That Time Ken Thompson Wrote a Backdoor into the C Compiler

https://micahkepe.com/blog/thompson-trojan-horse/

80•thunderbong•3mo ago

Comments

fjfaase•3mo ago

Interesting. I reviewd the live-bootstrap project (a project to build a trusted C compiler for building Linux) in the past years, including writing a Linux on i368 simulator/interpreter, and gave a presentation about this at WHY2025.

turtleyacht•3mo ago

Assigning 11 to mean "v" in the sequence "\v" sounds like replacing words (or letters) with numbers.

Is that related to Godel's idea that a system can be either complete or inconsistent?

Digit-Al•3mo ago

"\v" is an ASCII control character, and means "vertical tab" (VT). In ASCII it is code 11, which is why they are inserting the number 11.

turtleyacht•3mo ago

Yes. In this case, it represents "teaching" the compiler something it didn't previously "know" about. But wanted to connect that to whether the computed output of a language could ever be falsifiable, i.e. we would not know it happened.

tetris11•3mo ago

Ken Thompson's Reflections on Trusting Trust[0] was one of the motivations for Guix's single 357-byte seed (+libguile) full bootstrap[1].

0: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

1: https://guix.gnu.org/en/blog/2023/the-full-source-bootstrap-...

fjfaase•3mo ago

For the 'full' graph for stage0 see: https://fransfaase.github.io/Emulator/tdiagram.html and note that it even is not completely 'full' leaving out some steps that copy file from one location to another. Use mouse or fingers to zoom and pan.

I gave a talk about this at WHY2025 which also refers to this 'Reflections on Trusting Trust' paper. On YouTube https://www.youtube.com/watch?v=akzyyO5wvm0

tetris11•3mo ago

nice work!

kaem is a new one for me, what's its connection to mescc?

fjfaase•3mo ago

Kaem is a very minimal shell, a program that can set environment variables and start other programs using Linux system calls.

To compile GNU Mes compiler you need a minimal C compiler. Half of the steps in stage0 consist of building that minimal C compiler through a number of steps starting with a very minimal assembler. I am working on an approach that use far less steps and is easier to review than the hunderds of files that are used now.

donatj•3mo ago

Hmm... I've read about "Reflections on Trusting Trust" a couple times including in college some twenty years ago, though never the paper itself.

I have never seen the actual examples before, but the way it's always been described to me I kind of expected more...

It was always described as completely undetectable... so my assumption was one could not find it even with a decompiler and a lot of free time...

I guess I expected for instance it to filter patterns of itself out of fread for instance, such that a system built with it literally could not detect its existence at all. I expected it to make the operating system at large lie to you.

fjfaase•3mo ago

One can find it out with a decompiler and a lots and lots of free time. Compilers are not trivial programs, especially the ones needed to compile operating systems, with the required optimizations, and there are many ways to obfuscate code.

A better approach is to start with a small executable, one that translate hexadecimal numbers to binary, and from that build all the tools to compile a simple C compiler (such as the Tiny C Compiler, which is not very tiny), to compile the optimizing C compiler that can compile operating systems. That is the approach followed by the live-bootstrap project.

colejohnson66•3mo ago

That’s what Guix did. All the way back to a 357 byte assembly code blob that turns a hex file into a binary file, and can “compile” itself.

richardhenry•3mo ago

If the compromised compiler also compiles the decompiler…

Neywiny•3mo ago

> The idea of a Trojan horse predates Thompson's original work on C by at least a few years

Understatement of the eon

Show HN: I decomposed 87 tasks to find where AI agents structurally collapse

I went back to Linux and it was a mistake

Octrafic – open-source AI-assisted API testing from the CLI

US Accuses China of Secret Nuclear Testing

Peacock. A New Programming Language

A postcard arrived: 'If you're reading this I'm dead, and I really liked you'

What to know about the software selloff

Show HN: Syntux – generative UI for websites, not agents

Microsoft appointed a quality czar. He has no direct reports and no budget

AI overlay that reads anything on your screen (invisible to screen capture)

Show HN: Seafloor, be up and running with OpenClaw in 20 seconds

Tesla turbine-inspired structure generates electricity using compressed air

State Department deleting 17 years of tweets (2009-2025); preservation needed

Learning to code, or building side projects with AI help, this one's for you

Effulgence RPG Engine [video]

Five disciplines discovered the same math independently – none of them knew

We Scanned an AI Assistant for Security Issues: 12,465 Vulnerabilities

Amazon no longer defend cloud customers against video patent infringement claims

Show HN: Medinilla – an OCPP compliant .NET back end (partially done)

How Does AI Distribute the Pie? Large Language Models and the Ultimatum Game

Resistance Infrastructure

Fire-juggling unicyclist caught performing on crossing

Restoring a lost 1981 Unix roguelike (protoHack) and preserving Hack 1.0.3

GPS and Time Dilation – Special and General Relativity

Show HN: Witnessd – Prove human authorship via hardware-bound jitter seals

Show HN: I built a clawdbot that texts like your crush

Scientists reverse Alzheimer's in mice and restore memory (2025)

Compiling Prolog to Forth [pdf]

Show HN: Cymatica – an experimental, meditative audiovisual app

GitBlack: Tracing America's Foundation

Show HN: I decomposed 87 tasks to find where AI agents structurally collapse

I went back to Linux and it was a mistake

Octrafic – open-source AI-assisted API testing from the CLI

US Accuses China of Secret Nuclear Testing

Peacock. A New Programming Language

A postcard arrived: 'If you're reading this I'm dead, and I really liked you'

What to know about the software selloff

Show HN: Syntux – generative UI for websites, not agents

Microsoft appointed a quality czar. He has no direct reports and no budget

AI overlay that reads anything on your screen (invisible to screen capture)

Show HN: Seafloor, be up and running with OpenClaw in 20 seconds

Tesla turbine-inspired structure generates electricity using compressed air

State Department deleting 17 years of tweets (2009-2025); preservation needed

Learning to code, or building side projects with AI help, this one's for you

Effulgence RPG Engine [video]

Five disciplines discovered the same math independently – none of them knew

We Scanned an AI Assistant for Security Issues: 12,465 Vulnerabilities

Amazon no longer defend cloud customers against video patent infringement claims

Show HN: Medinilla – an OCPP compliant .NET back end (partially done)

How Does AI Distribute the Pie? Large Language Models and the Ultimatum Game

Resistance Infrastructure

Fire-juggling unicyclist caught performing on crossing

Restoring a lost 1981 Unix roguelike (protoHack) and preserving Hack 1.0.3

GPS and Time Dilation – Special and General Relativity

Show HN: Witnessd – Prove human authorship via hardware-bound jitter seals

Show HN: I built a clawdbot that texts like your crush

Scientists reverse Alzheimer's in mice and restore memory (2025)

Compiling Prolog to Forth [pdf]

Show HN: Cymatica – an experimental, meditative audiovisual app

GitBlack: Tracing America's Foundation

That Time Ken Thompson Wrote a Backdoor into the C Compiler

Comments