Company IPS Plays MITM for the openai.com¶
Recently, one of my friends told my company alerts you when you open the openai to suggest you use the company's internal gpt tool. However, the browser still treats this connection as secure because it satisfies the HTTPs requirement.
This is indeed the man-in-the-middle attack, which hijacks your connections as the middle man and then establish another connection to communicate. The root cause is that in your company device, the certificates of company's ISP are forcibly trusted. As a result, technically they could monitor and modify your requests when necessary.