But the NSA has supposed worked with IBM on special dedicated computer hardware designed specifically for breaking encryption, which means custom made hardware including the processing chips. If that's the case, the NSA is many steps ahead of everyone else in breaking encryption, since by using dedicated hardware the time needed to break the encryption is vastly shorter.
I hedge everything I say with the phrase “properly-implemented.” That means no root CAs with 10+ year expiry, no intermediate CAs with greater than 2 year expiry, no encryption hashes under 1024-bit, symmetric key generation, 45 day password change requirements with >12-character, symalphanumeric (symbols, letters, and numbers) with no repeatability, mandatory two-factor authentication (what I have and what I know), and no local key generation (all keys generated on a non-Internet-connected machine).
I’m not saying that they can’t crack it all, ever, but the amount of effort required to read my personal documents, emails, browser history, and secure transactional databases is such that they will need a really good lead to think I’m even remotely worth the effort.
Essentially, I’m hedging against someone planting incriminating data on any of my devices in the event someone or entity wants to take me down. I’m prepared to die with my complex passwords.