Re: [Trisquel-users] How to be sure that the source code I see is the source code I get?

[onpon4]

I don't know, I think insisting on building everything from source yourself  
is a bit too paranoid. In general, I don't think people lie about the source  
code; if they don't want you to see, they simply withhold the source code  
altogether. Why go through the trouble of changing the code you show people  
to remove malicious features when you can withhold the source code altogether  
to hide the malicious features? Besides, someone is probably going to find  
out if you do such a thing, and that would completely shatter your  
reputation.

I can think of one real possible concern: if a program is compiled with a  
nonfree compiler (e.g. a nonfree C compiler), then there's no way to be sure  
that the compiler itself doesn't insert malicious code (against the language  
standard). This would be a valid concern in my opinion on a  
Windows-compatible free system since Visual Studio is commonly used to  
compile C and C++ programs on that platform, but nonfree compilers are not  
usually used for Unix systems these days (I'm not even aware of any), and  
there isn't a very good free Windows-compatible system (ReactOS fits into  
that category, but it's not in a state where it's really usable).