Because of this I assume companies will start encrypting their JSON to make it impossible to see what is going through their application.
A lot of lawsuits can start from this kind of exploring.
On iOS this isn't necessarily true under certain constraints.
They can make it impossible given the device is not jailbroken. Sometimes there are versions of iOS that are un-jailbreakable. If you are not Apple, it could very well be impossible to figure out what an app is sending to a remote service if it gets its cryptography right.
Edit: thinking about it, although it may be impossible to MITM the connection, presumably one can inspect the compiled application to determine what it would send, so I think I was wrong about this
Apple doesn't have the best track record around auditing software for obfuscated functionality. The OS is built around the assumption that an app can misbehave without risking the user's resources. Of course, jailbreaking disproves this.
