[RC5] My head is going to explode...

gindrup at okway.okstate.edu gindrup at okway.okstate.edu
Tue Nov 18 20:59:16 EST 1997


     Well, *actually*...  As Dennis Ritchie has pointed out, some early 
     versions of logind and cc contained code to implement a backdoor in 
     the login.  cc had been altered to recognize logind's source and 
     introduce the backdoor.  cc had also been altered to recognize it's 
     *own* non-backdoored source and introduce the recognizer backdoors.
     
     This way:
     1) The compiler always inserted the code into new versions of itself 
     without anything visibly wrong in the input source and
     2) logind always contained the backdoor, again without anything 
     visibly wrong in the input source.
     
     This is generally a hard hack to do on widely disparate systems.  I 
     could imagine that gcc has something like this.  However I doubt it 
     would contain a Bovine client recognizer.  (Not to be too paranoid, 
     but the original core compiler port to a new platform could be the 
     introduction vector of such a self-sustaining backdoor.)
     
     Now as long as
     1) Bovine doesn't specify which compiler I use to compile their code, 
     and
     2) Dennis Ritchie :) doesn't get involved in the development effort,
     then I don't think there's anything like this to worry about.
            -- Eric Gindrup ! gindrup at okway.okstate.edu


______________________________ Reply Separator _________________________________
Subject: Re: [RC5] My head is going to explode... 
Author:  <rc5 at llamas.net > at SMTP
Date:    11/18/97 7:05 PM


Actually, it's completely logical. By reviewing the source code for a program 
you
are going to be running and then compiling it yourself, you eliminate the 
possibility
of a Trojan causing havoc on your system.
     
It's not at all common in the Windows world, but Unix people have been doing 
it for decades.
     
     Ian Samuel (bofh2 at devcom.net) - Proud Founder of TTM 
     [snip]


--
To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list