Again with the vast majority of users fallacy? Bring up a story of grandma for a full picture too.
Binary blobs can be checked easily if they originated from the source code published. Major Linux distributions, like Debian, have people all over the world auditing the repository. If a backdoor is planted, with the repository being public, most projects have a full history of whom added what and when. Code reviews happen too.
You're right in that this mostly foils the NSA in its role as a global passive attacker. However, having a FOSS OS doesn't foil active, targeted attacks at all: the version of a package in the repo could be perfectly safe, while the version distributed to just your computer could be backdoored. (The NSA, after all, can FISA-order someone to give up their package signing key just as well as they can grab a decryption key, and then MITM just your connection to deliver an "automatic security update" that nobody else got.)
...while the version distributed to just your computer* could be backdoored.*
They would have to get the base distribution signing key, which is probably a shared secret that requires multiple people to unlock.
Have there been any hints of NSLs or FISC orders requiring the disclosure of private Linux distribution keys, some of which may not even be held in the US?
The funny thing is, you don't actually need to replace a package that's part of the base distribution. Every package format we have (RPM, DEB, etc.) runs its install- and upgrade-scripts as root, so every package can potentially do anything on install, including patching the installed files of other packages (or cleverer things, like adding SSL trust roots.)
So, since they don't specifically need to patch your openssl package to compromise your openssl library, they could just as well suborn the signing key of (presuming Ubuntu) some PPA author, as long as the user they're trying to bug has that PPA in their sources.list.
Solaris introduced some concepts in its IPS packaging to avoid packages changing the system. IMHO, it is very good but adds some pain to developers and sysadmins alike.
Though I do use them, the PPA concept is kind of flawed, because there's no way of saying which packages you will accept from a particular PPA, and no way for a PPA signing key to limit the packages it covers.
Packaging systems do detect file collisions, however, and with something vaguely similar to checkinstall or fakeroot they could detect attempts to overwrite other packages' files in the pre- and post-install scripts.
The Debian OpenSSL bug was and is highly embarrassing, yes, but the fact that the source was open was absolutely instrumental in its discovery. It's also difficult to find a better example of the right way to react to such a bug.
Certainly open source benefits only so far from the review it receives. The NSA could conceivably submit a patch to openssh to Debian that once again subtly breaks security.
On the other hand, audit is possible, which is a hell of a lot better than the alternative, limiting their options to underhanded subversion is again better than the alternative, and to my knowledge nobody has actually ever picked up on a case of this happening (while we do know they have had the security of close-source software subverted).
Binary blobs can be checked easily if they originated from the source code published. Major Linux distributions, like Debian, have people all over the world auditing the repository. If a backdoor is planted, with the repository being public, most projects have a full history of whom added what and when. Code reviews happen too.