The decryption doesn’t have to happen in real-time since it’s just analytics. Dumping all traffic off to google doubles bandwidth but could be done in a way to minimize slowdown for users.
I agree that it’s a security breach, but it happens all the time. Look at enterprise products like ForcePoint [0] that will do deep inspection on https sessions because they have custom CA installed on enterprise clients. Many companies do this.
Because it’s their router hardware it would be possible to present anyone extracting the intermediate mitm carts and keys. The data are likely sensitive, but that’s what They have already.
Tools like ForcePoint don’t put a “real” CA cert on the device. They typically create a new CA per device, install that into the downstream client CA trusted roots and then generate mitm certs signing with this new cert.
I agree that it’s a security breach, but it happens all the time. Look at enterprise products like ForcePoint [0] that will do deep inspection on https sessions because they have custom CA installed on enterprise clients. Many companies do this.
Because it’s their router hardware it would be possible to present anyone extracting the intermediate mitm carts and keys. The data are likely sensitive, but that’s what They have already.
Tools like ForcePoint don’t put a “real” CA cert on the device. They typically create a new CA per device, install that into the downstream client CA trusted roots and then generate mitm certs signing with this new cert.
[0] https://www.websense.com/content/support/library/web/hosted/...