Re: Flaws? Really
If you actually make a little effort to study the vulnerability discovery and development process, and the 0day market, and other aspects of this field, you'll find that there's no need to add deliberate back doors. Modern commodity computing systems are riddled with vulnerabilities which are obviously the product of the same types of development errors we've documented for decades.
In the vast majority of cases, incompetence more than adequately explains the exploitable vulnerabilities that we find.
There are some high-profile cases of backdoors, such as the whole sorry Dual_EC_DRBG saga. But for the most part the cost of getting backdoors inserted isn't justified when there are plenty of windfall vulnerabilities lying around.