Comment Re:Open source? (Score 1) 215
> It also assumes you have such a trusted compiler. This has always been the tough part.
When Thompson wrote the original paper, it was tough. In the meantime, many more compiler options have arisen, and the complexity (measured in size of injected, specialized code) of Thompson's "attack" is O(n^2) where n is the total number of compilers to be compromised. When you combine this fact with the now-documented aversion of the NSA to having its methods uncovered, one quickly comes to the conclusion that it's not very likely that DCC is unproductive because all (or even most) combinations of compilers have been trojaned.