Not going to read the whole article because I should be doing work, but...
The Ken Thompson hack is not undefeatable. You can detect it using a cross compilation technique comparing the binary output with a clean complier. I think you have to about 4 compilations to figure out if you're infected, but then you don't know which one is infected and which one isn't. You will need more data points to compare. Disassembling the binary would help as well if you know what you are looking for.
Yeah I discuss this at the end of the post. Will link it here:
The current best known defense is Diverse Double-Compiling (DDC), introduced by David Wheeler in 2009. To briefly summarize DDC uses different compilers of the same language to test the integrity of a chosen compiler. In order to pass this test the attacker must have modified all the selected compilers beforehand to insert backdoors into each other, which is a decent amount of work. DDC is a good idea but it has 2 shortcomings that come to mind. The first is that DDC requires all selected compilers to have reproducible builds, meaning that each compiler always generates the exact same executable given the same source code. Reproducible builds aren’t very common because compilers by default include things like timestamps and unique IDs in their builds. The second shortcoming is that DDC becomes less effective for languages that only have a few compilers. Also DDC can’t even be applied to newer languages like Rust with only one compiler. In summary, DDC isn’t a silver bullet and the Thompson attack is still considered to be an open problem.
How do you know the other compiler is "clean"? That just begs the question. Also, different compilers could produce different, equally valid instructions, such as debug vs. release builds.
There are malware analysts who are good at finding sophisticated malware in binaries. They could probably locate suspicious code that could be obfuscated malicious code.
Other than that, if you can't trust any of the compiler vendors (which makes things like checksums on an HTTPS website useless), you'll have to write your own. What about the firmware of the machine you're writing your clean code on? Taking this argument to its logical conclusion makes the idea of developing even simple software astronomically expensive.
This is why I think some things in life should not be digitized e.g. electronic voting.
Nobody can realistically know if all of the components from hardware to software is clean. And the more technical you are, the more you realize how many attack surfaces there are. It's impossible to verify everything and you just have to blindly trust that it's all safe.
You assert that the other compiler won't contain the exact same backdoor, not that it contains no backdoor.
> different compilers could produce different, equally valid instructions, such as debug vs. release builds
The binaries you're comparing are output by two instances of the same compiler codebase (each instance created by a different compiler). So as long as that compiler is deterministic, each run should have the exact same output.
The Ken Thompson hack is not undefeatable. You can detect it using a cross compilation technique comparing the binary output with a clean complier. I think you have to about 4 compilations to figure out if you're infected, but then you don't know which one is infected and which one isn't. You will need more data points to compare. Disassembling the binary would help as well if you know what you are looking for.