...is done using malware or phishing on users' PCs
Malware, phishing, trojan, etc. has a relatively well understood mechanic: you can control it and have tools for that.
So, you know that an email with "I love you" in the subject line has a zero chance to satisfy your search for love...
VPN - and corresponding key exchange, handshake and encryption standards - attempt to make sure
that nobody can read your communication "in transit", where you have no control over it whatsoever.
I have no illusions about what Google does (can do) with my emails.
Even using PGP can't hide metadata of your communication: To, From, CC, Subject...
I actually believe in Schmidt's statement that they in fact know more about me than I do.
And this is part of the reason I think "VPN provider" is an oxymoron: believing some schmuck that he will keep my communication secure. Yeah, right...
The problem with things like weakened security or back doors, as discussed in the article, is that they are discovered by hackers and used by criminals for things like identity theft. Whatever the NSA is doing now (which is cracking almost any current security) will be possible by just about anybody in 5 years. Dedicated cyber criminals will figure it out before then. The best solution for everyone is to provide security without any back doors that is secure against any known attacks. If that slows down the NSA, or any other law enforcement agency, that just means they will need to focus their efforts on real criminals instead of eavesdropping on everyone.
The best solution for everyone is to provide security without any back doors that is secure against any known attacks.
That probably was the case some 15 years ago when NSA was finacing Tor development. Not anymore.
Hence, it isn't for everyone...
If there is a silver lining in the latest NSA leaks, it's that math is a tool one can trust even in our "surveilance society". It's still easier to either strongarm a provider to reveal SSL keys or develop an encryption system with a backdoor and make others use it, than simply bruteforce the encryption.
Password crackers with a few high end video cards and specialized software can test some 10 billion passwords per second (against a hash table). NSA with a practically unlimited budget and brain supply can't do much better.
It's fairly easy to protect against crackers that check 10 billion passwords per second. The answer is simply to use passwords that require 10 quadrillion guesses to crack plus change passwords regularly. There is no protection against weakened algorithms and back doors, especially once they become common knowledge. The basics of 15 years ago still apply, the numbers have just become bigger.