This is where our disagreement comes from. I am not convinced that your statement is 100℅ true. In a reasonably complex piece of code, it is dead easy to hide whatever you want in plain sight. In which case providing the sources will only serve to give the false sense of security to idealists like you, who naively believe that sources = guarantee of genuinity.

Regarding the Nordic bank users, as per jenix's post, I am somewhat baffled. Does that mean you guys cannot login from any random computer using any random browser? That completely defeats the whole purpose of online banking. If my bank tried to impose such a restriction on me, I would switch the bank.