HTTPS safe? Maybe not

Interesting. However, the elephants in the room are, as usual, trusted root CAs - why bother with breaking the encryption when you can just MITM the connection?