阅读，似乎避免这种类型的黑客（我明白是着名的中间人攻击）的唯一方法是做一个正确的身份验证。
很好地解释了这里：

After some reading, it seems the only way to avoid this type of hack (which I understand is the famous Man in the Middle attack) is to do a correct authentication. Well explained here:

公钥算法可以保证邮件的保密性，但是
并不一定能保证安全通信，因为它们不是
验证通信方的身份。要建立
安全通信，重要的是要验证用于加密消息的公钥
实际上是否属于目标接收者。
否则，第三方可能会窃听
通信并拦截公钥请求，用自己的
公钥替换合法密钥（中间人攻击）。

Public-key algorithms can guarantee the secrecy of a message, but they do not necessarily guarantee secure communications because they do not verify the identities of the communicating parties. To establish secure communications, it is important to verify that the public key used to encrypt a message does in fact belong to the target recipient. Otherwise, a third party can potentially eavesdrop on the communication and intercept public key requests, substituting its own public key for a legitimate key (the man-in-the-middle attack).

为了避免这种攻击，有必要验证公钥的所有者
，这个过程称为身份验证。身份验证可以通过证书颁发机构（CA）完成，该证书颁发机构是第二个
方，受到两个通信方的信任。

In order to avoid such an attack, it is necessary to verify the owner of the public key, a process called authentication. Authentication can be accomplished through a certificate authority (CA), which is a third party that is trusted by both of the communicating parties.

CA颁发包含实体名称，
公钥和某些其他安全凭证的公钥证书。此类凭证
通常包括CA名称，CA签名和证书
生效日期（从日期，到日期）。

The CA issues public key certificates that contain an entity's name, public key, and certain other security credentials. Such credentials typically include the CA name, the CA signature, and the certificate effective dates (From Date, To Date).

所以我猜想避免这种黑客攻击的唯一方法就是让客户端（这里的iPhone）使用预先确定的CA.

So I would guess the only way to avoid such hack is to only let the client (here iPhone) use pre-determined CAs.