[rohanpai]

If you can man in the middle traffic, aren't all authentication cookies compromised anyway?

Wouldn't any service then be subject to "interception"?

[devindotcom]

Not with proper encryption, I believe? In this case you can get someone else's supposedly private snaps if they're on your network, because the key is the same as the one for decrypting your snaps.

[Nursie]

Correct. Properly set up TLS should protect you regardless of MITMs.

The issue comes if someone can get you to accept their CA. In both this case and for MITM attacks on TLS. At that point it's game over.