One problem now on the rising in the world is trojaned ssh binaries that report
every (hostname, username, password) combination to some malicious host, often
via DNS. This way, one infected system leads to a lot of other infected systems.
There has been at least one occasion when the putty downloadable from
download.com has been a spyware-installing version.
The risk of an infected ssh binary being used by tlclient is not high, since we
ship and use our own binaries, but it could happen.
We could protect ourselves (and more importantly, our customers) from this by
checking the checksum of the ssh binary being used before using it.
This would not only give some protection, but it would also give our customers
another signal that ThinLinc cares about security.