The suspension of disbelief was completely lost when they decided to recreate the compiler from scratch instead of downloading another non-infected compiler.
Its as if everything was dependent on a single compiler(the tone hints its GCC) and single website(probably some GNU mirror).
Heck if their company could afford it, they could just get Intel C/C++ compiler.
Trusting Trust exploit only works in isolated machine that can't read USB drives, CDs, and no network connections. They could copy the compiler on USB stick,diskette whatever and replace the infected one.
Or just boot from rescue CD/USB and reinstall everything infected.
Your comment assumes their application requires standard C with no compiler-related extensions or modifications. GCC itself doesn't fit that profile these days from what comments I've read. I'd love it if you could compile a current version of GCC from any C compiler since it would help counter the category of attack in the story. Also, the people so good at this attack that they hit GCC could also hit Intel if it can compile GCC (idk). They'd hit whatever few, big-time compilers people depend on if aiming this high. The solution wouldn't be that easy on supplier side since one doesn't know how far the attack goes.
On user side, much easier to deal with as we have piles of compiler code and binaries to work with going way back. Well, simpler if not easier.
