I don't quite understand high-level how this works for secure communication. Alice tosses an entangled photon to Bob and he gets the information out by reading the spin?
How do you stop Carol from just grabbing the entangled photon herself and reading the information? How can Alice know that Bob received the entangled photon? Even Carol as a MITM seems possible if she just sent Bob new entangled photons
Carol's measurements would destroy the entanglement in a way that Alice and Bob would be able to detect. However QKD is still vulnerable to a MITM (as opposed to mere interception). You would still need some sort of a mechanism so that Alice knows she's talking to Bob and vice-versa.
If you are talking about intercepting one of the entangled particles during tranmission, then you are right, that's not much more secure than any other transmission. But once the entangled pairs are at their respective secured locations then I imagine it would be rather difficult to get to the transmitted data. But I'm not an expert on these matters.
The same way you cannot prevent someone from reading the amplitude of the EM wave you send through generic wired or wireless media?
The trick has always been in encrypting the aggregate information. But, I am sure that quantum cryptography will be a completely different ball game compared to what we have now.
No, this is wrong; pejoculant has it right above: the act of measuring the spin state destroys the superposition. It's not physically possible for three observers to see the entanglement at once. There's no cryptography required.
How do you stop Carol from just grabbing the entangled photon herself and reading the information? How can Alice know that Bob received the entangled photon? Even Carol as a MITM seems possible if she just sent Bob new entangled photons