Sure, LetsEncrypt can issue certificates for that domain. If you have a webserver you control that runs on port 80, you can use Certbot[1] to get a certificate for that domain.
[1]: https://certbot.eff.org/
If you read the article, you would know that it is a terminal emulator written in javascript that gives you access to the computer the webserver runs on.
There is no change to the browser itself at all, just plain javascript that shows a terminal running on a remote computer.
> In the case of md5, creating a pair of inputs with the same hash is easier than creating another input with the same hash as something else which you didn't yourself generate.
This is the case with all instances of seeking a collision, due to the birthday paradox [0]
The birthday paradox helps with the case of finding any two random inputs that have the same hash. The problem with MD5 is that it's feasible to craft two specific inputs that happen to have the same hash.
You do not ask for an extension of an SSL certificate, but you get a new one signed with another expiry date.
I think it is theoretically possible to change the expiration date, and ask a certification authority to sign that new certificate, but I have never heard of that happening anyways.
The site cannot detect that you have an extra root certificate lying around on your computer.
If you visit the website without the Superfish program installed, you just evaluate the SSL settings of your browser.
