[IAmAI343]

The only real way I see of swinging the power back to the people is to use encryption in all our personal communications, that includes e-mail, voice, video. Unfortunately there is a very real possibility that the government has access to the CA keys so that it would render any encryption useless.

However, it seems that a new type of quantum key distribution system [1] may allow us citizens to share the keys such that not even the government may be able to get them. I don't really know much about this but it does seem promising. It may be the only way to ensure that only those that we choose can see our data. I would not be surprised though if the government tried to pass laws to make such technology illegal. Just like it tried to make military grade encryption illegal by claiming it was a munitions weapon.[2]

[1] http://en.wikipedia.org/wiki/Quantum_key_distribution

[2] http://en.wikipedia.org/wiki/Pretty_Good_Privacy

[sk5t]

A hostile entity owning the public CAs doesn't render "any" encryption useless--just PKI that trusts those common CAs. We could revert to the PGP signing parties of the 90s, or a variety of other key exchange protocols... just no more relying on a certificate because Thawte, Verisign, or (ha!) Comodo say it's good.

[Zigurd]

Some people who run corporate intranets have long used self-signed certs for this reason. You don't need quantum cryptography to do this.

[bmelton]

Well, so long as we aren't planning on SSL/TLS to keep us safe[1].

http://www.forbes.com/sites/andygreenberg/2013/03/13/cryptog...