Mac in SSL record Protocol

The SSL message is encrypted. Why do I need a Mac? Will someone modify the message? If someone is afraid of modifying the message, can I add a digest? Why Mac? This is for fear of offline attacks. We can trust the protocol, but cannot trust encryption.Algorithm, Especially the ECB encryption algorithm.

MAC = hash [Shared-key, serial-num, data], Mac can prevent replay attacks and maintain data integrity, even if the ECB encryption algorithm is used to cause a part of the content to be guessed, the attacker cannot re-calculate the MAC value because she does not have a key and cannot use only one digest, especially in non-grouped encryption algorithms such as sequential encryption algorithms, attackers can use various methods to know part of the plain text without having to know the key. If she knows some of the messages in plain text and modifies them through various strange means, she probably calculated the digest value in a more strange way, and then replaced the original package in a more strange way. However, if a Mac is used, she cannot do this without knowing the key, and a factor in MAC computing is the serial number, which can also prevent replay attacks, therefore, Mac in SSL protects the integrity of data records to the maximum extent, while key encryption ensures the confidentiality of data records.
In short, the Mac security lies in the introduction of a private key to calculate the abstract. Theoretically, as long as the private key is exposed, the Mac attack is possible, this method is generally used offline. Therefore, the best protection is to constantly update the password and change the password before the offline attack is successful, without giving attackers any chance. In addition, there is no other...