“Reflections on Trusting Trust” is the lecture Ken Thompson delivered on accepting the 1984 ACM Turing Award, awarded to him and Dennis Ritchie for Unix, and published in the Communications of the ACM, Volume 27, Number 8, in August 1984. In a few pages Thompson lays out one of the most quietly alarming arguments in computer security.
He builds the idea in stages. First he shows a self-reproducing program. Then he describes teaching a compiler to recognize a particular pattern of source code and miscompile it, for example to insert a backdoor when it compiles the login program. The final move is the clever one: he teaches the compiler to recognize when it is compiling itself, and to reinsert both pieces of trickery into the new compiler binary. Once that is done, the malicious source can be deleted. The bug lives on in the compiler binary, invisible in every source listing, and is passed forward each time the compiler compiles a new version of itself.
Thompson draws the moral directly: you cannot trust code that you did not totally create yourself, no matter how carefully you read the source, because the tools that build it may themselves be subverted. Inspecting source code is not enough when the compiler beneath it cannot be trusted.
The lecture reframed software security as a question about the entire chain of tools, not just the program in front of you. Decades later its argument still drives work on reproducible builds and verifiable compilers, and “the trusting trust attack” remains a standard reference point whenever people argue about what it really means to trust a piece of software.