Boom

Kottke links to the classic Ken Thompson compiler hack that shows how there's no such thing as trustworthy computing unless you write your own compiler and compile all your software from source; otherwise, you are vulnerable to backdoors embedded by a possibly malicious compiler.

It reminded me of my favorite trojan horse story, perpetrated by the pranksters at the CIA:

The American intelligence community participated in a more subtle response [to coordinated Soviet technology espionage], instigating an operation of disinformation and faulty technology transfer. The most famous incident was the sabotage of the new trans-Siberian pipeline, which delivered natural gas from the Urengoi gas fields in Siberia into the West.

The Soviets needed sophisticated control systems to automate the operation of the pipeline's valves, compressors, and storage facilities. As the United States was unwilling to provide the necessary technical infrastructure to operate the pipeline, a KGB operative was sent to infiltrate a Canadian software supplier in an attempt to steal the needed software.

The CIA was tipped off by [a Soviet defector] and informed the Canadians about the attempted theft. The U.S. then delivered doctored software through Canadian software firms into Russian hands. This software, designed to run the pumps, turbines, and valves, was a Trojan Horse programmed to malfunction after a period of smooth running. The malfunction would reset the pump speeds and valve settings to produce pressures that were far beyond those acceptable to the pipeline joints, and welds.

The result was the greatest non-nuclear explosion ever seen from space, rated at around three kilotons by the Air Force Chief of Intelligence. There were no casualties of the pipeline explosion, but significant damage was made to the Soviet economy. In time, the Soviets came to realize that they had been stealing faulty technology, but this only exacerbated the situation. As they did not know which technology was sound and which was doctored, all became suspect.

According to an NPR interview with (I think) Richard Clarke, the White House thought that the Soviets had conducted a nuclear test until the CIA let them know what really happened. Now that's just good old-fashioned fun.