How empowered are ordinary web users to start encrypting all their web traffic, to protect it from the NSA, GCHQ, other over-reaching government agencies and the many criminal organisations that are, no doubt, doing exactly the same internet spying but aren't trying to tell us it's for our own good? If I wanted, for instance, to start using a social networking tool that couldn't be (easily) spied on, what are my options? Keep in mind that "social" part of "social media", too, which either means I need to convince all my friends to come with me and install pain-in-the-arse encryption software or it needs to be seamlessly compatible with their existing social media tools.
See, I could jump ship off Facebook and start using some hypothetical third-party encrypted social networking website, but unless the rest of my social network comes with me, it's just me. Yes, it's better for their privacy if they come too, but how do you convince every single one of your friends to take their medicine and eat their peas like good boys and girls when they're already set up on Facebook and it seems to be going fine?
Mokalus of Borg
PS - So I think we are kind of locked into insecure services if they're insecure by default.
PPS - Which just means everything should be made secure by default.