by Rob Richardson
Rob Richardson is a software craftsman building web properties in ASP.NET and Node, React and Vue. He's a frequent speaker at conferences, user groups, and community events, and a diligent teacher and student of high quality software development. You can find this and other talks on https://robrich.org/presentations and follow him on twitter at @rob_rich.
Because Troy told me to.
TL;DR: this is a great reason
A Firefox extension
Spied on open wifi networks
Stole session cookies
Then login as them
A small wifi device
Listen for authentication requests
Answer "Yes, I'm that wifi"
Then proxy traffic to the real server
Certificates create an encryped tunnel
between the user and the web server
People in the middle
can't see the contents of the message
https://badssl.com/ is a great sandbox of cert failures