As a 40 year old who was hacking in his early teens (by both meanings of the word), this isn't that striking to me. It was common for people back in this time frame (the events of Cuckoo's Egg) to half-jokingly make "Echelon keyword" lists where they would insert dubious words as postscripts in email or on usenet posts. I spent quite a bit of time hanging around the MIT Media Lab building (where GNU/FSF was located at the time) and it was an open secret (and source of lots of joking) that one of the always-locked doors there lead to a "spook closet" where some guy nobody there really knew would come and pick up mag tapes once in a while (with the implicit assumption that the tapes were a traffic dump of data going through the routers there).
The NSA revelations of late aren't really that surprising in context with my prior experience, other than that it was surprising that the leaks so thoroughly confirmed a lot of suspicions and showed that their tentacles into commercial service providers were even more extensive than originally thought.
Yup, I used spook.el back then too. And as I said, Stoll had suspicions - he thought the NSA listened to all the traffic, and why not - it was all unencrypted telnet sessions.
But the common impression then was that the NSA knew how to crack ciphers because they had the researchers, and that their unexplained changes to standards were improvements (for example, they changed DES to resist differential cryptanalysis 20 years before that technique was "discovered"). The notion that the NSA did more than just restrict key lengths to weaken crypto is recent.
The NSA revelations of late aren't really that surprising in context with my prior experience, other than that it was surprising that the leaks so thoroughly confirmed a lot of suspicions and showed that their tentacles into commercial service providers were even more extensive than originally thought.