Double Compiling To Thwart Thompson Attack

We have spoken about the famous Ken Thompson attack before. David Wheeler believes he has the answer and has published several papers on double compilation to counter the attack. That said you still must have access to a trusted compiler, right?

Advertisements

3 thoughts on “Double Compiling To Thwart Thompson Attack

    • Indeed. At the very least we should have a complete redesign of x86 – throw everything out and start again. We should learn some lessons from RISC and the KISS principle and simplify everything as much as possible. Perhaps most importantly if running everything through an interpreter is just too slow then we could at least take a look at how Apple did things back in the good ole days and have a ROM that has been constructed using security best practice and extensively audited by the community. The ROM should include a hypervisor style microkernel which all OS’s will be required to interface with. Direct hardware access will be impossible and a debugger should be available at all times (remember the old BREAK key on the console of ancient minicomputers – similar to that). We could learn a lot by looking back to how things were done back on the original timesharing systems like the PDP and the VAX

      • For sure. I’m not sure going as far as making a high level language the machine code is the right move, but where we are with 386 derivatives it seems like there is a space for supercharged TI-89s or Motorola 0x0 processor systems to make a resurgence.

        I just remember the recent scandle where Intel compilers set flags to feed AMD processors the least possibly optimized versions of code. And then when AMD compiled packages with Intel’s compiler the AMD toolkits inherited this flaw. I am not sure how much trust can be trusted on the current paradigm.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s