You, the individual, can't hope to keep up with organizations that can out-spend you hundreds to thousands of times in terms both man-hours and money. How can you even know if the code you download off the manufacturers' web sites hasn't been tainted during production? Your only hope is to stay below their radar, or have enough trusted people around you or time on your hands to personally go through the code and verify it. I'm betting, even in their mom's basement, hardly anyone has time for that.
This. We have reached the point where electronic security for most individuals is simply not possible. The problem is that it's "hard," and most people that aren't security professionals (and even some that are) will never understand how things like encryption, asymmetric keys, etc. work. Which means that in order to secure themselves, they HAVE TO trust someone to take care of those details for them. But any company these days essentially has to be assumed to be under the control of a government, or will instantly fold when pressed.
And even if you're comfortable managing keys and such, you probably can't write your own software (especially strong encryption algorithms) and build your own hardware.