You can't trust code that you did not totally create yourself.... No
amount of source-level verification or scrutiny will protect you from
using untrusted code. In demonstrating the possibility of this kind of
attack, I picked on the C compiler. I could have picked on any
program-handling program such as an assembler, a loader, or even
hardware microcode. As the level of program gets lower, these bugs will
be harder and harder to detect. A well installed microcode bug will be
almost impossible to detect.
-- Ken Thompson "Reflections on Trusting Trust."
Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.
referred to on the home page of the IEEE
"Voting Equipment Standards" project (Project 1583)
http://grouper.ieee.org/groups/scc38/1583/p1583_-_resource_list.htm as
the "classic paper that shows how viruses can be concealed even if
source code is thoroughly checked"