Why isn't the Firefox code signed?

I'm having a look @ Firefox and have noticed that the code is not signed and therefore it's theoretically possible for a trojan to have been inserted in it.