7 months ago
165
I recently wrote a deep dive exploring the famous talk "Reflections on Trusting Trust" by Ken Thompson — the one where he describes how a compiler can be tricked to insert a Trojan horse that reproduces itself even when the source is "clean".
In the post I cover:
• A walkthrough of the core mechanism (quines, compiler “training”, reproduction).
• Annotated excerpts from the original nih example (via Russ Cox) and what each part does.
• Implications today: build-tool trust, reproducible builds, supply-chain attacks.
If you’re interested in compiler internals, toolchain security, or historical hacks in UNIX/CS, I’d love your feedback or questions.
🔗 You can read it here: https://micahkepe.com/blog/thompson-trojan-horse/
[link] [comments]
![Halpatiokee Park [Stuart, FL]](https://preview.redd.it/yc2jvtj3cr3h1.jpg?width=140&height=140&crop=1:1,smart&auto=webp&s=b2f1cd5287a887343d041998e03125d29890059e)
English (US) ·