if I were NSA, I would want the keys to the kingdom. Which means you spy on the folks who run the kingdom. Who are they? They are the system administrators. if THEY use crypto, its their crypto that you first want broken (so you can steal their privileges and exploit the systems that they run, for spying then on others who happen to use those american-grade systems).
So, as I use openssl to make a crypto key for system admin purposes, am I “unwittingly” assisting NSA/GCHQ in their mission – assuming that this “commodity-grade” security software only ASSISTS them, covertly?
Peter's ruminations 