Comment by eightysixfour

I think what is missing is a timeline and clarity about the actual steps users had to take.

1) Onavo was a (free?) VPN app acquired by FB in 2014. Facebook used it to collect “market research data.” People chose to download this, but thought it was a security product.

2) At some point (it looks like 2016?) they launched an iOS app called Research, using the same tech, which required users to install a certificate meant for internal Facebook employees. They paid these users to monitor their traffic.

Are you saying that the MITM was happening for users of (1) or (2) or both?