They pin certificates, so that a CA compromise that would enable MITM attack by the global passive adversary would be detectable (and in fact that mechanism has already been used to detect CA compromises.)
As we've already seen, NSA and other such agencies already have direct connections into the under-sea cables that connect countries across the globe. MITM is exactly what they do ALL THE TIME. To not see it as effective is to miss the point of Total Information Awareness.
That question cannot be answered, sorry. Cryptographically it is sound today. But that point is entirely moot if the NSA has the CA private key, or has access to your computer.
Do you think it's easier to discover attacks on AES or court order CA's?
You need to trust your OS, Chrome cryptography implementation, AES and RSA, and the end point, its OS and its possible role as a mute puppet, oh and don't forget everyones hardware!.
