After the NSA leaks, the security community is scrambling to verify that widely-used, open-source software is free from backdoors. With dual_ec_drbg, we know at least one case where a cryptographic primitive itself was compromised. Furthermore, we know now that governments can and do force companies to compromise their own users, in secret, under gag orders.

Why anyone would use closed-source "security" software today is beyond me.