> You could write an app that specifically exposed some dangerous API, but you'd know you had done so.
Few people write insecure code on purpose. Of course the same is true of Safari or networking/parsing code. I still maintain certificate pinning is the answer here, to try and defend as much as possible against MITM in the first place.
Few people write insecure code on purpose. Of course the same is true of Safari or networking/parsing code. I still maintain certificate pinning is the answer here, to try and defend as much as possible against MITM in the first place.