Re: Trust?
"I can't think of any realistic solution other than that all security related software and firmware be open source so that hiding back doors isn't so easy, and that customers install it themselves after downloading it from known good sources and verifying the hashes."
But you still need hardware to run it on. If the NSA install a hypervisor in your BIOS or boot ROM, your open source software will happily run in an environment which captures all the traffic but is none the wiser.