All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Ken Thompson's 1983 'Reflections on Trusting Trust' Lecture and Its Relevance to Modern Supply Chain Security

By

naves

6mo ago· 27 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Sesame, salt, and substance. A flagship bake.

Score100TypeanalysisSentimentneutral

Summary

The article discusses Ken Thompson's 1983 Turing Award lecture 'Reflections on Trusting Trust,' which addressed supply chain security long before the term became popular. It explores how Thompson demonstrated that compilers could be compromised to insert backdoors, creating a 'trusting trust' problem where we must trust the tools that build our software. The article examines the historical context, technical details of Thompson's compiler hack, and its modern relevance to software supply chain security.

Key quotes

· 4 pulled
Supply chain security is a hot topic today, but it is a very old problem.
Ken Thompson chose supply chain security as the topic for his Turing award lecture, although the specific term wasn't used back then.
It is a classic paper, and a short one (3 pages); if you haven't read it yet, you should.
The field of computer science was still young and small enough that the ACM conference where Ken spoke was the 'Annual Conference on Computers.'
Snippet from the RSS feed
Supply chain security is a hot topic today, but it is a very old problem. In October 1983, 40 years ago this week, Ken Thompson chose supply chain security as the topic for his Turing award lecture, although the specific term wasn’t used back then. (The f

You might also wanna read

How Computing Abstractions Can Obscure Understanding and Blind Developers

This article reflects on how abstractions in computing, while making programming more accessible, can obscure understanding of underlying sy

jdgr.net·28d ago

SHRDLU: Terry Winograd's Pioneering Natural-Language Understanding Program (1968-1970)

SHRDLU is an early natural-language understanding computer program developed by Terry Winograd at MIT between 1968-1970. It allowed users to

en.wikipedia.org·1mo ago

KERNHELM: Plan-Bound Authorization Architecture for Governing Privileged Effects in Untrusted AI Agents

The article presents KERNHELM, a plan-bound authorization architecture designed to govern privileged effects in untrusted computational agen

github.com·3mo ago

Learning Fortran: Exploring One of the Oldest Programming Languages Still in Use

The article is a personal account of the author's decision to learn Fortran, one of the oldest programming languages, instead of more modern

uncenter.dev·5mo ago

Reflections on 50 Years of Proof Assistants in Computer Science

The article reflects on 50 years of proof assistants in computing, tracing their evolution from early systems like LCF to modern tools like

lawrencecpaulson.github.io·5mo ago

Technical Analysis of ARM Pointer Authentication Code (PAC) Security Feature

This technical article provides an in-depth exploration of Pointer Authentication Code (PAC), an ARM architecture security feature that sign

preludesecurity.com·6mo ago