I honestly believe being another DigiNotar event victim is a few orders of magnitude less likely then having some script kiddie hack my account.

Why would in-mail javascript run at all?

No, it isn't. This article implicitly assumes user trusts server with everything or not at all. Not a case with GMail: in most attack models I can perfectly assume Google will deliver me correct Javascript code over SSL, but never trust it with securing my email content. Account hijacks are quite usual and replacing code on GMail servers is completely another thing.

How come I should care about legality of given software in any given country? Do you really propose to put yourself under chinese or madagascarian software patent, copyright and hacking laws?

No they can't. HTTPS inspection works only if user installed "trusted" certificate on his computer. This can be done in corporate environment, but not for home users.

How exactly can they plan to go deeper: go down and then dig?

World coming to its end!

In year 2010 we have automatic certificate distribution facilities in enterprise systems.

There is no trace of commits to linux filesystems, but article about Microsoft claims NTFS was updated.

NTFS in Windows 7 does. Read the links.