Conclusions

Trust is not transitive (known but often forgotten)
trust here is intended download
System revealed no Trojans
was a limited study, only a snapshot
ongoing monitoring required
Simple failures
Subversion of the system is possible
weak bindings between key, user
poorly implemented verification system