Compiling XUL?

I've been playing with XUL a bit to get a feel for the capabilities and limitations, and so far it's been a little stop and go. Writing simple applications is super easy, but if you need to build something with any kind of interactive functionality (opening/saving files, for example) dealing with external libraries (XPCOM for example) is a pain.

The documentation that is out there accurately describes the functions, but I haven't found a good resource for real-world examples and how the components fit together. The examples I have found make it seem more complicated than it should be for doing relatively mundane things like opening and reading files or browsing a directory.

Beyond that, the first thing that threw up a red flag is that there's no way to hide the source from your distribution.

That "feature" is probably considered a Good Thing considering the Mozilla Foundation are heavy proponents of open sourced software, but I think it will (is?) really hinder adoption. If I build an application heavily dependant on the internet and the local source is available to the user, it's seems to me that my application (and web site/service!) is just asking for a hacking.

For instance, if there are website addresses in the XUL source(required for an internet-enabled app) it would be rather trivial to write a virus/trojan that would rewrite those URLs to trick the user into entering thier information and have it be redirected to another website.

Sure, that possibility is there now (and frankly I'm surprised we dont see more of those kinds of viruses) but depending on the scope of my application/web service I could be comprimising more than just my email password, for example.

I should note, too, that I'm not deluded into thinking that even with a compiled application it's not impossible to redirect URLs and modify internet transactions, but why make it easier? You will only attract more malice.

Anyone know of a way, short of code obfuscation, to hide my XUL source?