Subject: Re: DEC uses NetBSD
To: Ty Sarna <tsarna@endicor.com>
From: John F. Woods <jfw@jfwhome.funhouse.com>
List: current-users
Date: 03/20/1997 13:58:43
>. Remember dmr's (I think?) great login trojan?

Ken Thompson, ACI Turing Award Lecture for 1984, "Reflections on Trusting 
Trust."  http://www.cs.umsl.edu/~sanjiv/sys_sec/security/thompson/hack.html

It was a combination login and C compiler trojan, too, so not only do you have
to verify the source for login and the C compiler, you have to verify the
*binary* for the C compiler, the binary of the tool you use to examine the
binaries, the actual hardware on which you run the binary of the tool you
use to examine the C compiler binary, ...