@cruiser25,
That is why with the broken infrastructure we have, nobody seems to like to put in an effort to mend it,
we have to redefine the main term in this spelled "TRUST".
When are you able to fully trust an e2e encryption and the role of that CDN in it against data breaches and cloudbleeds? When your VPN or proxy has been turned against you, no longer keeping you safe, what then?
Who allowed a true amateur to develop a language like PHP that is insecure by design, and never should have been used as CMS apart from building a html website?
Why is Microsoft sitting on an enormous problem with double extensions for over a decade, and that has not be solved so gigantic amounts of user can be infested by executable second extensions that stay invisible by default?
These are real questions, so "What's up doc". Can you explain that to us, dear Mr. Michael Haydn, sir?
Why don't we improve the global Internet infrastructure? Poundering the problems is getting to the core of the problem. The infrastructure is holed like Swiss cheese and beyond. And top governance of the global Internet structure are not doing a thing about it or sitting on their hands.
IT staff and developers learn nothing about security or have to specialize in it as Technical IT, and when they have know-how or pass a particular security exam, CIA is the first institute to approach and gratulate them, depending from what part of the world they come. That is the situation shortly sketched before you. A security officer may do some resource engineering of worked out schemes put out before him, but he will never govern the lay-out he has to go by. Seems almost like we do not want to arrive at a more secure infrastructure because of vested interests, like we have found some here.
polonus