Like let’s say you have a proxy server like Nginx on a server with a public facing ip address and then it also has access to a private subnet where your application servers are running. A visitor to your website’s browser make a secure https connection the nginx server where https would be terminated and then it would proxy traffic in plain http over your internal private subnet to the app server. And your are in a five eyes country where your intelligence services took it on themselves to follow the nsa or fbis instructions and plug a network device into those private subnets of all the big service providers inside their datacenters that is configured in something like a promiscuous way so it receives all the packets for any device on the network. Then those packets somehow end up in a big nsa datalake.. or something along those lines
That's a fancy of way of saying "not using HTTPS" which may be what average incompetent shops were doing, but isn't using HTTP everywhere which is the security standard.
Like let’s say you have a proxy server like Nginx on a server with a public facing ip address and then it also has access to a private subnet where your application servers are running. A visitor to your website’s browser make a secure https connection the nginx server where https would be terminated and then it would proxy traffic in plain http over your internal private subnet to the app server. And your are in a five eyes country where your intelligence services took it on themselves to follow the nsa or fbis instructions and plug a network device into those private subnets of all the big service providers inside their datacenters that is configured in something like a promiscuous way so it receives all the packets for any device on the network. Then those packets somehow end up in a big nsa datalake.. or something along those lines