In the article linked to on ArsTechnica a cryptographer wishes to remain anonymous, though his comment is perfectly reasonable and very safe:

"I personally believed that it was some theoretical cryptographer's pet project," one cryptographer who asked not to be named told Ars.

He (or she) is not accusing anyone or suggesting anything. Why the desire to remain anonymous? I bet that many people active in cryptography even in academic circles are afraid. Indeed, chances are that active researchers are being monitored. You know, just in case.

Interesting comparison. Imagine an agency that has planted car bombs in every car. We're all at the mercy of a handful (about 850,000?) contractors who have the necessary access. Not unlike the current situation. We have no choice but to start the car.

If they're completely beyond my ability to inspect, how exactly am I supposed to look at them?

Now that has to go in the next Star Wars movie. Perfect for Yoda.

Though backdoors are an issue, the bigger issue recently is still mass surveillance. Backdoors are probably unnecessary for most software, given the multitude of security issues and the complexity of programming. Well-funded organizations and devoted hackers will always be able to get into your pc and mailbox.

We should still try to make that hard. However, we should try much harder to avoid mass surveillance.

It is funny to try and reason like a spy agency. Or sad. Anyway, here goes.

One option is (a) to convince several Linux distributors to alter the software they distribute each and every time they distribute it, with many people at many different companies knowing with you do and possibly being able to exploit this themselves. Another option is (b) to review the code yourself and try to find as many vulnerabilities as possible and keep them to yourself. You can also (c) hire a group of talented people and devise extremely subtle changes to code that will only result in a crucial error after a specific sequence of 57 events took place. How confident are you that specialists will spot that, by the way? I wonder where anyone having written code gets that optimism from. Or you can (d) develop a highly sophisticated piece of code, call it security enhancing, and actually try to have it officially included in an open-source project without any attempt to hide where it is coming from.

Among those, option (a) is not a long-term solution and is unlikely to be pursued by agencies in my opinion. I would not go there if I were a spy agency. Options (b), (c) and (d) are very likely to have happened.

I can't believe that they managed to pull off (d). This is not something I would have thought of or dared to try.

Any bug is a security problem - therefore any security problem can be made to look like a bug. There is sufficient plausible deniability here, the treat of repercussions is not a real treat. I'm also not convinced at all that even a thorough and massive audit of open source software has the potential to reveal all intentional faults, in spite of widespread belief here that says otherwise. Given the complexity of programming, any decent and devoted team of programmers who spends time thinking about introducting bugs (rather than thinking about finding and avoiding them in software written in good faith, like we're used to) can probably find lots of little gems that will remain undetected for decades, if not forever. Our mind has to follow what's going on in software in order to verify its correctness, and our mind is very limited. Open source protects against compromises by the little people, yes, but not by well-funded organisations. Let's not kid ourselves. Also, if foreign governments review code and find vulnerabilities, what makes you think they would share them back with the community?