Quantum computers have been successfully used to factor numbers. Many are of the opinion that quantum computers won’t be scaled up enough to represent a threat to cryptography for some years to come. I disagree.
Here are a couple of reasons why:
Between these two things, I think quantum computers will be scaled up to where they will be a threat to present day encryption very fast.
While there are presently encryption methods that are post quantum safe, most of them are not highly practical. OpenSSL presently has no post quantum safe method of key exchange, and if you can’t exchange keys securely, you can’t encrypt securely.
I would be surprised if the NSA doesn’t already have a computer capable of factoring primes of large sizes and the ability to break existing cryptography. I am more or less convinced that this whole stand-off with Apple is just show.