• 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    6 months ago

    You know the best way to analyze a submission to the OCCC? Compile it, then run the result through a disassembler. You get back far more readable code than the source.

    But you’re right; reading code isn’t easy; I meant relatively. If you have government-level resources and can hire a bunch of experienced software developers to review source code, armed with a bunch if static analysis tools (<cough>NSA), you have a decent chance of finding malicious code in software. I know of no similar tools (and the automated software analysis tools are the important factor) for finding backdoors in hardware.