This is a classic paper on reproducible builds, everybody is working on since. Better overview: http://www.dwheeler.com/trusting-trust/
Older discussion, 7 years ago:
* https://news.ycombinator.com/item?id=1104338