David, I haven't read the original attack description recently, but; I seam to remember that the ability of the tampered compiler to inject malicious code could be stateful. Either a timing attack, or a attack after n-builds, so that malicious code is injected in an arbitrary, pseudo-random, less detectable way. Also, that this code would be injected based on compiler state conditions (like after keywords indicated that the code may be network based). I haven't read your paper, yet; but; I'd be interested know where you'd plan to discuss scenarios where your counter attack would fail. Thank you. Best regards, -- Mike
