[vengefulduck]

Even as a user I don’t there’s a good reason to love cert pinning. If you’re going up against adversaries that can compromise web pki they also probably have some other exploits up their sleeve to pwn you.

Cert pinning pretty much serves to protect companies from people reversing their protocols and little else imo.

[ridafkih]

It prevents attack vectors that involve attacker-owned certificate authorities as well as compromised certificate authorities from exposing user-data.

https://sslmate.com/resources/certificate_authority_failures

[callalex]

As a westerner I can only speak for others a little bit, but this is a very western perspective. Even Kazakhstan has been caught doing sketchy stuff with their CA.

[NovemberWhiskey]

If it’s managed well, certificate pinning takes the web PKI out of the implicit trust envelope for your app.

From a pure security perspective, why trust someone you don’t have to trust? The web PKI CA bundle is great for cases where it’s hard to have a unique trust root for your application - like you’re running in a browser with no privileges - but if you’re distributing code then you’ve already solved that problem.

Managed well, it should be completely transparent to users as well. Managed poorly and it can be catastrophic (your app is dead until users upgrade it).

[out-of-ideas]

i agree, feels sort of like "we have a walled garden dont anybody else use it cuz our stuff is super secret and secure, trust us(tm)"; it's a layer of obscurity for their "security" - in reality its the app on a users pc that both has this "secrecy" as well a the "handshake" to open it