I don't think there's an answer in that there is no answer to backdoored hardware. Someone recently demonstrated how to reprogram the controller on hard disks (they're ARM based SoCs) to monitor/modify the data. No one is going to come up with an alternative open source hard drive.
As to software, whenever the topic comes up, someone shouts out "OpenBSD!". Unfortunately, it's by no means beyond US pressure, at least at the individual developer level. The whole "FBI IPSec backdoor" fiasco a couple of years ago is tacit acknowledgement by the OpenBSD core that such a thing is possible.
