I do agree with you that Flame appears to be a targeted cyber-espionage tool and that the chance of the typical home and small business user being infected is remote. However, the worry thing is that it has exposed a serious loophole in the validation procedures for obtaining and trusting digital certificates. CIS is built on the foundation of white-listed trusted vendors and their trusted digital certificates.
I made a wish, which can be found here
, in which I propose a process which I believe could counteract these sort of problems quite well with very little loss in usability.
Please let me know what you think.