Comment Re:Compiler Vulnerability (Score 1) 255
If Huawei's code requires anything more than generic gcc, Australia may not be able to verify 100% security, regardless... unless they're given the source code to the compiler as well.
That wouldn't help, since the compiler recognizes its own source as well, and puts the compiler backdoor in the resulting compiler executable. So the bad compiler source code is only needed initially to create a compromised compiler executable, and can be cleaned up afterwards.