I remember having read a story about a programmer that encountered a weird error - his program was spitting out racial slurs in its output. The issue turned out to be a malicious version of the compiler, but somehow after removing it it got back to the system, and what should take only a few minutes turned into days and days of trying to find the culprit.<p>I've been searching long and hard but cannot seem to find it. I hope that what little I remember from it is enough and some kind soul will help me find the original article online... :)
This story strikes me as likely to be exaggerated or invented. It is exactly the scenario described in Ken Thomson's Reflections on Trusting Trust. But unlike Thomson, who was developing the compiper, there is no reason a random grad student would have access to recompile the compiler. And if the student gained root access to replace system binaries, why would they bother making the compiler reinfect itself on recompilation?
Related to the question, another nice short story posted some time ago on HN about hacked compiler code
<a href="https://www.teamten.com/lawrence/writings/coding-machines/" rel="nofollow">https://www.teamten.com/lawrence/writings/coding-machines/</a>
I mentioned this "malicious version of compiler" on my web page about my approach for <i>countering</i> the trusting trust attack. See: <a href="https://www.dwheeler.com/trusting-trust/" rel="nofollow">https://www.dwheeler.com/trusting-trust/</a>