Robert Dewar wrote:
OK, interesting, thanks for info, I had always thought that this was purely conceptual.
One thing (which Erik didn't mention) that I noticed in the articles is that Ken said that in his implementation he also hacked the disassembler to cover up the evidence.
Of course there is nothing special about open source/free software that makes such attacks more possible. On the contrary, since gcc can always be built using third party C compilers, it would be much easier to smoke out and eliminate any such behavior (indeed this example shows the merit of maintaining the property that gcc can be compiled by non-gcc compilers), although we have not been able to maintain that property for the Ada front end.
Indeed. It would be interesting to confirm whether or not a copy of gcc bootstrapped with a non-gcc compiler matched byte-for-byte with a copy of gcc bootstrapped from gcc. Not so much to look for intentional things like this, but to see whether the bootstrapping actually does achieve its goal of obtaining a result that's independent of the bootstrapping compiler. Has anyone actually tried it?
- Brooks
