@opon4: I suggest you watch this video from the BSD guy at FOSDEM:
http://video.fosdem.org/2014/Janson/Sunday/NSA_operation_ORCHESTRA_Annual_Status_Report.webm
Then think about the more recent OpenSSL bugs....
Debian might not be "owned" in the sense that they belong to the NSA but
there are a lot of possible backdoors in the most vulnerable parts of the eco
system of GNU Linux and there is nothing we can do about it (e.g. crappy
written code).
For closed source OS this is of course worse but GNU Linux is far from being
so safe as a lot of people might think.