[ai_critic]

https://blog.encrypt.me/2013/11/05/ssl-added-and-removed-her...

https://en.wikipedia.org/wiki/Room_641A

Yeah, they did (and probably do).

[parineum]

How are they going to MITM communications with certs that never left my machine?

Are you suggesting they broke TLS or that they've somehow acquired every private cert generated?

[aleqs]

You just intercept the traffic after its decrypted on the server side, or are you suggesting you somehow send encrypted traffic that never gets decrypted?