* Posts by John Bowles

2 publicly visible posts • joined 18 Jan 2008

US military prepares for plummeting spy satellite

John Bowles

Shoot it down...

Because the best way to minimize damage from a falling object is to make lots and lots of falling objects!

I especially like the low yield nuke comment. Radioactive falling objects! Yay!

The ignorance in these comments is astounding.

"The Moon is tidally locked to Earth, the same side is always pointing to Earth. Where you land if its day, it'll stay day, no 14 day nights..."

Go outside every few days, and look at the moon. Keep in mind your always seeing the same side. You might notice something - its not always a full moon.

Mass web infection leaves researcher scratching her head

John Bowles

@ A J Stiles

Until someone slips code into GCC.

Its been done before, as a proof of concept.

A backdoor was inserted into the 'login' program on a Unix system - this was detectable in the source, however, so he modified the compiler to insert the backdoor at compile time. Clean source built with that compiler would still have the backdoor.

He went even further though - the backdoor code was still visible in the source code for the compiler, so he modified the compiler further, to insert the backdoor in itself when compiled.

He then built a new compiler with fresh, unmodified code and his hacked compiler. This produced a compiler from clean source that contained the backdoor, and would insert the backdoor in any copy of the compiler that it compiled, and any of those compilers would insert the backdoor in 'login'. No source code audit would ever detect it.

Starting fresh from source still needs a compiler, and that compiler can be enough to exploit the entire system.

Not saying it'd be easy to do, but a compile only system doesn't protect you from everything.