[michaelbuckbee]

Interesting! So in that case pinning would only help against upstream attacks in actual traffic - but would still allow for reverse engineering?

[maqr]

Yeah, as long as you have control of the device.

That hack only works if you have root, which means you have to be jailbroken, and Apple is always trying to stop that. I keep a jailbroken device around specifically for disabling all SSL for debugging and dumping app binaries/assets.

I wish they'd just let me buy the thing rooted like Google does.

[userbinator]

As long as you have control of the device, you can force it to do what you want by patching the code.