As disclosed, the new feature will generate a visual error page whenever a third-party application attempts to intercepts network connection or injects untrusted certificates. The message will read the text “MOZILLA_PKIX_ERROR_MITM_DETECTED”.
According to Mozilla,
“We turned on the MitM error page by default in 66, alerting users that their connection is probably broken because of an application in the middle of their traffic.”This message would probably arise under circumstances where an app installed on the user’s device attempt to replace a valid TLS certificates with the ones untrusted by Firefox. For instance, when an antivirus program runs on a user’s device it may try to inject its own certificates to scan for malware by intercepting HTTPS traffic, or if it attempts to debug encrypted traffic, Firefox will display this warning.
Likewise, if malware executes on a user’s machine, and attempts to replace TLS certificates for malicious purposes, Firefox will show an alert message.
Mozilla isn’t the first to launch this feature for the users. In 2017, Google already introduced this feature with Chrome 63. The browser would display error messages upon detecting any SSL errors due to possible MiTM attacks.
