But if you compile everything (and your toolchain is clean), then any "bad stuff" must be out there in the source. Even if you don't check it, you can hope someone else will notice if there's anything in there. And that's actually (a little) better than using pre-compiled binaries, in the case where binaries for your platform are available from some 3rd party. You may trust the project maintainers more than some random dude who's offering you the convenience of pre-built binaries.

But with most projects, that's not the case; if you won't even look through the source, you may as well use any binaries provided by the project itself, because you obviously trust them.

This line of discussion makes me think: Fanoush probably pwns all our N800s, doesn't he? Actually, I'm waiting on boot menu till I get time (boot menu + OS2008 on my N800: ETA next week), so I'm safe.