8Nis
Can a VPN company perform a MiTM attack if SSL Pinning is in place?
Recently, I read news about Facebook acquired the Onavo VPN company to monitor Snapchat users' traffic. It seems they executed a Man-in-the-Middle attack by replacing the certificate. But could they have executed the same attack if Snapchat had been using SSL Pinning? What are the capabilities of a VPN application installed on a mobile phone?
