The client can detect it (on a plain install, view the cert for the page you're on and you'll see who signed it and whether it's a corporate cert or a self-signed cert). The "problem" at work is that once someone else has control of your hardware then it can't be trusted--they could as easily have installed a keylogger and screen scraper, or whatever. Or have installed a browser altered so that "view cert" shows a different cert from the one actually being used. The client isn't trustworthy, which means nothing at all is trustworthy.
You're relatively safe if you do your own OS install and keep things locked down, though even there the hardware manufacturer(s) could be snooping on things. At some point you have to weigh what is enough trust vs. having the tools you need to accomplish your goal (a powered down, non-networked machine is pretty trustworthy, but also relatively useless).