Whatever the reasons they’re claiming to do this for, it opens up a large can of potential problems for you if you use Gogo on your next flight. According to Gizmodo:
“In traditional man-in-the-middle (MITM) attacks, the attacker will intercept the data being sent between two different systems, allowing it to act as the middle man (duh). If the certificate for the site you’re trying to reach doesn’t add up (because it’s being signed by the MITM), your browser will usually warn you—though many often ignore this warning. Fortunately, Google engineer Adrienne Porter Felt did not.
First and foremost, by misleading customers in this way, Gogo is doing away with a hugely necessary layer of security, and in doing so, opens the same option to anyone else on the network with malicious intent. The fact that Gogo has access to all your data is bad already, but it’s impossible to know who else might be making use of the now gaping security holes.”
You shouldn’t use Gogo’s Internet service at all. The full article has all the bad news; unfortunately, it gets worse.