[Arm-netbook] Questioning The Holy War

Hendrik Boom hendrik at topoi.pooq.com
Sat Dec 8 16:19:43 GMT 2018


On Sat, Dec 08, 2018 at 10:28:18AM -0500, Chris Tyler wrote:
> On Sat, Dec 8, 2018 at 7:07 AM Pablo Rath <pablo at parobalth.org> wrote:
> 
> > On Fri, Dec 07, 2018 at 04:52:22PM -0500, Hendrik Boom wrote:
> > > On Fri, Dec 07, 2018 at 12:59:44PM +0100, Pablo Rath wrote:
> > > >
> > > > How do you know if the source is closed? :)
> > >
> > > Let's assume this is a real question.
> >
> > Hendrik, I am sorry. I see, I have phrased my (rhetoric) question
> > poorly. What I meant and should have written is mor like: "How can you
> > know if a
> > software behaves well and doesn't shoot the cat when you can't audit the
> > source code?"
> >
> 
> I must point out an error here: Ken Thompson proved that auditing source
> code (of software and the toolchain used to build it) is meaningless in his
> paper "Reflections on Trusting Trust". That paper/talk was released 34
> years ago, and it wasn't theoretical -- it was based on malware that he'd
> successfully released into the wild many years before.

I remember reading that talk -- Wasn't it a Turing lecture? -- and I don't 
recall him saying he actually did release that malware -- he just explained 
what he *could* have done.  But he didn't deny it either.

Or do you have firther information on this?  If so I'd like to hear it.

Let me be pleased there is more than one C compiler in existence.  And that 
it is undecidable whether an arbitrary piece of code actually compiles C, so 
that his malware, should it exist, is limited in scope.

What I've heard on this topic is a mere rumour about the IBM Fortran H 
compiler -- that there was a bug in the optimisation of bitwise logic 
operations that was present in the object code but not in the source code.
Apparently those bitwise logic operations were used in the optimiser, and 
there was, unfortunately, a fixed point other than the intended one.

And I think we are getting close (but we're not there yet) to the general
philosophical question whether we can actually know anything at all.

-- hendrik
> 
> (That said, I still prefer to be able to read the source -- just saying we
> shouldn't attribute disproven benefits to source reading!).
> 
> -Chris
> _______________________________________________
> arm-netbook mailing list arm-netbook at lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netbook at files.phcomp.co.uk



More information about the arm-netbook mailing list