Viral Unix Compiler

Tim Shoppa SHOPPA at
Thu Jan 6 23:16:41 AEST 2000

>So far as I know (from conversations with insiders in the past), no system
>was ever shipped out of Bell Labs with Ken's self-healing trojan horse in
>login and the C compiler.  (For those who don't remember, both programs
>were involved: login buggered so that a secret string was always accepted
>as a valid password for any login; the compiler buggered to recognize when
>compiling login or itself, and reinsert the buggery.  Hence one can remove
>the buggered sources, but as long as the binaries remain, so will the bugs.)
>Ken's Turing Award lecture doesn't say whether those programs were ever
>shipped to the public.  He probably left it dangling on purpose, since
>the point he is trying to make is that it isn't just code you have to trust,
>but the programmer who wrote it; you cannot possibly know everything that's
>going on inside unless you created everything involved, including compilers
>and assemblers and the operating system.

Perhaps Ken went even further and distributed buggered binaries of 'od'
as well (along with a 'cc' patch to re-insert the 'od' hole),
so those attempting to hand disassemble the code to *check* for
the existence of the security hole wouldn't find it.

The 'cc+login' hole is nice, sweet, and self-consistent.  Attempting
to patch all the other tools to make it impossible to find these holes
sounds incredibly more complicated.  Maybe it was just the way Ken
so clearly presented the "how to" lesson that makes anything I try to add
onto it sound incredibly awkward.

 Tim Shoppa                        Email: shoppa at
 Trailing Edge Technology          WWW:
 7328 Bradley Blvd		   Voice: 301-767-5917
 Bethesda, MD, USA 20817           Fax:   301-767-5927

Received: (from major at localhost)
	by (8.9.3/8.9.3) id BAA49497
	for pups-liszt; Fri, 7 Jan 2000 01:25:03 +1100 (EST)

More information about the TUHS mailing list