If you are commenting about the mere possibility, then this statement is false, it is always possible. Most activity can be considered as surveillance if the data analysis and association changes.
How can you say the binaries are generated from the same code that is shown to the government? Also different updates, architectures, versions, or platforms. At the end of the day, closed source is blind trust, nothing else.
We can, companies won’t, as simple as that. They value code as their precious wealth, they won’t leat multiple organisations to look at the code because implementation matters in some places than code.
security research isn’t that simple, all companies do internal pen-testing and still, vulnerabilities keep getting discovered.
Yeah, this sounds totally piointless, a govt/NGO will have to abide by the law like Patriot Act for “lawful surveillence” essentially making it pointless.
If they wanted to, they could have open-sourced with patent and usage restrictions. The “Free” in “Free and open source” doesn’t mean it costs nothing, it means you are free to tinker with it, modify or redistribute it according to license. Free is indicative of your freedom with what you choose to do with the code, not payment/cost.
You can read the difference between “free” and “open-source” here
This is the important part
To understand the concept, you should think of “free” as in “free speech,” not as in “free beer”.
Most people think free software is costing nothing, while it is not. For example, chrome is not “free” software, even though you don’t pay to use it, you are forbidden to tinker/modify it.