Is there a risk of interception of traffic through a Frigate or Browsec?

Forgot to disable the extension Browsec and took advantage of the savings online. But I still thought that somehow everything is slow. Everything was HTTPS and a green padlock and the green Bank's name in the address bar.

Worry, can now Browsec knows my login/password? Can then Man-in-the-middle?
How do I work through this kind of expansion?
2 answers
July 2nd 19 at 17:21
Solution
If the castle was the name of the organization that issued the certificate - the MITM is impossible, this certificate carefully checked. Of course, if the organization issuing the EV certificate is not compromised, but there are much stricter checks than usual.
And about the possibility of theft - if a browser extension to inject in the page the content script, it can do anything you want to steal, but not through MITM, and other ways.
July 2nd 19 at 17:23
Solution
These extensions use proxy - traffic goes through a third party server. In the case of HTTPS, all traffic is encrypted and even if intercepted, your passwords will not fall into the wrong hands.

Find more questions by tags Information securityTraffic analysisEncryptionAnalysis of site traffic