From e18e5b3d2559f5f0395ffe79416cdca3abc89310 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 14 Feb 2021 16:01:15 +0000
Subject: Start restructuring for Pelican

---
 pelican/content/AssuredTooChain.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 pelican/content/AssuredTooChain.md

(limited to 'pelican/content/AssuredTooChain.md')

diff --git a/pelican/content/AssuredTooChain.md b/pelican/content/AssuredTooChain.md
new file mode 100644
index 0000000..89ea7d9
--- /dev/null
+++ b/pelican/content/AssuredTooChain.md
@@ -0,0 +1,16 @@
+# Issues of an Assured Tool-Chain
+
+We do not have any assurance that our basic tools are not compromised.
+
+* Compilers
+* Operating Systems
+* Hardware Platforms
+* Verilog and Other Tools to Produce Chips
+
+
+At the base, is the compiler.  The fear was first formally expressed in
+Ken Thompson's 1984 Turing Award Lecture
+[Reflections on Trusting Trust](http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf).
+
+David A. Wheeler's PhD thesis, [Fully Countering Trusting Trust through Diverse Double-Compiling](http://www.dwheeler.com/trusting-trust/)
+outlines how we might deal with the compiler trust conundrum.
-- 
cgit v1.2.3