I'm rather surprised that the most significant piece of evidence in favor of the "NSA has cracked PGP" theory is that no one's put a bullet through Phil Zimmerman's head.
Excuse me, but I'm getting tired of this silly paranoia. NSA is not Evil Incarnate Central, and we are not fighting a Valiant War We Are Fated to Lose. The NSA are a bunch of Americans who went to school & college with the rest of us, and share our communities with us. Most of them joined NSA to fight totalitarian Communism, and most of them are sympathetic with values most Americans share when they bother to think about them, like freedom, privacy, etc. Sure, NSA has been caught up in the Cold War habits of secrecy, bureaucracy, and an ingrained habit to control information. It's also almost surely caught up in the same kind of bureaucratic incompetence we see in the rest of the U.S. Federal government (most of the DoD, the space programs, the BATF, the FBI, etc.) Does a $40+ crypto-voice-chip with an obvious trap door look like Malicious Plot to Destroy All Strong Crypto and Take Over The World, or does it look like an a half-competent, half-hearted attempt to retain Cold War era capabilities they had gotten used to? NSA is going through the same crisis of goals as the rest of the Cold War establishment. Their mission, if they have any left at all, has changed radically, and they know it. While it may be "in the best interest of NSA" to maintain control over strong crypto, that's only a superficial analysis at one level. NSA employees are also Americans, community members, family members, etc. They don't typically go around murdering hackers they don't like. Nor would that accomplish anything for them -- RSA was published internationally long ago, and PGP is now scattered at sites all over the world, with new versions being hacked on in nearly a dozen countries. The biggest problem I've encountered talking to various people about implementing encryption is that they think cypherpunks are a bunch of paranoid nuts, so only paranoids would want to do things like use digital cash for their semi-legal barter schemes. Your expression of surprise that the NSA hasn't offed Phil Zimmerman just confirms their suspicions. How can I convince them that cryptography is not just for paranoids? The rest of us are concerned about things like protecting and enhancing our privacy and freedom, and there's nothing silly or paranoid about that. But now that you mention it -- Shamir does operate out of Tel Aviv. Obviously he built RSA with a hole in it, and NSA is the main arm of the Crypto-Zionist conspiracy of Jewish Planetary Hegemony! And he didn't publish "Differential Cryptanalysis of the DES" until non-Zionist bankers got ahold of DES. It's all clear now!
I think that, personally, the public-key stuff's gotta have some sort of a hole in it that nobody's thought of yet outside of spook central.
I think your head has to have some sort of a hole in it. Perhaps the NSA's work?