We have spoken about the famous Ken Thompson attack before. David Wheeler believes he has the answer and has published several papers on double compilation to counter the attack. That said you still must have access to a trusted compiler, right?
Mike the Crypto Goat
Exploring Internet security, crypto and civil liberties.
Mike the Crypto Goat 
Honestly I think Stanislav Datskovskiy might be right. Rebuilting Lisp machine architectures or making new Python machines may be the way to go. Compiling can eat a dick.
Indeed. At the very least we should have a complete redesign of x86 – throw everything out and start again. We should learn some lessons from RISC and the KISS principle and simplify everything as much as possible. Perhaps most importantly if running everything through an interpreter is just too slow then we could at least take a look at how Apple did things back in the good ole days and have a ROM that has been constructed using security best practice and extensively audited by the community. The ROM should include a hypervisor style microkernel which all OS’s will be required to interface with. Direct hardware access will be impossible and a debugger should be available at all times (remember the old BREAK key on the console of ancient minicomputers – similar to that). We could learn a lot by looking back to how things were done back on the original timesharing systems like the PDP and the VAX
For sure. I’m not sure going as far as making a high level language the machine code is the right move, but where we are with 386 derivatives it seems like there is a space for supercharged TI-89s or Motorola 0x0 processor systems to make a resurgence.
I just remember the recent scandle where Intel compilers set flags to feed AMD processors the least possibly optimized versions of code. And then when AMD compiled packages with Intel’s compiler the AMD toolkits inherited this flaw. I am not sure how much trust can be trusted on the current paradigm.