Security, yea - we've heard about it...

Have you ever looked at the list of "trusted" agencies in your browser? The world and its dog can issue certificates.

Given that almost anyone can issue certificates and that it's probably foolish to assume that *none* of the Certificate Authorities are compromised at a deep level by one or more foreign governments, let along a bunch of hackers pushing on the backdoor, I think it's safe to say the browser security based on Certificate Authorities is now completely broken.