Hacker News new | ask | show | jobs
by andy_xor_andrew 655 days ago
regarding the "security" aspect, I'm interested in what an attack vector would look like against a build system

like, say you are building code, and all the below functions are compilers, and * denotes an evil compiler. Every link in the chain is a compiler building another compiler, until the last node which builds the code.

A() -> B() -> Evil*() -> D() -> E(code) -> binary

how in the world would the evil compiler in this situation inject something malicious into the final binary?
2 comments
anderskaseorg 655 days ago
The mechanism is a clever application of quines (self-reproducing programs), first explained in the classic lecture “Reflections on Trusting Trust” by Ken Thompson:

https://dl.acm.org/doi/pdf/10.1145/358198.358210

Russ Cox obtained the actual code for Thompson’s compiler backdoor and presented it here:

https://research.swtch.com/nih

link
bangaladore 655 days ago
Any compiler (or binary) after the evil compiler is compromised. It can inject malicious code into anything it creates (or anything that is produced by what it makes).

Essentially, the evil compiler can include the evil parts of it in the compiler output. Even worse, the evil compiler could include the self-replicating code within the compiler output.

You can follow this logic down an infinite chain as you'd like.

link