Browser makers and others have been trying to fix this, it is actually harder than it looks. HSTS, certificate transparency, and shipping pre-pinned certs with the browser are all approaches pushed forward by browser makers. As an example of how this is harder than it looks one need only look to DNSSEC.
Huh? Which browser alerts me when the cert changes from the previous one that it has seen for a site?
That would be the most basic and trivial mitigation for a start. What we see instead is consortium paralysis for decades. Occam's razor much?
HSTS does nothing for certificate trust. And the other two you mentioned still conveniently keep us at the mercy of browser vendors and infrastructure owners.
Firefox + self-signed certs forces you to add an exception for the site, which makes the cert work and shouts at you again if that cert ever changes, so fulfilling the above. :)
Yes it would be nice if the browser prompted more suspicion in those cases when a self-signed cert changes than when one is simply used for the first time. (Theoretically the changing of a regular CA-signed cert shouldn't prompt any suspicion, but I wonder...)
Seeing the padlock has never told you much interesting to begin with.
You have to click the padlock and compare the fingerprint to a known good one.
Yes, nobody does that. And that's why SSL in the browser is a red herring (as far as 3-letter agencies are concerned).
Why no browser vendor ever tried to fix this basic design flaw is left as an exercise to the reader.