By controlling both sides of the connection, and by investing in people like Adam Langley. And yes, other sites should. Not "control both sides of the connection", which is unrealistic, but in modeling their server configurations on Google's so they can take maximal advantage of Chrome's TLS features.

I think it uses perfect forward secrecy, unlike almost any other SSL connection: http://blogs.computerworld.com/encryption/22366/can-nsa-see-...

Prefect forward secrecy is a lot more secure since if google's private key were compromised any traffic -- including traffic captured in the past -- would still be secure (baring some further compromise).

Each connection has 2 possibly transient negotiated public/private key pairs made just for that connection. In theory, google could store all these pairs as well and they could be compromised, but that adds up to a lot more ifs.

As near as I can tell, the extra computation required to do perfect forward secrecy is a large part of why its not more frequently implemented.

When Google.com's certificate was faked, it was discovered because Chrome restricts what CAs are allowed to sign Google's certificates, if I recall correctly.

Google does that for a number of other non-Google sites, too.

Pretty sure its just google sites, because otherwise you might get false positives as other sites change servers/ips/certificates/etc

Be less sure. Google provides certificate pinning as a service to other sites, who request it specifically.

Interesting. Kind of an eclectic small list: Google, Twitter, Tor, CryptoCat.