Nice article. I doubt that the NSA can crack PGP, either due to magical advances in technology, or some implementation flaw that's exploitable.
My guess is sloppy key handling. If they captured the guys laptop, chances are they were able to recover his keys, because most people a) don't change their keys enough, and b) have crappy passwords on their private keys.
I'd guess tossing words/phrases from the Koran at an AQ password would likely be fruitful. Just put together a
dictionary of permutations of 'Allah', and see what you
get.
The new IBM supercomputer "blue ocean" that the US navy is buying would do the job in 13 hours.
A quantum computer can break a PGP key in O((log N)3) time using Shor's algorithm.
I'll bet that quantum computation research has commanded a significant portion of NSA's budget for ten years or more.
I agree, a dictionary attack on a keystore would be the most probable solution.
I've always wondered about bruteforce attacks. Each attempt with a random key will produce some sort of result. How does the computer recognize when the correct key has been used, and a valid result has appeared?