Matthew GreenThis thing Facebook did โ running an MITM on Snapchat and other competitorsโ TLS connections via their Onavo VPN โ is so deeply messed up and evil that it completely changes my perspective on what that company is willing to do to its users.
๐๐ท๐ญ๐๐ฃ๐ฒ๐ฎ๐ญ๐๐ฎ ๐ค@matthew_d_green How does that even work? They should get a certificate error when someone is trying to do a MITM.
Justin Fitzsimmons@andytiedye VPN installed a new root cert
Cassandrich@smn @andytiedye Is this really how it worked? ๐คฆ
I have said 100 times and been ignored: device & browser vendors need to remove custom root CA support from their mainline products for consumers and only offer the antifeature in a $1000+ enterprise product.
@dalias @andytiedye that's what was initially reported but I've now also seen claims that snapchat started cert pinning prior to when this VPN thing went live so now I don't know. Maybe it was more sophisticated?