Re: getting around Ken Thompson's compiler Trojan

From: Barry Margolin (barmar@genuity.net)
Date: 01/28/03 

From: Barry Margolin <barmar@genuity.net>
Date: Tue, 28 Jan 2003 15:48:52 GMT

In article <87bs21lg1n.fsf@pele.r.caley.org.uk>,
Richard Caley <MYFIRSTNAME@MYLASTNAME.org.uk> wrote:
>Of course, the real trick is to trojan the obfucator along with the
>compiler and login.:-)

And the "nm" command, to prevent the "strange symbol table" issue that
Thompson said revealed the existence of the trojan. 

-- 
Barry Margolin, barmar@genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

Relevant Pages

  • Re: getting around Ken Thompsons compiler Trojan
    ... >the compiler. ... The recognizer clearly has to perform a fuzzy match, ... >the goal is that the Trojan be propagated to all future versions of the ...
    (comp.security.unix)
  • Re: [Lit.] Buffer overruns
    ... >> constants, particularly the newline character. ... > award speech about trust, within which he described a way ... > to hide a Trojan horse within a compiler. ...
    (sci.crypt)
  • Re: [Full-disclosure] Re: Microsoft AntiSpyware falling further behind
    ... Trojan Horse, or simply Trojan, ... given that the Trojan Horse written about by Homer ... "Figure 6 shows a simple modification to the compiler that will deliberately ... Notice that the second pattern is specifically *not* allowing any remote access, ...
    (Full-Disclosure)
  • Re: getting around Ken Thompsons compiler Trojan
    ... >It is all going to depend on how the "am I compiling the compiler" test works. ... > First, you're going to see the object files built with some token parsing, ... >resulting in an object file that likely contains exactly the same object code ... the goal is that the Trojan be propagated to all future versions of the ...
    (comp.security.unix)