[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Snowden and Compilers



I could see them more easily subverting chip designs themselves then trying
to subvert the entire compiler ecosystem.


On Tue, Feb 11, 2014 at 2:05 PM, CypherPunk <[email protected]> wrote:

>
> On 02/11/2014 01:32 PM, Rich Jones wrote:
> > In all of the Snowden docs that have been released so far, has anybody
> > seen any mention of any NSA programs designed to subvert compilers?
> >
> > Compilers seems like an extremely prime target for manipulation, but as
> > far as I am aware there hasn't been anything mentioned about this yet.
> > Has anybody here heard anything that I haven't?
>
> Given that compilers are both a fairly easy to attack and amazingly
> convenient target, it wouldn't surprise me if the NSA has subverted a
> few specific compilers that are in common use. An attack of this nature
> has been hypothised since the early to mid-1980's. They would have to be
> amazingly dense not to have at least considered it.
>
> On the flip side, the NSA likes to do things where it has the least
> opportunity to be caught. Compiler subversion, while not "easy" to catch
> by any means, might offer too big a risk of being caught for them to do
> it. Being that they have a multitude of weirdly named programs
> specifically set up to compromise software, the evidence would lean
> towards they haven't done it but I'm sure it was, at the very least,
> discussed.
>



-- 
Kelly John Rose
Toronto, ON
Phone: +1 647 638-4104
Twitter: @kjrose
Skype: kjrose.pr
Gtalk: [email protected]
MSN: [email protected]

Document contents are confidential between original recipients and sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140211/b5a3d97a/attachment.html>