Re: A pragmatic approach or government grade security theatre?
... if you can't convert the source through the same tool chain and then do a byte for byte comparison ...
That's not a guarantee of anything in particular. If on the other hand, you can reproduce the binaries from a reviewed source using a cross-compiler under your complete control, you known that the backdoor is not in the source or the toolchain. However, this still does not guarantee the absence of a backdoor - it still could exist in the firmware, in the CPU microcode, or in one of the peripheral devices or controllers.
I somehow suspect that when Russian FSB reportedly switched to mechanical typewriters for their most sensitive data, the decision was not borne out of the idle paranoia.