> Onavo [...] would collect the “Time you spend using apps, mobile and Wi-Fi data you use per app, the websites you visit, and your country, device and network type.”
That's the former type of collection I was talking about. There's no evidence I can find that they installed a root CA certificate and were MITM'ing connections. That's a major accusation and one that is not accurate as far as I can tell.
That's the former type of collection I was talking about. There's no evidence I can find that they installed a root CA certificate and were MITM'ing connections. That's a major accusation and one that is not accurate as far as I can tell.
Apple banned the app because it was inspecting underlying traffic not installing a fake root certificate: https://techcrunch.com/2019/01/30/apple-bans-facebook-vpn/