Hack images, store outputs in git again for now

Easier to track what each script change does if we keep the before and after versions of the markdown in git too. Clean this up eventually, but simplifies development.
author: Rob Austein <sra@hactrn.net> 2021-02-14 01:55:38 +0000
committer: Rob Austein <sra@hactrn.net> 2021-02-14 01:55:38 +0000
commit: b58c60bcc4a6f3d3ccf4194ef862a808fdc3313b (patch)
tree: ad43c2b937db286c2b3320b57066a9581264444a /markdown/AssuredTooChain.md
parent: 23bb68fe7e9cc8af176ff60b56e8a51a70f05a89 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/markdown/AssuredTooChain.md b/markdown/AssuredTooChain.md
new file mode 100644
index 0000000..89ea7d9
--- /dev/null
+++ b/markdown/AssuredTooChain.md
@@ -0,0 +1,16 @@
+# Issues of an Assured Tool-Chain
+
+We do not have any assurance that our basic tools are not compromised.
+
+* Compilers
+* Operating Systems
+* Hardware Platforms
+* Verilog and Other Tools to Produce Chips
+
+
+At the base, is the compiler.  The fear was first formally expressed in
+Ken Thompson's 1984 Turing Award Lecture
+[Reflections on Trusting Trust](http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf).
+
+David A. Wheeler's PhD thesis, [Fully Countering Trusting Trust through Diverse Double-Compiling](http://www.dwheeler.com/trusting-trust/)
+outlines how we might deal with the compiler trust conundrum.
author	Rob Austein <sra@hactrn.net>	2021-02-14 01:55:38 +0000
committer	Rob Austein <sra@hactrn.net>	2021-02-14 01:55:38 +0000
commit	b58c60bcc4a6f3d3ccf4194ef862a808fdc3313b (patch)
tree	ad43c2b937db286c2b3320b57066a9581264444a /markdown/AssuredTooChain.md
parent	23bb68fe7e9cc8af176ff60b56e8a51a70f05a89 (diff)