When Snowden wanted to initiate communication with Greenwald, would it really have been a good idea to use keys which were linked to their real names? And either way, using existing keys or newly minted ones, wouldn't they have to confirm the key fingerprints off-channel anyway? In that scenario, you really want to make sure you got the right one.
For other types of communication, the threat model is different: When I send a message to my family, the content of the message is probably enough to establish that it was genuine. It would still have been nice if all governments and spies along its route would have a harder time reading it, though.
The scenario I could see signed keys being helpful in, is valuable communication between two strangers. E.g. if the two us wanted to make a trade, and you'd send me your Bitcoin address, I'd trust you more if the message was signed with a signed key. However, if you were selling me illegal goods, we're back to square one. Neither of us would communicate with real names.
They way I understand the EU "Data Retention Directive" is that telecom, ISP and other communication providers _are obliged_ to retain communication meta data of everybody and everything, for a minimum of 6 months. The UK act might go even further, and the devil is in the details. However, I find it a bit ironic that the EU court strikes down on this, when they have a thorn in their own eye.
In "The Internet Is Not the Answer" by Andrew Keen *, he points to some of the problems with today's web services: As opposed to the Internet's golden days of public standards and open protocols, today they are mostly centralized proprietary "winner takes all".
And the reason is simple: When Paul Baran, Bob Taylor, Bob Kahn, Vint Cerf, Tim Berners-Lee, et.al. invented their respective contributions, they were often government employees and as such not seeking or able to pursue monetary gains based on their inventions, or vehemently opposed to do so. They also understood that their protocols had to be public and open in order to be widely adopted.
In today's Internet economy, the goal is not universal standards or federated networks (e.g. email, PSTN), but rather reaching critical mass in walled gardens. If you can show you have amassed enough users, your company gets valued billions. IPO, vest, rinse and repeat. So if there was a public social network protocol, you could jump ship, just as you can with a domain and email today. That would not be in th interest of Facebook, Twitter, Instagram, Whatsapp . Much better ride the curve till the next bust.
*) Skip the book; it's a long rant, a gets a bit dull, even if Keen is a good writer.
> running scripts or programs written by potentially malicious people is the only reasonable way to do your job
Maybe I'm reading too much into this part of your post, however, if the only way to do your job is to run scripts you download off the Internet, then may I suggest you're doing it wrong (TM) ?
Typically, scripts are very small programs which you implement yourself for your own convenience. They are typically not distributed beyond your immediate team. If the "scripts" grow into applications for which you cannot (or will not) inspect the code yourself, then they are as much a security threat as any other executable from an unknown untrusted source. Now, that risk might be acceptable in some scenarios, but typically, a no-go on any corporate device.
Agree, but let's try to run some numbers:
If every user is worth $250 in ad revenue, they'll have some work to do. Let's say an ad-click pays Snapchat 10 cent. Then every user would have to make 2500 ad clicks. If each user clicks 2 ads per day, it will take a bit less than four years to reach $250 per user.
However, for each ad a user clicks, he will ignore many. Let's say the click-through-rate is 1%. So to get 2 clicks per day, he'll have to be exposed to 200 ads per day. Assuming a normal person is awake 16 hours per day, he will have to be exposed to a new ad in less than 5 minutes, every 5 minutes throughout the day, only on Snapshat.
So yes, that's where this seems at least a magnitude out of whack. Probably two.
The absence of labels [in ECL] is probably a good thing. -- T. Cheatham