It sounds like they were having trouble doing their job because their corporate IT decided it was more important to intercept all TLS/SSL traffic on the corporate network than to allow software developers to do their job securely.
They weren't MITM attacking people outside the company, just MITM attacking their own employees.
I feel that pain, quite often (and am slowly losing a war on it at my current employer, sigh). TLS/SSL Interception Proxies are scum that make the internet overall less secure for a weird sense of security by corporate IT departments.
As a software developer, it's my job to make sure that no one is MITM attacking me so that the code I download to incorporate into projects is safe and secure. I can't check if a bad actor is MITM attacking me when my own employer is MITM attacking me.
> "It sounds like they were having trouble doing their job because their corporate IT decided it was more important to intercept all TLS/SSL traffic on the corporate network than to allow software developers to do their job securely."
Right, that was what I thought too, this is honestly why I'm turned off from applying to work with more bureaucratic companies (soon to be fresh graduate), I understand the reason for sensitive informations being leaked. But this seriously causes a lot of productivity loss...
I've interned with a small company that needs to SSL into government/companies servers to do work. (I don't do them, just on local company machine for testing etc. Also maybe why they can't let me do live site related stuffs) It'll be a big pain to not be able to SSL remotely and do work.
They weren't MITM attacking people outside the company, just MITM attacking their own employees.
I feel that pain, quite often (and am slowly losing a war on it at my current employer, sigh). TLS/SSL Interception Proxies are scum that make the internet overall less secure for a weird sense of security by corporate IT departments.
As a software developer, it's my job to make sure that no one is MITM attacking me so that the code I download to incorporate into projects is safe and secure. I can't check if a bad actor is MITM attacking me when my own employer is MITM attacking me.