http://u.qdnx.org/file/-20150219T125809-9vb4sbx.html
MITM cert software is all too common. There's a whole ecosystem of vendors selling MITM "solutions" to corporations. And since nobody ever checks the cert details when they're browsing with https, nobody realizes they've been compromised. Never do your banking from your employer's computer! The whole hierarchical PKI of certs, CAs and browsers is completely broken. !surveillance !security