From: Jerry Kreps
Date: Sat, 2 Dec 2000 15:21:57 -0600
Message-Id: <00120215215700.22322@JLKreps>
Subject: A very interesting paper by Ken Thompson..
http://www.acm.org/classics/sep95/
"Moral
The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level
verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on
any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to
detect. A well installed microcode bug will be almost impossible to detect. "
<p>
--
Scientific theories, according to Sir Karl Popper, can be "falsified," or proven wrong, by experiment.
Unscientific theories -Marxist dialectical history and Freudian psychology were Popper's favorites-
are formed in such a way that they cannot be falsified by data.
