The user being able to verify things isn't the issue, the issue is somebody else being able to verify things, perhaps even requiring verification. This can even be extended (and already has been) to where binaries can be supplied in encrypted form and run on a processor that never reveals the unencrypted code to its user.