[josephcsible]

The key point is that if your system has an evil compiler, building your own compiler from known-good source code will just give you another evil compiler, no matter how many times you do it. It creates a bootstrapping problem for the victim that doesn't have easy solutions.

[deckarep]

Perhaps another way to say it-using an evil compiler could bootstrap any kind of malicious code in the compiled artifact whether it’s a compiler or not.

[josephcsible]

No, because if that's all it did, just rebuilding your compiler twice would free you from it.