I got obsessed with this paper recently, to the point where I have read most of the "Unknown Air Force Document" that Thompson references with giving him the idea of Trojan horse. The document was later identified and is declassified and publicly available [1].
> If one reads the original paper, one only finds a description of this attack as a thought experiment, leading one to conclude that any claim of a real-world attack by Thompson was an urban myth due to exaggeration.
This is true although Thompson gives some tantalizing hints in the paper.
In the introduction, he writes " I would like to present to you the cutest program I ever wrote." So he definitely wrote it and at least played around with it.
Later on in the "Moral" section, he writes "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.)"
This appears to be an admission but not quite strong or direct enough to validate he implemented and used the Trojan horse so it is great to read this post.
> If one reads the original paper, one only finds a description of this attack as a thought experiment, leading one to conclude that any claim of a real-world attack by Thompson was an urban myth due to exaggeration.
This is true although Thompson gives some tantalizing hints in the paper.
In the introduction, he writes " I would like to present to you the cutest program I ever wrote." So he definitely wrote it and at least played around with it.
Later on in the "Moral" section, he writes "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.)"
This appears to be an admission but not quite strong or direct enough to validate he implemented and used the Trojan horse so it is great to read this post.
[1] https://csrc.nist.gov/csrc/media/publications/conference-pap...