Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Zig specifics aside… build it from source using what? Another compiler. Okay, so you can compile that one from source. But what does that? Another compiler.

Unless you’re recording memory contents and executing instructions by hand, you’ve just discovered the Ken Thompson hack. At some point the pragmatic thing is to trust some bits from a trusted source (e.g. downloaded from an official repo w/ a known cert, etc.).



Rice's Theorem makes the Ken Thompson hack impossible in general. He only executed his hack in a single short-term demonstration against a specific target, but it's not possible to make a "long-con" against an open-source project with lots of activity and lots of people building it even if you find a way to infect nearly all of those people.


You just need 1 compiler written in assembly, and work your way up from there.

C17 -> assembly of your choice, written in assembly

Zig -> C17 “transpiler”, written in C17


Why do you trust the assembler you got from somewhere any more than a compiler?


Because hand written assembly is readable!


I believe GP used assembler to refer to the program which reads your hand-written assembly and produces a binary. That program was presumably given to you so you need to trust it.

No, the only way to solve this problem is to start with a computer entirely devoid of code and bit-bang your assembler into the machine with switches, the way the first users of the MITS Altair did it.


You can also bootstrap the way lisp did and write the fist compiler in the language and get a bunch of grad students to hand-compile it.

But, yeah if you don't have a bunch of grad students at the ready, an assembler hand-written in machine code is the only option if you want to trust the entire stack. Though I'm not sure what that would get you. I don't know of any higher language compilers that are written directly in assembly these days, so you'd never be able to compile your C/C++ compiler.


There was a C compiler written in assembly posted on HN 4 years ago [1]!

So yeah, if you wanted to, you could bit-bang an assembler capable of assembling a simple C compiler, then in your simple subset of C you could implement a full C compiler, and from there you can do anything you want!

The grad student approach also sounds interesting. A basic Lisp interpreter can easily fit on a single letter-sized sheet of paper. A single person could hand-compile that, it would just take longer. But, if you're living alone in a cabin in the woods with your own hand-built computer and a personal library of computer books in hard copy, that would be a totally feasible project.

[1] https://news.ycombinator.com/item?id=17851311


I wasn't aware that there were any existing C compilers made in asm for modern architectures. I guess I shouldn't be too surprised.

That's cool, thanks for showing me.


It might be, but have you also validated the microcode executing it?

Or the Verilog/VHDL for the logic gates used by the CPU, for that matter?


Security is multifaceted.

Ideally, yes. But you still will be more secure than having multiple security holes.


See https://dwheeler.com/trusting-trust/




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: