Although your question might not make perfect sense, probably because you don't even really understand what you're asking, I think I understand what you're getting at and wish to learn about. In that sense you are are right, the state of SSL is a joke, but that doesn't mean "encryption doesn't work." It's a bit more complicated than just "encryption" or encrypted tunnels.



I highly encourage you to watch this talk from the last BlackHat (2011):

https://www.youtube.com/watch?v=Z7Wl2FW2TcA



This talk explains EVERYTHING and quite lucidly. You will LOVE it if you're studying security.





BTW thanks for the thumbs down everyone! I appreciate it! I must really not know what I'm talking about at all (._.)

Well it depends as to which encryption programs you are using. The ones that are tested and trusted like TrueCrypt, Data Protecto and AxCrypt are not only reliable and I would recommend them to you as well because of their user friendly interface and strong encryption techniques.

The original 'trust' model which the CA's were created for, assumed that because they were rather limited in number, they could contain, control and monitor the issuance/revocation of Certificates; but: because of the proliferation of CA's outside of the early core group, and the subsequent hacks of CA's ( DigiNotar, Comodo, and RSA come to mind), that has become a rickety framework.



SSL has a now significantly reduced state of trust over the Internet, thanks to "compelled assistance" (Soghoian & Stamm) where a Trusted Root Certificate Authority (or CA) is 'persuaded' or forced by some entity, to issue a Root Certificate to them, which is then dutifully entered into a browsers Certificate "library".

These enable a client to be tricked into believing their SSL traffic is private and goes directly to the party they seek with their browser, but in fact is being re-directed to the intercept servers & decrypted.

This (retrieval of 'Certificates') is be done 'on the fly' with Microsoft.

Currently there are 264 CA's for Microsoft; 144 for Firefox & 166 for Apple. [figures may be somewhat dated-DP]



For the most part (and indeed almost everything done over the Internet) it all gets down to a matter of trust: we must trust that everyone has their ducks in a row when it comes to TLS, and average home users certainly fall into that group.



While the trust model is currently the best, I still back up my browsers 'automatic' acceptance of Certificates with a couple of Firefox add-on's, which go beyond the normal 'revocation inspection' and seek disambiguated sources for verification of the CA.

Those are:

Certificate Patrol

Perspectives

(at https://addons.mozilla.org/en-US/firefox/collections/dunbar-pappy/dunbarpappy/



Even then it gets down to a matter of trust: are all the ducks in a row?

It's a scary place out there eh?

Yes, you are wrong. And your question and premise makes no logical sense.

~

top answers are correct, Ann sers can you answer this question https://answersrip.com/question/index?qid=20120903083555AALoPLK