Hello I noticed that there were two back to back whonix updates in the last few days and it got me to thinking. So I went to the documentation section and began reading the Whonix Trust section. While I rely on Patrick and Ego to answer all my questions on this forum, the trust section makes a comical yet valid point about not trusting whonix or Patrick or anyone on the Internet whom you don't know. Sadly, as a new user who can't read or verify source code I realize I am at a big disadvantage using open source software I can't verify. As a result I do trust Patrick and whonix and all their updates. I just blindly update when the whonix check tells me there are packs to install. My point is say one day the sky is falling and whonix DOES become compromised a guy like me would never know. I would be the low hanging fruit so to speak. Given the government is the single biggest producer and purchaser of malware. My interest in this software started with a small tinfoil hat that seems to grown the more I learn ;-) So my main question is what is the safest way for a guy who can't verify code yet double check that these updates are safe?? Is there a certain part of the forum where people who can verify code do so?? Also a point in the right direction for the fastest way to learn to verify open source code wouldn't hurt.
Thanks in advance and sorry for the silly question I am very certain I am the biggest noob on this forum.