You can relatively easily MITM most applications by uploading a custom root cert... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		avar on Dec 16, 2014 \| parent \| context \| favorite \| on: Android: I don't need your permission You can relatively easily MITM most applications by uploading a custom root certificate to your phone, and doing SSL termination + re-establishment on a router your phone is using.

stefs on Dec 17, 2014 [–]

isn't this only true if the app isn't pinning certificates?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact