[whitegrape]

Nearly 40 years old, we actually have an algorithm that is not known to be vulnerable to quantum attacks: https://en.wikipedia.org/wiki/McEliece_cryptosystem Quantum computing is nothing to worry about. (Though I admit it is interesting to think about what sorts of encryption/decryption schemes are only feasible with a quantum computer.)

[AnthonyMouse]

The real problem is that quantum computers would break the forward secrecy algorithms we're using today. So if a practical quantum computer shows up tomorrow then we can start using different cryptography tomorrow, but evildoers will be able to decrypt everything we're sending today just by storing it and waiting for quantum computers.

Which is a pretty big "oh crap" that will catch a lot of people by surprise if quantum computers ever really happen.

[ReidZB]

Here's food for thought: What would be required to make a nontrivial fraction of TLS traffic on the web post-quantum secure? How much would it cost?

What about other legacy systems?

Actual, physical quantum computing is still in its infancy, so sure, it's hard to conjure up the wherewithal to worry. But nonetheless we have a long way to go before we can say the world is ready for real quantum attacks.