IMO, it still goes back to what I have been saying. Code is only part of the battle. The procedures and processes are the other part. Everyone looking at the code today does not matter if one person with the ability to sign it goes evil tomorrow.
In addition to the code review an audit of the process and procedures done to run everything is also needed.
I agree with you, but without a considerable public uproar (for example, at random internet company A selling your personal data to 3rd parties), it's quite difficult to get people to listen to review bodies for processes and methods, because it usually interferes with their budgets and cash flow, unfortunately.
Kind of like a conversation I had with someone making collectable coins that had pre-generated private keys:
Them: "All keys are generated from a secure offline computer"
Me: "So it's BIOS password protected, boots from a read only device like a DVD that you verify the checksum on every boot, and nobody else has access to the room where it is, and you you verify the printer that it prints to has not been modified tampered with, and the cables are good and you are sure they have not been compromised by anything like this:
https://hak5.org/products/omg-adapterMe some more: And you have custom made holograms so if someone else gets a hold of the coin they just can't peel copy and stick on another hologram that looks the same?
Them: No, are you paranoid or just an ass?
Me: Both....
... But I will say that if you're in the business of selling very valueable physical coins to people, you'd be quite mad to *not* have such a precautionary setup. Even better would be to have two geogeaphically distant locations where a "split-key" is generated at each of them and then combined at a 3rd location for final processing. This prevents any one person from knowing the exact PK.
Few people would consent to such an added expense of buildings, though.