[Godel_unicode]

You provided one specific example, I explained how trivial that example was to hack around. Since then there's been nebulous pearl-clutching about how security is bad. If you had provided specific examples of how you think things are difficult, I would have explained how wrong you are. Unpinning certs is easy. Removing embedded certs is easy. Hooking verification functions is easy. If you possess the hardware, you win.

[rektide]

Most of the tool I've seen requires jailbroken/rooted devices. So only a handful of devices are even capable of these techniques. The latest iOS 14 has not yet been broken. Increasingly few Android devices can be unlocked or rooted, have been properly exploited into this mode.

I've said numerous times I thought your example was rosy. Removing embedded certs from Windows, OSX, iOS, Android programs seems like, in many cases, it could be difficult, as I don't feel like just removing the content is going to change app code that may be asking explicitly for pinning. Hooking verification functions as some of the xposed frameworks do seems viable, but again, this all is contingent on users having a level of access that most devices actively work to prevent, that requires the device to be exploited to achieve.

The security climate is in fact quite chilling. Everything you say is possible, but it requires increasingly rare access to the device, and increasing advanced levels of reverse engineering. The days when one could add their own CA to the store & intercept- those made sense- and they are long gone. The app makers, the OS makers, are securing devices against this kind of user-level control.