ironically the biggest man-in-the middle ssl cert offenders in the world aren’t anti-virus software, it is CDNs like cloudflare. The very nature of how they work requires mitm, and cdn’s cover more than 4-10% of web traffic. how skeezy of them to forget to mention the fact that they are the worst offenders and not count themselves in these statistics.
(they only started caring about this because they noticed people mitm connections they were already mitm’ing, if they weren’t already a mitm they’d have no way to detect or pull this data. i don’t get why they consider it okay for them to do it but not anti-virus software, talk about a double standard especially since av has a better reason for this behavior as far as the end user’s interests are concerned.)
