I think GP is talking about a scenario where Microsoft would serve either malicious source tree or binaries to just one user, not all of them. that would be fairly hard to detect. but in such scenarios we'd also have to start asking questions about the state of the entire CA ecosystem.
Or detected easily with package builders like Arg Linux's makepkg that ship a hash along with the source URL. As soon as one user gets a different file, he has an alert and the compromised package for later analysis
