You overdramatize, they mostly just push json around. mitmproxy is your friend. And since you only need to see for yourself once who cares about stability.
I share your attitude towards inspecting your devices’ traffic being an inaliable right, but AFAICT this hasn’t been the case for a while now.
I believe on Android MITMing even most third party applications (that make zero-to-no effort to prevent this) requires a rooted phone or an emulator running and older Android (8) without Google Play Services and doing a little bit of RE (for instance using some Frida user scripts to patch the apk to circumvent the certificate pinning). I reckon MITMing the actual traffic Google itself can collect would require a lot more RE and network wizardry than I’m even aware of (feel free to link some reading though). Here’s a recent walkthrough I saw in the wild: https://youtu.be/c4wS9n7yilA?si=xAfwCyWIzdrvOiHc
For Apple devices afaict since rooting was…ahem rooted out, no viable amateur-DIY methods for monitoring your devices traffic exist.
I know everything is open source if you’re good enough at assembly but at some point it’s gone from something a tinkerer can do to something you need significant talent and in-depth knowledge to do.
I’d love to read any write-ups or guides to the contrary though.
I believe on Android MITMing even most third party applications (that make zero-to-no effort to prevent this) requires a rooted phone or an emulator running and older Android (8) without Google Play Services and doing a little bit of RE (for instance using some Frida user scripts to patch the apk to circumvent the certificate pinning). I reckon MITMing the actual traffic Google itself can collect would require a lot more RE and network wizardry than I’m even aware of (feel free to link some reading though). Here’s a recent walkthrough I saw in the wild: https://youtu.be/c4wS9n7yilA?si=xAfwCyWIzdrvOiHc
For Apple devices afaict since rooting was…ahem rooted out, no viable amateur-DIY methods for monitoring your devices traffic exist.
I know everything is open source if you’re good enough at assembly but at some point it’s gone from something a tinkerer can do to something you need significant talent and in-depth knowledge to do.
I’d love to read any write-ups or guides to the contrary though.