Because that's not security. The security of your system should be able to withstand an attacker that is able to read the source and arbitrarily modify the client. Otherwise you don't really have security -- you're just hoping no one goes through the effort.
