Verified by whom? I certainly want my browser and OS to retain my possibility of installing certificates all day long.

Trivial technological solutions will not stop the state actor from retaliating against those not following their policy either.

I mean, the choice being presented is to install the MITM cert, or to not use the internet at all. The latter is an answer, certainly, but not what I would call a very good solution.

The government is forcing people to find a third choice and they might not like what they pick.

It's a common meme that users will click "yes" to everything, but I'm not sure people realise just how far that goes. Look how it looks when Chrome marks a site as malware:

https://www.removemalware.net/wp-content/uploads/2016/06/the...

Wait until you're doing forensics on a cryptolocker outbreak and you find not only did a user do that, but multiple users helped her through it and the management then praised her for overcoming technical barriers even after it was found to be the cause of the incident.

Unfortunately nothing about warnings makes anything a solved problem.

Corporations also do this so they can scan traffic for data exfil.

Which is, tbqh, a useless solution. Oh wow, now an attacker just has to include some obfuscated javascript encryption lib. Bam. Exfil detection completely bypassed.

For example corporations might want to make sure that worker is not sending e-mails with confidential data from its gmail. Sophisticated thief surely will circumvent that kind of protection, but a lot of thieves are stupid, so simple measures actually work.

True, but Joe Dipseedoodle doesn't accidentally send out an HR report because he was logged into his personal email account.

Too much security is willing to give up on the 95% because they can't get the 100%.

Is that a new word I should know?

It's a shortened version of "exfiltration"