Kirc – A tiny IRC client written in POSIX C99

[chriszhang]

What are Ken Thompson attacks? I searched online but did not find anything informative. Can someone explain what these attacks are?

[boogies]

Which search engine? DuckDuckGo had a useful result right at the top https://duckduckgo.com/?q=Ken+Thompson+attacks > https://softwareengineering.stackexchange.com/questions/1848... (although the answer to the linked question https://softwareengineering.stackexchange.com/questions/1947... explained better to me).

[a1369209993]

They're actually called trusting trust attacks (the original paper on the topic is "Reflections on Trusting Trust" if you want a guarranteed search term); I'm not sure why userbinator used a eponym instead.

I'm also not sure why they would be relevant for a general project, since the source language being easy to write a alternate compiler for only matters for the compiler itself: once you have non-infected compiler, you can bootstrap gcc or whatever and compile everything else at whatever C standard you like.

[userbinator]

I'm not sure why userbinator used a eponym instead.

It's the first thing that came to mind when I thought of the concept. Perhaps this discussion may yield some additional insight: https://news.ycombinator.com/item?id=24385389

[Macha]

See "Reflections on Trusting Trust"