The Unix Heritage Society mailing list
 help / color / mirror / Atom feed
* [TUHS] Thompson trojan put into practice
@ 2021-09-19 15:46 arnold
  2021-09-19 15:58 ` Al Kossow
  0 siblings, 1 reply; 14+ messages in thread
From: arnold @ 2021-09-19 15:46 UTC (permalink / raw)
  To: tuhs

This is FYI. No comment on whether it was a good idea or not. :-)

Arnold

> From: Niklas Rosencrantz <niklasro@gmail.com>
> Date: Sun, 19 Sep 2021 17:10:24 +0200
> To: tinycc-devel@nongnu.org
> Subject: Re: [Tinycc-devel] Can tcc compile itself with Apple M1?
>
>
> Hello!
>
> For demonstration purpose I put my experiment with a compiler backdoor in a
> public repository
> https://github.com/montao/ddc-tinyc/blob/857d927363e9c9aaa713bb20adbe99ded76ac615/tcc-evil/tinycc/libtcc.c#L989
>
> It's part of my academic project to work on provable compiler security.
> I tried to do it according to the "Reflections on Trusting Trust" by Ken
> Thompson, not only to show a compiler Trojan horse but also to prove that
> we can discover it.
> What it does is inject arbitrary code to the next version of the compiler
> and so on.
>
> Regards \n

^ permalink raw reply	[flat|nested] 14+ messages in thread
* [TUHS] Thompson trojan put into practice
@ 2021-09-20  2:39 Douglas McIlroy
  2021-09-20  2:50 ` Larry McVoy
  2021-09-20  7:12 ` arnold
  0 siblings, 2 replies; 14+ messages in thread
From: Douglas McIlroy @ 2021-09-20  2:39 UTC (permalink / raw)
  To: TUHS main list

> It's part of my academic project to work on provable compiler security.
> I tried to do it according to the "Reflections on Trusting Trust" by Ken
> Thompson, not only to show a compiler Trojan horse but also to prove that
> we can discover it.

Of course it can be discovered if you look for it. What was impressive about
the folks who got Thompson's compiler at PWB is that they found the horse
even though they weren't looking for it.

Then there was the first time Jim Reeds and I turned on integrity control in
IX, our multilevel-security version of Research Unix. When it reported
a security
violation during startup we were sure it was a bug. But no, it had snagged Tom
Duff's virus in the act of replication. It surprised Tom as much as it did us,
because he thought he'd eradicated it.

Doug

^ permalink raw reply	[flat|nested] 14+ messages in thread
* Re: [TUHS] Thompson trojan put into practice
@ 2021-09-20  3:04 Noel Chiappa
  2021-09-20  3:21 ` David Arnold
  0 siblings, 1 reply; 14+ messages in thread
From: Noel Chiappa @ 2021-09-20  3:04 UTC (permalink / raw)
  To: tuhs

https://googlethatforyou.com/?q=Tom%20Duff%20Virus

	Noel

^ permalink raw reply	[flat|nested] 14+ messages in thread
* [TUHS] Thompson trojan put into practice
@ 2021-09-20 11:57 Douglas McIlroy
  2021-09-20 13:51 ` Ken Thompson
  0 siblings, 1 reply; 14+ messages in thread
From: Douglas McIlroy @ 2021-09-20 11:57 UTC (permalink / raw)
  To: TUHS main list

>> > It's part of my academic project to work on provable compiler security.
>> > I tried to do it according to the "Reflections on Trusting Trust" by Ken
>> > Thompson, not only to show a compiler Trojan horse but also to prove that
>> > we can discover it.
>>
>> Of course it can be discovered if you look for it. What was impressive about
>> the folks who got Thompson's compiler at PWB is that they found the horse
>> even though they weren't looking for it.

> I had not heard this story. Can you elaborate, please? My impression from having
> read the paper (a long time ago now) is that Ken did the experiment locally only.

Ken did it locally, but a vigilant person at PWB noticed there was an
experimental
compiler on the research machine and grabbed it. While they weren't looking for
hidden stuff, they probably were trying to find what was new in the
compiler. Ken
may know details about what they had in the way of source and binary.

Doug

^ permalink raw reply	[flat|nested] 14+ messages in thread

end of thread, other threads:[~2021-09-20 14:36 UTC | newest]

Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-19 15:46 [TUHS] Thompson trojan put into practice arnold
2021-09-19 15:58 ` Al Kossow
2021-09-19 16:02   ` arnold
2021-09-19 16:10   ` John Floren
2021-09-20  2:39 Douglas McIlroy
2021-09-20  2:50 ` Larry McVoy
2021-09-20  7:12 ` arnold
2021-09-20  3:04 Noel Chiappa
2021-09-20  3:21 ` David Arnold
2021-09-20  4:35   ` Earl Baugh
2021-09-20  4:36   ` Earl Baugh
2021-09-20 11:57 Douglas McIlroy
2021-09-20 13:51 ` Ken Thompson
2021-09-20 14:35   ` John P. Linderman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).