People can certainly lose their principles, but from observing past behavior (e.g. the number of times Raymond has told moneyed interests to fuck off), I believe that certain people are capable of holding certain principles for longer than a corporation would be able to.

Secondly, these individuals and communities recognize the inherent problem with needing to trust them, so they jump through hoops to make sure that publicly available binary builds are reproducible and verifiable. They publish their open-source software in a way that doesn't require you to trust them as much as you would need to trust a corporation with a closed-source product.

Not only do many corporations not bother doing this, many corporations that maintain open source products deliver binaries that obviously have more stuff baked in than their source code would suggest. For some categories of product, like a password manager, open source with reproducible builds is table stakes, not an optional feature.