You can fight this by adding a code into the compiler source you have that detects a backdoor pattern in the resulting binary and wipes it off or just refuses to compile.
In response, Ken Thompson designs a compiler that detects the backdoor detection pattern in the compiler source and excludes that part from the resulting binary.
Until some clever guy writes a separate program that checks some critical binaries in the system for backdoors.
Ken Thompson's response is obvious: prevent such a program from properly detecting backdoors. The compiler becomes aware of such patterns too.
A clever guy writes a login program in the UNIX shell language [substitute with Lisp, Perl, Python or God forbid, Java]
Ken Thompson's compiler then becomes aware when it compiles the shell interpreter (or whatever compiler/VM).
Shortly before the end of the days Ken Thompson's compiler becomes aware of itself and whatever it compiles and screams "Mommy, I exist!"
(Actually, to prevent Ken Thompson's compiler to become self-aware, you may write a manual for system administrators in human language on how to manually detect malicious code in a compiler binary and how to modify it with some binary editor.)
In response, Ken Thompson designs a compiler that detects the backdoor detection pattern in the compiler source and excludes that part from the resulting binary.
Until some clever guy writes a separate program that checks some critical binaries in the system for backdoors.
Ken Thompson's response is obvious: prevent such a program from properly detecting backdoors. The compiler becomes aware of such patterns too.
A clever guy writes a login program in the UNIX shell language [substitute with Lisp, Perl, Python or God forbid, Java]
Ken Thompson's compiler then becomes aware when it compiles the shell interpreter (or whatever compiler/VM).
Shortly before the end of the days Ken Thompson's compiler becomes aware of itself and whatever it compiles and screams "Mommy, I exist!"
(Actually, to prevent Ken Thompson's compiler to become self-aware, you may write a manual for system administrators in human language on how to manually detect malicious code in a compiler binary and how to modify it with some binary editor.)