Why? As a professional security researcher, what makes you believe this is unlikely? I'm not saying I disagree with you, but it seems like you have additional context for an a priori belief that this isn't what happened.
I suspect that there's worlds of difference between, say, the arm of the FBI that chases drug dealers and the arm that chases Russian spies. It's a pretty broad church.
Don't discount the (admittedly unlikely) possibility that there was some cooperation in making sure that any /possible/ backdoors were done by people with REAL knowledge of how to get it done.
I'm still not convinced that the original Pentium Floating Point Bug wasn't a (mishandled) intentional corruption for crypto-backdoor purposes. Anyone who has heard the rumors about the POPCNT instruction would understand that the government is capable of making all sorts of deals with equipment and software vendors. Very few companies will decline such requests when received with "critical to National Security" assurances.
That's not what the claim is. The claim is that the FBI paid an engineer to do so. This seems entirely plausible, although I don't believe this case is true.
You think it's plausible that the largest law enforcement organization in the United States decided to insert cryptographic backdoors in critical security software used by many hundreds of companies... because they outsourced it to some random company?
They probably outsourced it to disconnect it from them, same as subcontractors doing things the state can't like operate drones on the border without massive outcry. Also it makes it less easy to pin on anyone at the agency/state and makes the individual(s) that put it in seem wacko if they stated that independently. You can just deny, deny, plausible deniability. It is easy to play the psychological reactions this way.
If the FBI, NSA, and others aren't doing stuff like this then I wonder how they are thinking they can hang with the Chinese, Russian, etc hackers of the state.
It's so funny, people believe in their own tribe/country that the authority would never do this but you think of it happening in China or Russia and you think, 'of course they are doing that!'. It is a problem of relativity/trust. Wikileaks put evidence of our very own State Department and Hilary Clinton bugging the United Nations but we aren't doing this across the internet/software landscape? hrm. Algorithms are hard to put trapdoors in, but the software that wraps them can help make it easier...
