Agreed. He actually knows little about most of INFOSEC compared to other, serious practitioners. He seems to be a good IT guy, expert on NSA tools, and have anecdotes of what they had trouble hitting. Far as security engineering, I'd trust a source with a good track record of building and breaking stuff similar to what I'm assessing.

People are leaning on him way too much for way too many things. I'm not even saying my statements apply to the article here so much as in general for people interviewing or citing him. Anyone reading posts of high-security engineers pushing strong hardware and software security pre-Snowden would've survived almost everything in NSA's toolbox using such methods. Leads me to add that Snowden seems totally unfamiliar with that stuff and it's unsurprising given his job was SIGINT-related rather than strong INFOSEC.

My only failure was not focusing on clean slate chips and hardware design enough. My priority was software but prioritizing the kind of hardware I've promoted here & elsewhere would've got me further. Makes the software easier to secure. Just was too lazy to learn all the hardware engineering knowledge it takes to (a) do custom hardware and (b) do sub-micron, custom hardware. I'm making amends now, at least.