Ken Thompson on the bug that exposed his compiler trojan (2021)

In a recent thread on the TUHS mailing list, members discussed the discovery of a compiler Trojan horse by researchers in the 1980s. The Trojan horse, which was originally developed by Ken Thompson, was designed to insert backdoor vulnerabilities into software without being detected. The researchers at PWB discovered the Trojan horse accidentally, even though they were not looking for it. The group at PWB was likely searching for new features in the compiler. Thompson had only done the experiment locally, so there are no details on how the PWB researchers were able to obtain the experimental compiler.

To top