The nonce does not need to be secret and keeping it secret adds no security.
According to Wikipedia, many others also felt uneasy about counter mode, but by now, "CTR mode is widely accepted, and problems resulting from the input function are recognized as a weakness of the underlying block cipher instead of the CTR mode."