To limit the attack surface here, maybe follow the permissions model on macOS, access a credential = TouchID/Password each time, just limiting dependencies, still leaves a large attack surface of accessing everything if an attacker is able to find a route through, that’s what they’re looking for is everything right there, somehow some way.
There is so much here to debate about. A) Never trust the cyber feds. B) The NSA is not the place anyone thinks, it’s a Wild West in the most bizarre of places, trust me from experience. C) Cryptology concerns more of than security and exchanging messages or packets, sometimes you don’t even know what kind of thing (living) can and has been decrypted. D) The NSA plays very, very, very dirty. It is like a digital CIA, they are in everything (i.e. cyber spies in various roles at tech/telecom/manufacturer company xyz). E) NEVER LISTEN TO THE DAMN NSA / DRIVEN BY A CULTURE OF EXPLOITATION
The point is to trust no one and no thing that we cannot examine freely, closely, and transparently. And to maintain healthy skepticism of any entity that claims to have a virtuous process to do its business.
No it's not. The NSA has been the Federal Govt's designated expert on cryptography since the end of WW2. You are pretending that the current set of NIST standards and every previous NIST standard has not had incredibly intimate contact with the NSA.
You're lived experience tells you to trust the NSA, at least as it relates to NIST standards.
