Surely there was never a better argument for open source than this
I'm really not trying to start a flame war, but consider how hard it would be to infect an application that is recompiled on the target computer as part of the installation.
Some form of compromise/infection surely can be done, but wouldn't it be harder to do, and much easier to fix if you could simply recompile?