Thanks for this pointer which leads to Schneier's two reports in the Guardian about cooperating with Greenwald. As head of BT security it is hard to believe that Schneier did not know about BT's covert cooperation with GCHQ and NSA. His NDA with BT would likely prevent disclosing that knowledge along with protection of his vaunted rep as an incorruptible FOI battler. Similarly with other notable comsec wizards, the duplicity of NSA and GCHQ should not be a surprise unless pretense of surprise is part of the highly rewarding covert cooperation. Cryptographers are of necessity shady operators, the louder they profess trustworthiness the more likely not, NSA and GCHQ role models and dispensers of lucre the role model. I seem to recall that there is an inverse relationship between advertized trust and deserved. Modest and quiet cryptographers have superior ethics over word artists. So a good match between commercially successful essayists Schneier and Greenwald. Let the haughty rhetoric gush. And as Schneier blogs, wise to keep secrets in their pocket(book)s. And as he demurs to the Guardian and others on why not release all the Snowden docs, presumably the docs need careful vetting to prevent embarassing disclosures of duplicity of media and comsec wizards, a tradition as old as comsec. Schneier's aptly revealing humor about crypto weakness: it's never the math, its the agents of the code. At 03:49 AM 9/6/2013, you wrote:

select quotes from

"The NSA Is Breaking Most Encryption on the Internet" http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html

""" Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted. ... [regarding magic curve constants] Bruce Schneier • September 5, 2013 4:07 PM I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry. ...

Bruce Schneier • September 5, 2013 7:32 PM

"You recommended to 'Prefer symmetric cryptography over public-key cryptography.' Can you elaborate on why?"

It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms.

[EDITOR: the safety margin for key lengths over time is definitely more reassuring for symmetric ciphers*. and aggravating that hardware security products and other encryption appliances and systems do not accomodate 4k or even 2k keys well, not to mention the varied cipher suites you may prefer...] ... Bruce Schneier • September 5, 2013 4:58 PM "Why are you not going to write about those 'other few things'? Can you write about the here please?

I want to keep some secrets in my back pocket. """

* key length recommendations in bits Lenstra and Verheul Equations (2000) symmetric: 70 pubkey. 952 hash: 140

compare to: ECRYPT II 2011-2015 symmetric: 80 pubkey: 1248 hash: 160

and considering projection: ECRYPT II >2041 symmetric: 256 pubkey: 15424 hash: 512