I've given up on the NSA not reading my stuff. The NSA collects pretty much anything they can get their hands on. It's a losing battle. If there's something I don't want the NSA to know about, I use Tails.
>If there's something I don't want the NSA to know about, I use Tails.
This is a nice thought, but probably not realistic for a variety of reasons. Perhaps most relevantly, I would expect that a large quantity of major Tor exit nodes are tapped by the NSA.
I would also expect that most servers you talk to are either already tapped by NSA in one way or another or can be tapped by the NSA trivially if they decide they want to see what's happening.
Tor is vulnerable to adversaries that monitor Tor exit nodes. But this assumes for such adversaries to also control the destination service.
The attack is effective if the adversary is setting up its own fake websites and then luring users in (with child porn, etc.), correlating their traffic. But for hot services, like Gmail, even if the NSA has the potential to track Gmail's traffic, the noise and the false positives are too great.
And for services outside of the US jurisdiction, the NSA isn't able to legally coerce companies into giving them the keys needed for mass surveillance. Sure, they can reach agreements with local intelligence agencies for wiretapping and exchanging of information, but it would be an international disaster if it got out that foreign companies were forced through legal means by an US agency to hand over control. And this extends somewhat even to US-hosted servers of foreign companies. Yes they have physical access to US-based servers, no, it's not necessarily easy for them.
What this means is that the NSA is not able to control and measure many popular Internet services. It's also all a matter of cost. Raise the cost significantly and it will get too expensive to do mass-surveillance, even for the NSA.
Of course, if they target you directly, then all bets are off. Though in such a case they can just wiretap your home and office and hear everything you do or speak. But in the meantime if I use apps like Signal for communications, or PGP for my very private email, or SSL for connecting to my web server, I can be sure that the NSA is not tracking me because I'm not a target, I'm not a US citizen, I'm not interesting and it's probably expensive for them to track me through those channels.
Of course the NSA can read your stuff. The question is, will NSA be able to read your stuff /without you being specifically targeted/. There is a MASSIVE difference between getting caught in the global dragnet and being specifically targeted with nation-state malware and hardware hacks.
Don't expect that just because you are using PGP for email or OTR that NSA can't read your shit if they put their mind to it - but it's extremely unlikely that they will, and nothing would protect against it. It's a noble cause to use encryption, to stop yourself from intentionally giving data to anyone with a promiscuous WiFi card and broadcasting "please steal this" to anyone that can. You are choosing to give the NSA all your data.
Using an encrypted alternative to Skype also prevents Microsoft from Big Brother-ing you, too. It's not just the NSA, but Microsoft selling personal information to advertisers or collecting analytic data that you have every right not to provide.
