@seriouslyjeff I think I'm missing a piece of the picture. Do these Android kits allow downgrading TLS connections to plain HTTP?

Like the article explains, merely providing a VPN wouldn't have been very effective as Snapchat was using TLS, so they would just see a lot of encrypted traffic.

It's not clear to me how they managed to intercept the content that should have been encrypted on the client. 🤔

EDIT: Solved, see my self-reply.

@seriouslyjeff Nevermind sorry, I overlooked the court document you linked. So they installed a Root CA to hijack the traffic. Holy fuck.

The reason why it was unclear to me is that I did not expect them to pull this. I kind of wondered if there was a more "legitimate" way of doing this rather than something which is absolutely illegal.

Thanks for sharing!