A lot of apps build in C# (or probably any other language) lack the basic protection againstĀ Man-in-the-middle-attacks. One of the reasons I could find for this is because of the following.
If you’re searching the web on how to communicate with your development server (probably not hosted with a correct SSL certificate), most sites tell you to include the following code to your project.
While this is perfectly fine during the development phase, you should make sure this part is NEVER included in your project that will be deployed somewhere!