undefined | Better HN

0 pointstokenizerrr9y ago0 comments

You should read up on how certificate pinning works. Obviously you can still decompile and recompile the app with different certificates baked in but it's a bit more difficult than what you're implying.

0 comments

__b__9y ago

Any device that prevents a user from installing their own CA root cert is not one I would use. I'm not sure if they have started to do this or not.

In terms of protecting users, there's no valid reason the owner of the hardware should not be able to control the list of endpoints that she has already authenticated and is willing to trust.

It would be like if SSH did not allow the user any control over known_hosts or to decide that she will accept or not accept a connection.

tokenizerrrOP9y ago

The entire point of certificate pinning is to ignore the certificates the user installs... Nothing to do with the operating system at all. If the software doesn't want to connect because the wrong certificate is presented to it that's where it ends. You can install as many local roots as you want, it won't change a thing.

__b__9y ago

"... it won't change a thing."

So if the user does not want to trust a certificate installed by someone else on the device, she can "revoke" it?

And by the same token if she wants to explicitly trust a certificate, regardless of who installed it, she can do so?

Does the user have control of the process of "trust" or not? The entire point of the device, OS and apps is to benefit the user, not some third party trying to hide data being sent from the device... from the user.

Do you believe a user should be able to "MITM" her own traffic or not?

1 more reply

j / k navigate · click thread line to collapse

0 comments

__b__9y ago

Any device that prevents a user from installing their own CA root cert is not one I would use. I'm not sure if they have started to do this or not.

In terms of protecting users, there's no valid reason the owner of the hardware should not be able to control the list of endpoints that she has already authenticated and is willing to trust.

It would be like if SSH did not allow the user any control over known_hosts or to decide that she will accept or not accept a connection.

tokenizerrrOP9y ago

__b__9y ago

"... it won't change a thing."

So if the user does not want to trust a certificate installed by someone else on the device, she can "revoke" it?

And by the same token if she wants to explicitly trust a certificate, regardless of who installed it, she can do so?

Do you believe a user should be able to "MITM" her own traffic or not?

1 more reply

j / k navigate · click thread line to collapse