Snowden and Compilers
Kelly John Rose
iam at kjro.se
Tue Feb 11 13:47:01 PST 2014
I could see them more easily subverting chip designs themselves then trying
to subvert the entire compiler ecosystem.
On Tue, Feb 11, 2014 at 2:05 PM, CypherPunk <cypherpunk at cpunk.us> wrote:
>
> On 02/11/2014 01:32 PM, Rich Jones wrote:
> > In all of the Snowden docs that have been released so far, has anybody
> > seen any mention of any NSA programs designed to subvert compilers?
> >
> > Compilers seems like an extremely prime target for manipulation, but as
> > far as I am aware there hasn't been anything mentioned about this yet.
> > Has anybody here heard anything that I haven't?
>
> Given that compilers are both a fairly easy to attack and amazingly
> convenient target, it wouldn't surprise me if the NSA has subverted a
> few specific compilers that are in common use. An attack of this nature
> has been hypothised since the early to mid-1980's. They would have to be
> amazingly dense not to have at least considered it.
>
> On the flip side, the NSA likes to do things where it has the least
> opportunity to be caught. Compiler subversion, while not "easy" to catch
> by any means, might offer too big a risk of being caught for them to do
> it. Being that they have a multitude of weirdly named programs
> specifically set up to compromise software, the evidence would lean
> towards they haven't done it but I'm sure it was, at the very least,
> discussed.
>
--
Kelly John Rose
Toronto, ON
Phone: +1 647 638-4104
Twitter: @kjrose
Skype: kjrose.pr
Gtalk: iam at kjro.se
MSN: msn at kjro.se
Document contents are confidential between original recipients and sender.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2297 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140211/b5a3d97a/attachment-0001.txt>
More information about the cypherpunks
mailing list