First question.

I have an app that's written in JavaScript and runs in the user's browser.

How can I be sure the code isn't changed as it passes through the NSA gateway?

I'm currently using an Amazon S3 bucket over unencrypted HTTP.

Clearly it's not secure, and the code could be modified as it passes through any of the gateways it has to pass through to get to the user.

I like S3 because it's inexpensive, reliable, easy and efficient. But not, in this sense, secure.

I don't think there's an answer today for even this very simple use-case.

But I'm certainly open to ideas.

Update: To be clear, if Amazon S3 had easy and inexpensive secure HTTP, that would take care of this issue, it seems to me.