Here is the article that inspired this post:
The takeaway is to turn on https whenever you can. I notice that Gmail.com and FaceBook.comnow both run https ... I think it may be by default but if not and if you use web mail you should turn on https!
I've known for many years that access to a "MAE" was something that enabled someone to 'camp-out' right on the backbone and watch every single packet, however, I was NOT aware just how 'packet-injection' and the other exploit that this article details worked.
The United States can really take the lead here, even the National Security Agency (NSA) could lead the charge to make the Internet a more secure and open place to exchange information securely. Such an effort would ensure that communications between peers and client/servers would be imune to the attacks listed in the article. At the same time the we could engineer the New-NET so that it could be 'phone-tapped' in in that case the tap itself could be engineered so to leave a 'bread-crumb-trail' that while not obvious to the user would allow the governing authority that institued the tap to be ultimately accountable for the tap. This does mean that the 'black-hats' would sill hack/crack away at the 'New-Net' but with the guiding principal of transparency things could move forward.
Also to be very clear I have no idea how to reengineer the Net so that it conforms to what I say above but I am sure that it can be done it is just a matter of everyone agreeing how to proceed.