All of these products require that a corporate root certificate is installed on the devices initiating the connection. This would require that all users install the cert on all devices, some of which do not allow such an install. I don’t think you can install certs of your choice on a PlayStation, an Amazon Echo, an Apple TV or any of the home automation systems. This would break all of those devices. It would also break any app that uses cert pinning. All of this is manageable in a corporate setting where you can remotely configure all devices and have a suitable IT support operation, but it would be an absolute support nightmare for comcast if random stuff just breaks when on their network. Think about what happens when Apple TVs or tivio boxes come with a sticker explaining that they don’t work on Comcast networks because Comcast does not allow secure communication. Banks would require their customers not to do internet banking while on Comcast networks since secure connections cannot be established.
So they'll be whitelisted. They just need to make use of FB/Google/Amazon/etc. websites impossible without the root cert and they can continue injecting ads into any website content. It's not like they care about injecting ads into PS4 API calls (yet).
Also how hard do you think it would be for American telcos to push for inclusion of their MITM certificates? Especially if other companies like Verizon come aboard the profit train?
Browser vendors distrusted whole CAs for less than full interception. In the end, all of this would require control over the device and Comcast can’t achieve that (unless legislated, but that’s a whole different ballpark)
