcilroy@dartmouth.edu> wrote: > >> >> > It's part of my academic project to work on provable compiler >> security. >> >> > I tried to do it according to the "Reflections on Trusting Trust" by >> Ken >> >> > Thompson, not only to show a compiler Trojan horse but also to prove >> that >> >> > we can discover it. >> >> >> >> Of course it can be discovered if you look for it. What was impressive >> about >> >> the folks who got Thompson's compiler at PWB is that they found the >> horse >> >> even though they weren't looking for it. >> >> > I had not heard this story. Can you elaborate, please? My impression >> from having >> > read the paper (a long time ago now) is that Ken did the experiment >> locally only. >> >> Ken did it locally, but a vigilant person at PWB noticed there was an >> experimental >> compiler on the research machine and grabbed it. While they weren't >> looking for >> hidden stuff, they probably were trying to find what was new in the >> compiler. Ken >> may know details about what they had in the way of source and binary. >> >> Doug >> >