Your browser can auto-update, your OS can have backdoor, drone and satellite can fly over our heads and observe our every moves. The safest way is to hide in a cave and put on tin foil hat. If one does not trust the service provider, then don't use their service. Similarly, if one cannot trust their ISP, then stay offline. Trust is critical in many things in life. If we cannot trust anyone anymore, then we have to build everything ourselves. Shit, is the cup of water in front of me safe to drink?
There's a huge range of possibilities between "I don't trust anyone and use only a CPU I made by hand and software I wrote bit by bit" and "I execute everything blindly that shadyapp.com sends me daily".
Debian for example has people review everything that goes into the package repositories, has policies about what types of things are allowed, and the history of packages on the repository can be inspected. An app developer couldn't selectively deliver a malicious key-leaking version of an application to an individual user running Debian with the application installed from Debian's repository.
If one is paranoid, why trust the "people", while View Source is simply a click away. As long as one is low enough in the overall software/hardware stacks, selectivity is really not that difficult to achieve. Protection comes in layers, there is no such thing as absolute security.
