OK, so long as you're not involved with the maemo tool-chain, I suppose that works. And I won't bother with the rant, since you clearly understand the issues. I still don't see a real need for it, though, because I can't come up with any scenario where an attacker gains by modifying the daemon. WRT Joe's snooping ways, if it's open source (and I'm completely in favor of that), he can just rip the camera-snapping and non-light-flashing bits out and make it redirect to local storage, or (if he's on a week-long business trip and doesn't have an SD) upload with mail, sftp, or whatever -- he doesn't really gain anything by using a hacked daemon with the server. Supposing you go with the hash, there are ways different binaries would be generated (e.g. 770 vs. N8x0, linked against different libraries for different OSes), so you'd need a table of trusted hashes. And I build on the tablet, so my binaries might be different. I'm not prepared to be that untrusting, if various others are compiling and matching your binary, but I just don't like the idea, especially when I (perhaps for want of imagination) can't see any bad scenario it helps avoid...
(BTW, wasn't SHA-1 broken a couple years back? Something like 2^60-something instead of 2^80 for a collision, if my memory serves well. Not sure if that result gains anything for matching an existing hash, and it's still not much of an issue if it's 2^130 for matching , but it might not be the best choice.)