The distinction which is the basis of this article between "commercial" and "strong" encryption seems confused. Kevin Drum in this post makes it sound as if commercial encryption is algorithmically weaker, which as a rule it is not, rather than just easier for the NSA to plant backdoors in by strongarming vendors.
The distinction matters here since we're meant to believe that most "bad guys.. figured that ordinary commercial crypto provided sufficient protection." But this translates to, they trusted Google, Microsoft et al. That seems less likely to me.
Disclaimer: I am not a cryptographer or security researcher. (On the other hand, given that I've done various kinds of antiwar political organizing and associated with members of Muslim Student Associations whose infiltration by NYPD later became a matter of public record, maybe I can speak as a government-classified "bad guy!" I should really do an FOIA request one of these days...)
The distinction matters here since we're meant to believe that most "bad guys.. figured that ordinary commercial crypto provided sufficient protection." But this translates to, they trusted Google, Microsoft et al. That seems less likely to me.
Disclaimer: I am not a cryptographer or security researcher. (On the other hand, given that I've done various kinds of antiwar political organizing and associated with members of Muslim Student Associations whose infiltration by NYPD later became a matter of public record, maybe I can speak as a government-classified "bad guy!" I should really do an FOIA request one of these days...)