Learn about certificate pinning, its complexities, and implementation in mobile security. Explore the broken certificate trust model, government surveillance concerns, and user bypasses of security controls. Discover virtual mobile infrastructure (VMI) and mobile app virtualization architecture for protecting data outside managed networks. Examine techniques for capturing encrypted data, implementing trusted SSL proxies, and leveraging hardware-protected clients with TrustZone. Gain insights into mobile business applications, security monitoring, and strategies to prevent data exfiltration in this comprehensive conference talk from BSides San Francisco 2015.