And yet, without it, the Snowden leaks wouldn’t have happened. I mostly agree with you, but it’s worth pointing out that they achieved their goals; rare for a security product.
Yeah, I dislike the idea of prioritizing a crypto standard that doesn't work against nation-states. Some of us like our privacy.
That said, I agree with jandrese's point about key management -- low-security key management solutions shouldn't prevent people from taking a high-security approach. Seems like the ideal situation would be if the really paranoid people end up naturally testing the low-security infrastructure as a side effect of doing their paranoia stuff. E.g. if the gpg client was set up to automatically report discrepancies between a user's personal web of trust and a presumed-authoritative keyserver.
That said, it's unclear to me why Signal wouldn't have worked for Snowden -- interested to explore details here.
