I really feel like if the very first thing your "identity protection" software does upon install is ask the user to uninstall a root certificate in their browser and email client, you're doing ...