This is why I am increasingly convinced that GPL(v3) is going to become a bastion of hope for privacy. The major problem is that companies want to make money off the software, close it up and proprietize it, and then the gov comes along with a NSL or blackbox or other comprimise and backdoors/weakens the system, and all of a sudden all the customers of the company are vulnerable. FOSS and in particular GPL, is the way around this. Software companies should be selling support, not the software (IMHO).
Software can always be disassembled. I'm much more concerned about proprietary firmware and hardware backdoors. You should be too. Another thing also, is that the NSA have been shown to be weakening crypto standards like RNGs and, possibly, ECC. The problem with this is other standards like TLS and such ultimately use this infrastructure and that affects all software, FOSS included.
I agree with you about firmware, but you will notice a very important overlap between the firmware and the software sectors here, in that it tends to be true that you end up with closed software to match the closed hardware (cellphone radio modems having DMA to the same address space as the CPU all under proprietary firmware and software blobs is a good example). I very much agree that we need open hardware, but it doesn't seem to be much of a priority for any of the big players that I am aware of.
Regarding the weakening of crypto standards, this is why I think everyone is wrong when they tell you not to roll your own. Even William Binney (NSA whistleblower) has been saying so recently.
