Y
Hacker News
new
|
ask
|
show
|
jobs
by
Crazyontap
699 days ago
Why didn't a big company like Snapchat not have certificate pinning? Something is amiss here!?
2 comments
liuliu
699 days ago
Snapchat do certificate pinning for it's main API domain. I am not exactly sure why analytics domain are different and why not have certificate pinning. (I thought analytics go through the same API domain, but it must be wrong then).
link
haxrob
699 days ago
The analytics domain was "sc-analytics.appspot.com" in which the lack of pinning is described at the tail end of the blog post.
link
theptip
699 days ago
From the OP, Snapchat started pinning not long after this program launched.
link