Any proxy could act as a MIM, so someone using a malicious fork of Stealth may cause problems.
But, the net is like this already. One site may send you to another site that tricks you into stealing your data. And, a relatively recent vulnerability subverted any WebKit-based browser from stating whether the site’s URL was using the correct server, so you’d have no visible way of knowing a site using HTTPS was legitimate.
Using a VPN could be better, but it’s sometimes worse, because you change who is trusted more (the VPN provider), as they know one of the addresses you’re coming from and everything you’re doing, and can record and sell that data.
I mean, technically, mozilla's ca-certificates tracker is the biggest attack vector on the internet's infrastructure [1]
and TLS transport encryption relies heavily on identification mechanisms which are recorded, verified and stored in a manner that a lot of third parties have to be trusted, too.
Even when ignoring that salesforce is a private entity with financial motivations, and that the server is hosted on 17 years out of date OSes, I wouldn't trust any single entity with a responsibility like this. Maybe the UN, but nothing below that, and I think a legislation for this would be the "most correct" approach.
I hope that in future (given tlsnotary works in the peer to peer case) this can be solved with content based signatures instead of per-domain-and-ip based certificates.
I mean, a snakeoil cert has to be assumed to be just as legit as a cross-signed cert these days due to the lower feasibility of letsencrypt certs.
Certificate pinning was a nice approach from the statistical perspective, but with letsencrypt taking over this is only valid for 3 months (max) until the pinned cert will lead to a required reverification.
