I am sorry, sulu, if I misunderstood or, worse, offended you. The way I see it, there were a few pages in this thread filled with:

1. You: "How can you be sure that [something or other] does what it says when no one outside Microsoft can see the code?"
2. Me: "How can you be sure that of any code, including FOSS? I know that someone can inspect FOSS code in theory, but are you sure that someone really does? Always?"
3. You and a handful of others: "The code is open, someone can."
4. Me: "Yes, I know that, but that was not my question. Are you sure that someone always does?"
5. You and a handful of others: goto 3

You can only go around the loop so many times before it gets tedious

But, as I admitted above, I might have misunderstood you, in which case I apologize.

At the end of the day, it is a matter of trust. You implicitly distrust Microsoft and trust FOSS. I say any implicit trust in anything is unjustified and leads to a false sense of security. Did you, personally, check all the code you use? I very much doubt it, regardless of how open it is. Ergo, you cannot trust it any more than any closed source. End of story. That is how I see it and how I approach any code, FOSS or not. Suspicious until proven trustworthy. YMMV.

One might even go a step further and say that, in a way, it is better to use something you know you cannot fully trust, thus being constantly reminded to be vigilant, than to use something you believe you can trust and drop your guard completely. The misguided but dangerously widespread belief that "Linux is immune to viruses" is a very good example.