It could make one wonder if there aren't NSA employees working full time as open source contributors to make sure open source encryption software (or even OSes..) remains un user friendly and out of general use.
I would certainly prefer to believe the current state of the OpenPGP ecosystem was due to malice rather than incompetence.
It's possible, but not likely. Targeting proprietary, commercial vendors is probably a lot easier than open source, as it's much easier to hide what you're doing. And many more of the targets they are trying to attack are likely buying fully supported solutions from commercial vendors, not COTS hardware and installing open-source software themselves.
Even for open source software, it would be easier to just target the integrator, such as the binary packages provided by the distro or preinstalled on hardware by a system integrator, rather than introducing vulnerabilities or causing problems in the upstream open source project.
Considering that such an approach would be a lot cheaper than nearly any other, I'd say of course it's happening. Imagine offering someone the Google salary that Google will pay plus pay from NSA and all the pension benefits, etc.
Well, until recently, they haven't had direct access to the leaks, so covering the Snowden story or reporting on what the Guardian said were all they could do.
However, ever since the British government forced the Guardian to destroy a laptop containing leaked information, and detained David Miranda and confiscated his belongings, the Guardian has decided to partner with the NY Times, as they believe that the First Amendment, and American jurisprudence surrounding it, still provides better protection of freedom of the press than Britain's laws, so sharing information with the NY Times helps ensure that the British government can't stop the reporting on this story.
I would certainly prefer to believe the current state of the OpenPGP ecosystem was due to malice rather than incompetence.