Over the last few months, we’ve been fuzzing solc, the standard Solidity smart contract compiler, and we’ve racked up almost 20 (now mostly fixed) new bugs. A few of these are duplicates of existing bugs with slightly different symptoms or triggers, but the vast majority are previously unreported bugs in the compiler. This has been […]| The Trail of Bits Blog
Running the “Reflections on Trusting Trust” Compiler| research.swtch.com
Ken Thompson's "Trusting Trust" compiler Trojan attack was not just a thought experiment. In fact, Usenet poster Jay Ashworth stated that, from personal communications, Thompson really did launch this attack in real life and successfully compromised the Unix Support Group at Bell Labs. Recently, I've rediscovered this original message with full message headers in a search effort using various Usenet archives, showing the authenticity of the post.| niconiconi.neocities.org