|
|
|
|
|
|
by oefrha
1957 days ago
|
|
|
I don’t use Android so I wasn’t aware of that. But that’s a completely separate concern from cert pinning which does not hinder decrypting third party connections at all. Edit: after looking into this a bit, this is pretty nuts. How do enterprises inject certificates now? |
|
|
They don't. It's been made increasingly clear that allowing certs roots to infect unrelated apps is a Bad Thing. MDM profiles etc presumably allow internal certs to be deployed, but those are hopefully limited as countries, let alone companies, have attempted to use those mechanisms to spy on millions of people.