Use HTTPS, they said. Make sure your browsers shows that green padlock, they said. You’ll be safe, nobody can eavesdrop, they said.
IT security teams and threat hunters, who are familiar with the inherent security weakness of the web’s underlying protocols, know better.
The problem with HTTPS internet connections is similar to the problem with VPN. Or, as Larry Loeb put it in his post HTTPS: Beware the False Sense of Security on this blog: “[U]sers think that it does more than it actually does.”
For starters, a basic HTTPS connection gets established when the browser (client) connects directly to an origin server to send requests and download content protected by TLS-based encryption. Still, this communication is vulnerable to interception.
The reason is simple. Often, the browser doesn’t connect directly with the web server serving the website. Instead, data gets routed through a proxy or middlebox, a.k.a. "monster-in-the-middle" (MITM). HTTPS interception, for benign or malign reasons,