I agree, you'd need a way to verify every machine is running the the open source software. The risk are too great you'll fail and the rewards for anyone that can hack the machines too great.

To say a machine hasn't been hacked is trying to prove a negative.