|
|
|
|
|
|
by blcknight
812 days ago
|
|
|
> Onavo [...] would collect the “Time you spend using apps, mobile and Wi-Fi data you use per app, the websites you visit, and your country, device and network type.” That's the former type of collection I was talking about. There's no evidence I can find that they installed a root CA certificate and were MITM'ing connections. That's a major accusation and one that is not accurate as far as I can tell. Apple banned the app because it was inspecting underlying traffic not installing a fake root certificate: https://techcrunch.com/2019/01/30/apple-bans-facebook-vpn/ |
|
|
The language in the lawsuit complaint is explicit that FB installed a root cert to MITM and decrypt traffic:
https://news.ycombinator.com/item?id=39835115