A catch-22 when it comes to trusting code

26 November 2009

The following quote is from Ken Thompson’s ACM Turing Award Lecture: Reflections on Trusting Trust (1984).

You can’t trust code that you did not totally create yourself. (Especially code from companies that employ people like me.)

On 15 October 2009, Basil Vandegriend [1] posted an item in which he asked the following.

Would you trust your life to your code?

I pondered Basil’s query and concluded that my answer was “no.” Upon reflection, I’ve never unconditionally trusted the code that I’ve written. Many of my fellow programmers would immediately blame software glitches on hardware (or “stupid” users), but software was always my initial suspect.

A catch-22: Thompson is correct and you don’t trust your own code.

[1] Basil Vandegriend is a “senior software developer and architect specializing in Java and enterprise business software located in Edmonton, Alberta, Canada.”

Bell-Labs.com::Reflections on Trusting Trust