Hacker News new | ask | show | jobs
by arsome 1755 days ago
That achieves nothing against someone who uses something like apktool/baksmali to do static RE, let alone inject something like Frida to perform dynamic RE. There are even Xposed modules designed to just bypass certificate pinning.

Certificate pinning is a good security measure, but not a counter-RE one.
1 comments
saagarjha 1754 days ago
Certificate pinning is neither a good security measure nor a good obfuscation one.
link