Re: Once again ....
It is true that you have to trust whoever provides your (and your communication partners') implementations. So that leaves two sensible approaches for (so-called) non-aligned countries to use for diplomatic cables:
1) Align themselves with one of the big powers (US, Russia, China) and accept that they will be reading all the traffic and act accordingly. This includes realising that they will decide who they will share it with (which could include their enemies, or even the public. if it served a useful purpose for them).
2) Find an "independent" supplier with a strong reputation, which it will strenuously protect. Crypto AG, and Switzerland, seemed to meet that criterion. However, it turned out they were proxies of the US after all.
The biggest damage here is to the Swiss reputation for neutrality. The surprise isn't that Crypto AG was backdoored, it is that the Swiss knew about it and let it continue.