This argument sounds so familiar to me. Isn't it the same reason why Itanium should be very easy to adopt, "just recompile".

You don't have to add any logic for the backdoor. Instead, you just intentionally leave a sutble zero day exploid "bug"unpatched in your chip. It is almost impossible to catch by scanning. You essentially need to have a program that can detect all the security vulnarabilities. If you can create it, I am pretty sure Microsoft are willing to pay you millions for the technology. Even if your scanner can detect it, it is just a "bug" right? And anybody has bugs.