Hacker Read

morpheuskafka | karma 3444 | avg karma 3.46 · 2021-05-10 23:16:24+00:00

This situation is the same on Android, presuming you do not have a rooted device. On Android >7 third-party apps do not trust user certificates by default, and a non-root user cannot install new system certificates. And afaik there is nothing stopping them from using custom crypto libraries that do not use the system roots at all. And of course, even if you could decrypt the HTTPS traffic the actual API payloads and endpoints need not be in any kind of human readable format.

dheera | karma 9101 | avg karma 1.67 · 2021-05-11 00:32:11

It's much, much easier to root Android than it is to jailbreak iOS.

For one I run a rooted image to start with so I don't need to actually root it.

reply

tinus_hn | karma 7585 | avg karma 1.16 · 2021-05-11 18:54:16+00:00

For what it’s worth, there’s just a normal way to install custom root certificates on iOS, no jailbreak required.

fomine3 | karma 4883 | avg karma 0.96 · 2021-05-11 03:56:32

https://github.com/mitmproxy/mitmproxy/issues/2054