"What android is doing is making MITMing yourself harder."
That's not good for users.
I do not rely on Android, Windows or Linux. Not really much an app user either.
But if I were a user of these systems I would avoid apps where the user is not allowed to see what is being sent. Irrespective of any justifications put forth. By a company that relies on collecting personal information and selling advertising to make money.
Yeah, no shit. But that's not my, or your, point. Do you even have a concrete point you're getting at, or is it just "I don't like Google"?
Android is making it MITMing apps harder if the application itself did not attempt to make it hard. It has ALWAYS been possible for applications to pin their certificates and to make MITMnig them a pain in the butt. On every OS. On Windows. On Linux. On Mac. On iOS. And yes, on Android too. It has always been that way. I already went over this. Here, go read this: http://security.stackexchange.com/questions/29988/what-is-ce...
But, there is a solution! One that they (Google) also clearly indicated in the blog post when they announced this whole thing. And that solution is: Install a custom rom which does not have these security features. Bam. Done! That's all it takes. If you care about your privacy you're already running a custom rom. And if you care about MTIMing apps, then installing a custom ROM is not that much of a hurdle either.
That's not good for users.
I do not rely on Android, Windows or Linux. Not really much an app user either.
But if I were a user of these systems I would avoid apps where the user is not allowed to see what is being sent. Irrespective of any justifications put forth. By a company that relies on collecting personal information and selling advertising to make money.