[mike_hearn]

There isn't any way to solve it. People's fears about the PKI boil down to "if I trust anyone else at all, they might betray me". And yet using encryption without trusting other people is impossible. You aren't going to build your own computer from scratch, for example.

I think our industry needs to collectively move beyond "zomg CA's are pwned by governments". It's just unhelpful. Firstly there's no evidence it's true. A bogus cert would be strong evidence, documents from the Snowden archive talking about compromising CA's would be evidence ..... so far we have zilch.

But even if one day it does happen - what next? You end up down the "what if my CPU is backdoored" rabbit hole. Ultimately you have to ignore adversaries that have unlimited power and focus on the ones that do have limits. There's no other way to stay sane.

[skuhn]

I agree with you, from a day-to-day standpoint there really is nothing to be done and little point in worrying about it. The only solution is to stop using technology, and that proposition isn't very attractive.

While the ideal solution is technical -- no one can see or interfere your stuff without your permission -- it isn't practical. Solving the problem with laws and societal pressure is more realistic, although still verging on impossible.