Basically, he's inventing an oracle against the original problem by limiting the
scope of the attacker. That may be quite fair in practice, but I somehow feel it
still misses the point of the original "Reflections on Trusting Trust" to say that
he's solved the problem posed by it. To make it crystal clear, let me quote from
Ken Thompson's conclusion:
"The moral is obvious. You can't trust code that you did not totally create
The DDC technique does not solve that problem in principle, it seems clear to
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds