Ah, thanks for the detailed explanation. Have been wondering this for a while.
So if I read it correctly the major difference between the two platform is the opt-in/out part.
On iOS I can sniffer some random small apps trivially, since most of them don't enable pinning; on the other hand for android it's default on ( so I have to manually patch the apks everytime.
IIRC "have to opt in to loading user-imported certificates" wasn't the case a few generations of Android ago, correct?
So if I read it correctly the major difference between the two platform is the opt-in/out part.
On iOS I can sniffer some random small apps trivially, since most of them don't enable pinning; on the other hand for android it's default on ( so I have to manually patch the apks everytime.
IIRC "have to opt in to loading user-imported certificates" wasn't the case a few generations of Android ago, correct?