Exactly. There's nothing wrong with technology or tools. It's how they're used that makes all the difference.
Which is why I'm feeling kind of hopeless about the ubiquitous surveillance thing. Yes, encryption is great. It is definitely better than no encryption. But you still can't trust it.
Are the algorithms secure? NSA already intentionally weakened one. And they employ more mathematicians than anyone else in the world. They could have cracked AES and SHA-2/3/whatever years ago and how would you know?
Can't trust your software. Even FOSS. See the Underhanded C Contest. And I'm calling it now that systemd is a plot to infiltrate and subvert the Linux ecosystem by the US military via the Red Hat corporation. I know, I know, tinfoil hat, but 8 years from now it'll be "duh, everybody knew that!"
Can't trust your hardware. Corrupted harddrive firmware. The binary blobs that are the heart of your cellphone radio. Intel's locked-down bootloaders.
And that's just the shit that's obvious or that we know about. If you have a near limitless budget, insanely smart people, government authority to do whatever you want, and no conscience, well, sky's the limit. If it were my job (and I were evil) that's absolutely what I'd do. Hell, just have an agent apply for a job at Apple, Google, Microsoft, Cisco, etc etc and sneak in whatever vulnerabilities you want.
You can never lock everything down. There's too many attack vectors, and the adversary is very good at what they do.
And you can't "secure" the services that make everything work together, anyway. Your phone company kind of needs to know where your phone is to route calls to it, and they need to know what calls you make to whom in order to bill you for it. And someone HAS to have the root password to that database for it to work.
No, the only way to stop this is a political system that makes such attacks against the citizenry illegal, an oversight process, and severe penalties for those who violate your rights.
For instance, in my job, I have full, back end access to the hospital database. I can see all your medical records, all your billing records. I have to in order to do my job (data warehousing and analysis). OH NO YOUR MEDICAL RECORDS AREN'T SECURE! Umm, yes they are. What I do on the database is logged, there is a internal review board and a privacy office who reviews all internal requests for data, no non-aggregated data leaves the organization, and there are severe penalties for misuse of your records. HIPAA. If I mistakenly misuse your records, I'm fired. If I maliciously misuse your records, I go to felony prison. And that's actually enforced.
No technological solution can keep your devices and communications secure. It has to be a political system, and the political will is not there to establish such a system. Half of Americans WANT the government tracking everything they do. There's no real pressure for lawmakers to act, and whenever they do they put in so much weasel language it makes no difference. "The government is forbidden from doing awful things A, B, and C. Unless it has a good reason to."
Is what it is.