[useful]

It would be nice if there was an effort that pulled the public/prviate keys hidden in the binaries of apps like facebook/google and decrypted the traffic for inspection/blocking. Rewriting would be nice but everything seems to be certificate pinned now.

Can an app just use the CT logs? I'm a little out of my depth on this topic.

[gnu8]

How does certificate pinning work on corporate networks where all of the clients have a certificate from the local root CA installed and a proxy server examines all encrypted traffic? Presumably that doesn’t break Facebook so maybe there is a loophole there.