[judge2020]

We don't know the code of HN but we trust it because we can see the inputs, outputs, and trust the admins running it. A lot of people trust Google/Apple for the same reason to keep their devices secure but are aware that they might need to stay up-to-date and give up freedom [to install unverified apps] to achieve that security.

[specialp]

HN also does not have a microphone sitting here for me constantly listening for me to say "OK HN, post response". It is running as a pull HTTP connection in a sandboxed browser. I do not need to imply any trust in them provided they don't have some zero day exploit running to escape my browser and hijack my system.

Just as if my location/microphone were able to be physically turned off on my phone I would not have to trust that someone isn't always listening in on me. If I can't do that it is not unreasonable not to trust it. There have been plenty of instances of these things being abused.