[DanBC]

> Is this one of those threads where we keep asking 'and where did that come from?'

At some point you have to trust someone. But who should you trust, and how much should you trust them?

Most people do not think about that and so we live with an Internet where privacy is almost impossible and most people just don't care about that.

[cLeEOGPw]

Either that or you could inspect every line of OS source code before compiling and then inspect every machine code of compiler executable to make sure compiler is not infected.

[gizmo686]

Instead of inspector your normal compiler's machine code, you can create a small special purpose compiler to begin bootstrapping your main compiler from source. Most compilers (including GCC I believe) are specifically designed so that they can be bootstrapped from a relatively small subset of the language. Additionally, you do not need to worry about producing an efficient executable because you will only ever run the resulting program once.

However, there is also the risk that your host OS is compromised, in which case it may simply lie to you and do whatever it wants.

[cLeEOGPw]

Even if you manage to guarantee OS and everything else safety, you still have to trust your own sanity.

[gizmo686]

Don't worry, I confirmed my sanity last week. I think.

[dijit]

then you end up as abrasive as Theo De Raat.