Same for Apple, I've had to bypass this multiple times for pen testing engagements. There are ready to use modules to patch it out, no root / jailbreaking required.
There is lots of good security reasons to do this. Further, if they didn't people would just roll a Swift / OBj-C SSL library and do it all themselves, which would be worse I think.
It stops people who have root certificates installed on their phone (e.g. the Facebook research app from a couple weeks ago) from being able to monitor traffic.
But it also allows that very same app to smuggle all kinds of tracking data to facebook without the developers having to worry that anyone would catch it doing so.
Also, we already have several systems to manage app access to things that could potentially be misused. Why not manage user certificates the same way?
E.g., pop up a consent prompt before letting an app install anything - or, if that is too annoying, don't give apps access to the functionality at all and exclusively manage certificates via the system UI.
> It stops people who have root certificates installed on their phone... [emphasis mine]
Indeed. That's my point. I'd consider this a bug, not a feature.
Yes, A tool called Objection can do it. You have to modify and re-sign the app you are interested in bypassing. Requires a developer account and the .ipa of the app you want to work with.
There is lots of good security reasons to do this. Further, if they didn't people would just roll a Swift / OBj-C SSL library and do it all themselves, which would be worse I think.