Comment Re:https (Score 1) 104
Against the average Joe, fairly secure. Against the wrong people? Not even a speed bump. HTTPS works using Public Key encryption, not Secret Key encryption. That difference makes all the difference - Public key encryption is used to generate Secret keys, which are then used to pass information back an forth securely.
The problem is that Public key only depends on mathematically hard problems to make is secure (it's a hard math problem to break it, but not anywhere near impossible) vs Secret key, in which the key is basically random, and can be made long enough (i.e. use enough bits) to be physically impossible to break, no matter what (though often fewer bits than that are used to make it faster). Public key also has part of it public (hence the name) and part private. If you know the private key - game over - 'cause the Public key is already out there, by design.
Piled on top of that are Certificates that make sure you are using the right Public key to talk to who you want using encryption. Assume all the Certificates and Certificate Authorities (who vouch for them) have been compromised. Assume Public keys used by a lot of people have been broken (I'd include HTTPS to any well known group).
Today? I'd assume HTTPS is not secure - at all. Kinda leaves you SOL though, so really we're stuck with it.
Does that help?