To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software. ACM
This classic paper by Ken Thompson introduces the idea that as a software developer you have to trust your compiler. However your compiler could add behaviour to your program without you realising it.
There's a counter called Diverse Double-Compiling.