One scenario that I always thought would be interesting is turning developer workstations into attack vectors. Think about it – most Windows developers run as local administrators on their computers, making it that much easier to compromise their computers. Instead of simply sending your virus payload via their address book, what if you infected their compiler / linker instead? Now any program that they compiled could have a back door conveniently installed for future exploitation.
I’m doing a long commute (>100 mile) this week so I’ve been entertaining myself by listening to Anthony Joseph’s most excellent CS 162 Operating Systems class during the drive. I just listened to his final lecture today on Cyber Security Attacks, and was amazed to find out that this attack vector was first created by none other than Ken Thompson!
You should definitely read Ken’s Turing Award speech, where he describes using a two-phase trojan to infect Unix’s C compiler. The key idea is that the compiler binary contains the code modifies the compiler. The modified compiler in turn looks to see if you’re compiling the Unix login function and if you are, it inserts a backdoor to let Ken log in to your computer.
This attack vector is insidious because no amount of source code inspection will reveal its presence. So the question is: who can you trust? Are you going to inspect the microcode of your CPU to make sure that there isn’t a trojan there as well?
