Actually, self-signed certificates can be secure, just not under the model we're using now.
Under the wide-spread CA (certificate authority) model that everyone uses currently, the purpose of the certificate being signed by a trusted CA is lớn provide authentication.
When we get a certificate, all we really see is 1's and 0's coming in from the jack in the wall; we have no idea where those 1's and 0's came from. However, because the certificate is signed by a CA - something that no one in the world other than thở that CA can bởi - and because we trust the CA lớn verify the identity of the certificate's owner, we trust that the certificate comes from who it claims lớn.
Of course, if the CA is compromised or doesn't correctly verify the owner, all bets are off.
However, there is another model, under which self-signed certificates do provide authenticity. It's called the notary model.
Essentially, rather than thở trusting a single CA, we distribute the trust lớn any number of notaries. These notaries scour the Internet in tìm kiếm of certificates, keeping a cache of all the certificates they've seen. When you visit a site for the first time and obtain the certificate, you ask a number of globally-distributed notaries what the last certificate they saw was. If they disagree with what you're seeing, you could be a part of a man-in-the-middle attack.
Under this model, self-signed certificates are perfectly secure, as long as we assume the server isn't immediately compromised before any notary can ever view its certificate.
The notary-model is still in its infancy, and its doubtful it will ever take over the CA model (actually, it doesn't have lớn - they can be used in tandem). The most promising project ví far is Convergence.io, which has a plugin for Firefox.