The general sentiment is that you cannot trust code you did not write yourself and that we need to be able to trust the person who did, but you can form your own conclusions about how that fits into the modern tech landscape.
One of the points made in that paper is that you can't even trust the compiler, even if you write the code yourself. I think this is one of the stronger points as it shows you it is unfeasible to require everybody to audit all source code before running it. Be pragmatic, know your threat model, decide who you trust and move on with more important things in your life.
The general sentiment is that you cannot trust code you did not write yourself and that we need to be able to trust the person who did, but you can form your own conclusions about how that fits into the modern tech landscape.