[oakenshield]

It's not that cryptography has failed; it's more that the web-using public is largely ignorant and unaware what security or cryptography means. They think in real-life analogues: a random person on the street hears me talking to my friend outside my house about my weekend plans. Not a big deal, because (1) that random person didn't hear every single word, (2) we'd see if they were eavesdropping too closely, and (3) no human can remember every last detail of speech they hear. Unfortunately, an eavesdropper on the wire can do all this and more, but people don't seem to understand.

I think the right way to go is for providers make strong cryptography standard (like your Adium example). The current GPG usage model and its integration with email is poorly executed, and most of the web-using public won't care to learn how it works let alone create key pairs. The only thing the public at large can understand is secrecy of social communication. I await the day Facebook or Google start automatically generating and managing keys, and encrypting communication between users based on their social connections.