On Thu, 2009-04-02 at 10:12 -0500, Mikkel L. Ellertson wrote:
Then again, if you want to be safe, you should only use code you
have written/inspected yourself, compiled on a compiler that you
have written yourself. After all, it was proven that you could imbed
code in the compiler that would be added to any program that you
compiled with it, and would not show up in the compiler source code.
(The compiler would add the code automatically when compiling itself.)
Here's a link to Ken Thompson's "Reflections on trusting trust" which
discusses these ideas:
http://cm.bell-labs.com/who/ken/trust.html
It's a short essay/talk and well worth the read.
Regards,
Bryn.