Dr. Wheeler's research and resulting paper are excellent work. It certainly gets us thinking in the right direction in an attempt to solve the problem, but I don't know that I'd call his approach a tangible solution. You still need a trusted compiler. And from whence can one obtain a trusted compiler and guarantee that it has not been compromised? Also, no two compilers (GCC vs Intel, for example) would produce the same bit-for-bit executable code.
Perhaps we only lack the tools to implement his solution.
This self-referencing naturally occurs if you are writing a self-hosting compiler. I have read the Ken's paper, but when I was writing my C compiler in C (https://github.com/rui314/8cc/blob/master/lex.c#L306), I was not aware that this was what Ken wrote in the paper. It was funny to notice that long after I wrote the code.
Great read, it really does come down to ethical vs. unethical behavior at the end of it all. Someone smart doing something destructive is still behaving badly, and giving them undeserved respect (beyond their technical ability) simply for destroying things 'more intelligently' is foolish.
Regardless, I'm left feeling yet again that I can't fully trust anything. Good thing I don't need to these days; I fear for those who do.
> Good thing I don't need to these days; I fear for those who do
Oh but you do, you trust countless of people doing their jobs right so that you can have electricity, clean water, safe food and peaceful streets. Civilization exists because of trust.
And one has to realize that trustless systems come with a cost - they have stupendous overhead. Consider all the layers of bureaucracy companies (or the law) employ to protect themselves from malicious actors. Or, consider Bitcoin. It's good to have, and maintain, trust-based systems because they can get the job done much, much more efficiently.
Personally, I find epic massive Byzantine attacks far more interesting. For example, imagine if a gangster were so suave that he could walk into any ghetto and immediately become the local mob boss. These things are computationally possible. In fact, these attacks happen in nature. I find the Grey Goo Problem far more threatening. https://medium.com/@yanazendo/the-grey-goo-problem-bd495813c...
Yes it's quite interesting to read, but yet in my oppinion they're far from becoming reality due to technical reasons of building AI or self replicating bots improving themselves.
As for backdoored code is reality right now. IIRC intel compiler used to optimize code better for their own processors so it would score better benchmarks compared to AMD which is trojan IMO. Not to start talking about NSA conspiracy theories.
I'm not saying that the security field had a 'Hilbert's Program' before then, but it certainly couldn't have one afterward.