Nokia Redirecting Traffic On Some of Its Phones, Including HTTPS

An anonymous reader writes "On Wednesday, security professional Gaurang Pandya outlined how Nokia is hijacking Internet browsing traffic on some of its phones. As a result, the company technically has access to all your Internet content, including sensitive data that is sent over secure connections (HTTPS), such as banking credentials and pretty much any other usernames and passwords you use to login to services on the Internet. Last month, Pandya noted his Nokia phone (an Asha 302) was forcing traffic through a proxy, instead of directly hitting the requested server. The connections are either redirected to Nokia/Ovi proxy servers if the Nokia browser is used, and to Opera proxy servers if the Opera Mini browser is used (both apps use the same User-Agent)."

So...um...

[grasshoppa]

Are they actively trying to kill the company? I have to ask, because it really seems as if that's their goal.

Re:So...um...

[Anonymous Coward]

The Opera and Silk (Amazon) browsers channel their data through to home servers to render most of the page there and is especially useful for situations with high bandwidth but low end CPU.

This is how most i things render Flash video, incidentally -- it replaces the flash object with a transcoder on their own servers.

Non-story. Yawn.

Re:So...um...

[AliasMarlowe]

Non-story. Yawn.

Indeed. Same behavior as any of several other smartphone browsers, and with no MITM attack over https.
But we're left wondering what sort of "security professional" this Gaurang Pandya might be.

Yup.

[Andy Prough]

Anyone who didn't realize Opera Mini was rerouting data for compression on their servers just didn't look into it before downloading and using it. It's a "feature" - supposed to get you faster browsing. Worked pretty well for me when I had it on a 3G Blackberry.

Re:

[Andy Prough]

Kindle Fire does it in its default browser. You aren't so much "warned" as they push it as a "feature", I suppose.

Re:

[gl4ss]

opera mini warned you front up, if you cared. with opera mini it was the entire point of the whole application that rendering was dumped to operas servers(it translates it to a stripped form of properiaty html like code).

the new nokia browsers entire selling point why it's better than the old was the transcoding servers as well. old news and a non-story. in some countries you might prefer this too...

http://en.wikipedia.org/wiki/Nokia_Asha_311 [wikipedia.org] Web: Nokia (proxy) Browser for Series 40.

Um, Yeah, a big UMM back at ya

[__aablib8664]

If you _re-read_ his post, he is only showing evidence, and claims that Nokia NOT OPERA is a MITM. use of the word "attack" obviously doesnt apply. But it is -extremely clear that Nokia is intercepting and repackaging https traffic. Opera is not, and their privacy policy clearly states that Opera passes HTTPS untouched and only boosts -normal HTTP traffic-

I may be left wondering why you have no concern that a secure https connection you expect to a website is infact, not to that website, but is decrypted -

Re:

[__aablib8664]

He doesn't show Opera doing a MITM for HTTPS traffic. Infact, from Operas Privacy Policy regarding their boost:

Privacy in Opera Turbo
When Opera Turbo is enabled, the service will compress network traffic, thereby increasing download speed and reducing data volume. The service requests normal Web content through an Opera Software proxy server. Opera Turbo will exclude Web pages located on an intranet or by using secure connections (HTTPS). Opera collects IP addresses, usage patterns, and the point in tim

Re:

[kelemvor4]

This is how most i things render Flash video, incidentally -- it replaces the flash object with a transcoder on their own servers.

Non-story. Yawn.

I don't think it's a non-story, I think it's awesome! Automatic transcoding of videos should be touted as a feature.

it's a fund-raiser!

[swschrad]

well, most folks around the courthouse steps call it a hack, but, hey, whatever.

Re:

[ron_ivi]

February 2011, Nokia has had a strategic partnership with Microsoft, as part of which all Nokia smartphones will incorporate Microsoft's Windows Phone.

(from wikipedia) Perhaps they see more potential in stealing people's credit card information than in Windows 8 phones.

Re:

[theedgeofoblivious]

No, this is how Nokia intends to make money in the future: by selling stolen credit card information.

Re:

[grasshoppa]

It's a question of liability; sniffing dns traffic is radically different than purposefully performing a MIM attack.

My bank account gets cleared out; Nokia is now a suspect.

Re:

[oztiks]

Mod points +insightful for this one I believe!

Many mobile browsers do this.

[Kenja]

Is this different then the acceleration offered by Amazon on the Kindles or other browsers? I know that in Amazons case it can be turned off, but they use a proxy so that the can recompress images and run scripts off of the mobile device. I know of one or two third party browsers including Opera Mobile that do much the same thing.

Re:Many mobile browsers do this.

[Anonymous Coward]

They shouldn't be doing it for HTTPS traffic, though. That's straight-up a MITM attack that allows gathering of info (credentials, bank info, HIPAA info etc.), that should not be viewable to anyone outside of the user and the site he's connecting to. Despite Nokia's TOS, they could be in trouble legally here.

Re:Many mobile browsers do this.

[EkriirkE]

Opera does this for even HTTPS. On their site they explain "no caching, totally secure, etc"

Re:

[Daniel_Staal]

Opera Mini does it even for HTTPS. Opera Mobile has it as an option, like their desktop browsers. (And then I don't think it does HTTPS.) That's the difference, and the advertising all mentions it. (And why they have two browsers for the same market. Mini does have a slightly smaller CPU footprint on the consumer device, so it works on lower-end devices as well.)

Re:

[RulerOf]

To be fair, it's only insecure if they're lying about it.

....not that I'd care to put that much trust in my Browser vendor... Then again, I'm using Chrome. Hmmph.

Re:

[ultranova]

To be fair, it's only insecure if they're lying about it.

It's insecure either way. Them actively lying about it makes them liars too, but even not lying is meaningless if the information is buried somewhere in an EULA bloated by legalese to the point where no non-lawyer can be expected to read or understand it.

Re:Many mobile browsers do this.

[Baloroth]

They shouldn't be doing it for HTTPS traffic, though. That's straight-up a MITM attack that allows gathering of info (credentials, bank info, HIPAA info etc.), that should not be viewable to anyone outside of the user and the site he's connecting to. Despite Nokia's TOS, they could be in trouble legally here.

No, it's not a MITM attack. From the sound of it, that's exactly how the browser was always intended to work. I haven't used the Nokia browser, but the Opera Mini "browser" isn't actually a browser properly speaking, it downloads everything onto Opera's servers, renders it, compresses it to an image file, and sends it to the phone (reduces bandwidth and CPU costs). It does this to HTTPS and HTTP connections alike (couldn't use HTTPS without it at all). I'm guessing that is exactly what the Nokia browser is doing too. There's no legal trouble with doing that, at least if they aren't recording the data (Opera doesn't, I'd assume Nokia doesn't either). FFS, Wikipedia lists the damned browser as a proxy-based one, as does Nokia's website. It's like being surprised your browser can see the passwords you type into a website. Can't be an "attack'" if they publicly inform you that's how the thing works.

Re:

[Anonymous Coward]

And what's to stop a disgruntled Nokia worker from firing up Wireshark and recording whatever they want without approval?

Re:

[Luckyo]

Prison sentence.

Re:

[L4t3r4lu5]

So I guess there is no crime being committed, anywhere, by anyone, which is punishable by a prison sentence?

It's a cost / benefit question. Is the benefit of hundreds of thousands of bank login details to sell worth the risk of prison? If yes, proceed to Go. If not, sit on your hands. For some people, the benefits only need to be slight.

Re:

[Luckyo]

It also didn't stop any of the serial killers or terrorists. I think you have much bigger worries then someone hacking your https connection if that is your measurement stick.

Re:

[Luckyo]

Opera has the same giant virtual lobby for about a decade. Holy shit, they must have caused the credit crunch!

Re:

[Luckyo]

Whoosh.

Re:

[bws111]

What good would that do? The traffic is still encrypted between the phone and the proxy, and the proxy and the 'real' destination.

Re:

[DarwinSurvivor]

If they are rendering content for you, they need the unencrypted traffic, so obviously there is some point on the line where A) The traffic is unencrypted or B) The traffic is encrypted with a certificate owned by the proxy (and thus sniffable).

Re:

[bws111]

Yes, but now you've moved from 'anyone with wireshark' to 'anyone with wireshark and access to the private key'. That is surely a much, much smaller group of people.

Re:

[blackwizard]

Not necessarily. That depends on the network topology and their server setup. The data might be going over an Ethernet connection in the clear at some point. And you wouldn't necessarily need direct access to the private key, either, depending on the setup (though if it was as secure as it could be, you'd need access to the machine the proxy is running on). No one is saying you can waltz into any Nokia office with your laptop and open up Wireshark. It'd have to be an inside job. And it's likely that the ins

Re:Many mobile browsers do this.

[Anonymous Coward]

If you open an SSL connection, I think most people assume that the protocol is working as intended, and ONLY the sender and the receiver have knowledge of the exchange. It *IS* an active MITM attack; they have done exactly what an attacker would do. Why the HELL should I trust Nokia's certificate? Do they run a CA using industry standard practices that assure the identity of the sites on the other side of the connection? No? Then get their freaking certificate OFF of my trust list!

Re:

[loufoque]

But you're not opening a SSL connection, the Nokia server does, then sends back the result to you.

Re:

[coinreturn]

They shouldn't be doing it for HTTPS traffic, though. That's straight-up a MITM attack that allows gathering of info (credentials, bank info, HIPAA info etc.), that should not be viewable to anyone outside of the user and the site he's connecting to. Despite Nokia's TOS, they could be in trouble legally here.

No, it's not a MITM attack. From the sound of it, that's exactly how the browser was always intended to work. I haven't used the Nokia browser, but the Opera Mini "browser" isn't actually a browser properly speaking, it downloads everything onto Opera's servers, renders it, compresses it to an image file, and sends it to the phone (reduces bandwidth and CPU costs). It does this to HTTPS and HTTP connections alike (couldn't use HTTPS without it at all). I'm guessing that is exactly what the Nokia browser is doing too. There's no legal trouble with doing that, at least if they aren't recording the data (Opera doesn't, I'd assume Nokia doesn't either). FFS, Wikipedia lists the damned browser as a proxy-based one, as does Nokia's website. It's like being surprised your browser can see the passwords you type into a website. Can't be an "attack'" if they publicly inform you that's how the thing works.

And yet, if this were Apple doing it, the flames of hate would be enormous.

Re:

[Dahamma]

No it's not. This has been done on older and/or low end cell phone browsers for years. This "security researcher" mentioned must be completely clueless if he didn't know that...

Think of it this way - the *browser* it really on their server, and the app on the phone just displays simplified/pre-rendered content. This is the only way you are going to get a decent web browser on low end phones without enough memory or CPU power to handle all of the HTML/JS that can be thrown at it.

Re:

[stooo]

>> This "security researcher" mentioned must be completely clueless if he didn't know that...

Often security breaches are waiting wide open for someone to exploit them. This is the case here.
Often security people point it out.
Often clueless people say "it has been broken since years, don't worry"

Re:

[Dahamma]

He didn't point out anything anyone in the industry didn't already know. This was an intentional implementation more than a decade old, not some obscure security hole. Go look up "mobile web proxy", "mobile proxy browser", etc. (has also been used for many years on old set-top boxes).

And Nokia's TOS says they don't collect any information. You could choose not to believe that, but if you don't believe any TOS from any company who's services you use, you don't need a web browser anyway.

Where is the exploi

Re:

[Dahamma]

HTTP and HTTPS are just protocols to retrieve data. Usually the same HTML data. It's about time, it's about capability. The tiny crappy phones (or really most phones with browsers more than 6-7 years ago) just couldn't render the average web site at ALL, let alone slowly.

The point is this is NOT an insidious secret plot, this is a well established mechanism more than a decade old. The linked article did a bunch of useless work to "discover" something anyone who cared already knew.

Re:

[gl4ss]

They shouldn't be doing it for HTTPS traffic, though. That's straight-up a MITM attack that allows gathering of info (credentials, bank info, HIPAA info etc.), that should not be viewable to anyone outside of the user and the site he's connecting to. Despite Nokia's TOS, they could be in trouble legally here.

the browser can't work without it in case of opera mini. it's not an acceleration feature - it's a feature how they managed to do such a fine browser in J2ME in the first place!

Re:

[FuzzyDaddy]

This is an important point. While I think what Nokia is doing is wrong, I have so little trust in the security of my phone that I would never dream of doing online banking or anything that sensitive on it. Especially with the various apps I've put on the phone.

Re:

[Ksevio]

Opera Mini is the one that loads data on a server and sends the simplified page to the device. Opera Mobile is the fully functional browser for mobile devices

Quick note

[Anonymous Coward]

Note before anyone says anything: this isn't related to Windows Phone or Microsoft.

Re:Quick note

[hawguy]

Note before anyone says anything: this isn't related to Windows Phone or Microsoft.

Obviously, Microsoft is behind this to push users to Windows Phone.

Re:

[Wamoc]

Data sense is to track how much you have used and limit some services when you are low on remaining data for the month. It does not look at the content of the data, just the amount and which app initiated it.

Re:

[quenda]

Nor is it anything to do with Nokia Maps/Navigation directing cars away from congested roads.
That would be interesting, They really should fix TFH.

Re:

[gl4ss]

well yeah the wp browser doesn't support offloaded compression which is what this is used for..

Opera Mini is supposed to be proxied

[Anonymous Coward]

The whole point of Opera Mini is to use Opera's proxies to reduce the load on the phone so complaining about that would be stupid (their other browser, Opera Mobile, is the one that doesn't use proxies). Is Nokia's browser expected to do the same as Opera Mini? (that they use the same user agent may imply so)

Re:Opera Mini is supposed to be proxied

[MrWeelson]

Exactly!
From http://www.opera.com/mobile/specs/ [opera.com]

"Opera Mini always uses Opera’s advanced server compression technology to compress web content before it gets to a device. The rendering engine is on Opera’s server."

On the Nokia website it states outright that "Compressed pages mean lower data charges" http://www.nokia.com/gb-en/products/phone/302/ [nokia.com]

Re:

[jez9999]

Except that my mobile phone plan includes all-you-can-eat data. :-) What do you have to say about that, Nokia?

Re:

[Lehk228]

if it's like blackberry's compression it also means more responsive web access when in an area with a weak signal (my job has weak to no cell reception in many places for all carriers, including near my desk, i can still use my Bold 9700 on the web, my co workers with blackberry phones can still use the web, the ones with androids and iphones often cannot

Re:

[gl4ss]

Except that my mobile phone plan includes all-you-can-eat data. :-) What do you have to say about that, Nokia?

wtf are you doing with a 3rd world phone then?

Interesting SSL behavior

[mveloso]

Nokia also seems to have allowed MTM attacks using its own cert - the Nokia proxy is returning a nokia cert, which is trusted by the OS. Plus they're suppressing hostname checks on Nokia certs as well. You'd think they would have just sprung for a wildcard cert.

Re:

[Kalriath]

No, because the wildcard character may only be in the leftmost part of the CN component of the certificate. A certificate issued to "*" would be completely invalid for all purposes.

Re:

[Kalriath]

Actually, I just checked and TFA is completely wrong. The certificate issued to cloud1.browser.ovi.com has subject alternate names for cloud1 - cloud13. Which means it is perfectly valid, and there is no dodgyness occurring at all.

Re:

[mveloso]

You can buy a wildcard for *. browser.ovi.com, which was the point of my comment. They're suppressing hostname checking on their own domain, not on the internet. RTFA.

Re:

[tepples]

You can if you have your root certificate installed in your end users' devices, and your proxy generates a new certificate for each hostname that is accessed.

ISPs can do the same thing.

[140Mandak262Jamuna]

Technically all ISPs can do it. Right? Or am I wrong, and what Nokia does is far more sinister than what a plain vanilla ISP can do to home internet connection?

Re:ISPs can do the same thing.

[Anonymous Coward]

Wrong. It requires the ISP to plant a certificate on your system that is used to perform the MITM attack. Never install software from your ISP is my motto.

AC

Re:

[jeti]

No. You would have to run a browser that accepts the certificate of the ISP for any domain as well.

Re:

[Rob Riggs]

Anyone that provides the hardware and software from which you access the web can do this. My work does it. Your local library can do it. The internet access kiosks can do it. Any device manufacturer can do it. Those cheap Android computers-on-a-stick can do it. Your TV can do it. It's a real problem because people trust the devices they use. If you cannot trust the device, you are royally screwed.

This isn't exactly a secret

[CockMonster]

Asha phones are intended for developing countries where bandwidth can be limited and expensive They talk about it here http://www.developer.nokia.com/Develop/Series_40/Nokia_Browser_for_Series_40/ [nokia.com]

My employer just started doing this also.

[codewarren]

Doesn't this open them up to all kinds of legal problems? I mean if my bank account gets compromised after I use my nokia phone to check my balance, would I not have a pretty good cause for lawsuit?

Re:

[codewarren]

I have username envy.

That is a fascinating idea, but according to this story about who HIPAA applies to [wraltechwire.com], employers are rarely subject to HIPAA except under some specific circumstances.

Re:

[DragonWriter]

Its a flagrant HIPPA violation.

You mean HIPAA? Please point to the provision violated.

If you were to check your medical records online and your employer has the ability to see them, they are in big trouble.

If your employer knowingly obtains your medical records, they are in big trouble under 42 USC 1320d-6. If they are able to see them through someone else's choice of sending them over a channel exposed to the employer, I don't see any provision of HIPAA that would apply to them.

Traffic is *supposed to* be proxied.

[zyzko]

For heavens sake - the point of these featurephone browsers (Opera Mini has been doing this since dawn of time) is that they use proxy to reduce data transferred and/or reformat the sites to better use lower resolution. Instead of a lot screenshots to prove that he is a very l33t h4x0r he could have just opened the friendly page [opera.com] showing how the browser works.

The only thing that rises eyebrows a little is that they indeed MITM https traffic by re-encrypting the traffic and using their own certificate (which is installed as trusted on the phone) on phoneproxy communication. But this is how SSL is supposed to work - if you want to be sure about both sides you will also need client-side certificates.

Re:

[RearNakedChoke]

For heaven's sake, RTFA. They ARE using MITM.

Re:

[Derek Pomery]

You don't need client side certificates to be sure in a normal situation that your traffic isn't being hijacked by the ISP.
You only need confidence that the CAs aren't issuing certs for the site you are connecting to, which is why when TURKTRUST issued a cert for google it was Big Deal.

In this case, they are using preinstalled certs on the local browsers to perform MITM when connecting to supposedly secure sites, such as your bank.

Some workplaces do this sort of cert preinstallation to allow snooping on SSL

Re:Traffic is *supposed to* be proxied.

[miroku000]

The only thing that rises eyebrows a little is that they indeed MITM https traffic by re-encrypting the traffic and using their own certificate (which is installed as trusted on the phone) on phoneproxy communication. But this is how SSL is supposed to work - if you want to be sure about both sides you will also need client-side certificates.

This is *not* how SSL is supposed to work. Any certificate authority that is forging certificates for other people's web servers is not one that should be trusted. Essentially, Nokia is lying to the web browser and saying that they are actually Amazon.com or whoever you are making a secure connection with. By fraudulently representing that they are Amazon.com or whoever, they are intercepting your passwords to these sites. Client side certificates would not help in this case because the client is controlled by Nokia. So, they would have a copy of your client side certificates as well.

Re:

[Lehk228]

the nokia browser lives on both the phone and the proxy server, this is an advertised feature. it is not controversial for them to reencrypt the page on the way to your phone so that they are not weakening your security between phone and server

Re:

[rwyoder]

For heavens sake - the point of these featurephone browsers (Opera Mini has been doing this since dawn of time) is that they use proxy to reduce data transferred and/or reformat the sites to better use lower resolution. Instead of a lot screenshots to prove that he is a very l33t h4x0r he could have just opened the friendly page [opera.com] showing how the browser works.

The only thing that rises eyebrows a little is that they indeed MITM https traffic by re-encrypting the traffic and using their own certificate (which is installed as trusted on the phone) on phoneproxy communication. But this is how SSL is supposed to work - if you want to be sure about both sides you will also need client-side certificates.

Wrong!!! This is a MITM attack. SSL is *not* supposed to be hacked between client and server. There is supposed to be an encrypted, unbroken path between the two, else there is *no* security.

Do any of the other manufacturers do this?

[ohnocitizen]

Nokia is now the devil we know. Is anyone else pulling a similar stunt?

Re:

[fredprado]

Proxies, yes. MITM, not that I know.

Re:

[aztracker1]

Wild.. haven't seen this myself, running a stock Nexus 4 bought directly from Google though...

So, check your certificates

[PPH]

Make sure that the certificate fingerprints agree with those obtained through some alternate channel (another browser on another system through a different ISP, etc.).

If they agree, this is all a non issue. Its not likely that a certificate replaced by a MITM attack would generate the same hash as the original.

Breaking News

[viperidaenz]

"Security Professional" (read: unemployed blogger) discovers that mobile browsers do what they say they do in the terms of use.

A redundant piece of tabloid journalism

[hydrofix]

This is an age-old technology, where a proxy server is used to compresses some of the mobile web page content (such as images) to accelerate the browsing experience on slow networks. In Opera Mobile the feature is called "Turbo browsing", and can be trivially disabled from the settings menu.

News at 10 o'clock.

disable this behavior

[perryizgr8]

to disable this behavior and use the uncompressed browser, hold down the '0' key. the browser instance launched like this will not be compressing any data because it connects directly to websites. but its obviously quite inferior to the standard browser.

The Servers Become Targets

[sociocapitalist]

Even if you were to accept and trust Nokia (and Opera, etc) and the people working for them to intercept and re-encrypt your supposedly secure traffic without keeping any sensitive information, their servers become targets for anyone who might want to get such information.

The more people sending sensitive information through the servers, the more interesting the servers become to 'the bad guys'.

When they're interesting enough, they will be compromised.

OK for HTTP. HTTPS? No way.

[sdsucks]

I don't use any of the browsers that purportedly do this, so I do not know how well the applications indicate to the user that they are completely breaking SSL. But, this is something that should not be done without massive, explicit, and repeated warnings (FOR EACH SSL REQUEST!) to the user.

As flawed as SSL and PKI may be, users have been trained to trust them. WTF is this shit? Lunacy.

Who cares if you want to call it a MITM attack or not...

DO NOT TOUCH SSL TRAFFIC WITHOUT ENSURING THE CURRENT USER KNOW

Re:

[etash]

well if i had RTFA-d I would have realized that they are indeed performing a real MITM, as https can't be really proxied without a MITM. my first post is kind of dumb, but i still don't think they are doing it for sniffing our details.

Re:httpS

[timeOday]

Nokia isn't "in the middle," they are the endpoint you are accessing. If that is compromised all bets are off. (Just like how https won't guard against a key logger installed in your keyboard).

Re:httpS

[fatphil]

They are the middle and the endpoint. Without any proxying, you only have to trust their client on your terminal. With the proxy, you also have to trust their proxy on their server.

Fortunately, no servers have ever been hacked, and nobody's ever written an insecure proxy, so that worry can be dismissed.

Re:

[fatphil]

Sheesh, ignore the witty final comment - the above is informative, not funny.

Re:

[hawguy]

well if i had RTFA-d I would have realized that they are indeed performing a real MITM, as https can't be really proxied without a MITM. my first post is kind of dumb, but i still don't think they are doing it for sniffing our details.

Even if you trust Nokia to not steal your private data, do you trust their network security enough to believe that someone else isn't stealing it? Everything you normally think of as private and sensitive is available through their proxy servers... seems like an awfully attractive target for thieves - why steal your credit card number when they can steal your online banking password and transfer all of your cash to themselves?

Re:httpS

[Above]

Actually it may not be that simple without verifying the certificates.

Many corporations for instance use products that look inside SSL streams (typically IM's) for sensitive data. The way they do this is to install a cert signed by the company on the proxy, and set the company's CA cert on your computer to always trust. Your machine makes a connection which is grabbed by the proxy, the proxy presents the valid corporate certificate. It then makes a connection off to the real service using SSL as well. Your basic man in the middle attack.

For clients that don't show the cert (like many IM clients) there's no way to know, and on those that do the user would have to check. If they are trained to just look for the padlock it appears all is well.

I can't tell if Nokia is doing something like that or not, but if you work at a big corporation you might want to check the cert fingerprints for say your bank and compare them to an access from home. I've been told the newer products can generate a cert per site on the fly, making the fake certs look correct (right company name and all of that). If your company is going to that length to spy on you, perhaps it's time to rethink your employer...

Re:

[epyT-R]

software that does not use the OS cert store or SSL lib should still be immune to this. Someone would have to set the software to trust the proxy cert. If not, there's no way for the proxy to decrypt the payload. The solution is to use a real browser that doesn't use nokia's openssl/gnutls.

Re:httpS

[jandar]

Nokia has certificates pre-installed to make a man-in-the-middle attack. From the article:

From the tests that were preformed, it is evident that Nokia is performing Man In The Middle Attack for sensitive HTTPS traffic originated from their phone and hence they do have access to clear text information which could include user credentials to various sites such as social networking, banking, credit card information or anything that is sensitive in nature. In short, be it HTTP or HTTPS site when browsed through the phone in subject, Nokia has complete information unencrypted (in clear text format) available to them for them to use or abuse.

So this is the worst privacy nightmare.

Re:

[Baloroth]

Nokia has certificates pre-installed to make a man-in-the-middle attack. From the article:

You completely misunderstand how the browser in question works. The whole point of the browser is that it doesn't connect to websites directly. Hell, it probably can't (most likely doesn't have a full rendering engine included). It connects to Nokia's servers, which fetch the page, do some pre-rendering, then sends it to the phone itself. Opera Mini works the same way, and has for probably nearly a decade now. It's called a "proxy browser". Nokia's website specifically says that's how they work. Whether it

Re:httpS

[Anonymous Coward]

No he hasn't. You've completely misunderstood.

1) It's still a HTTPS connection, which means the browser still needs a valid certificate for the domain it is connecting to.
2) There is no way the proxy can do any prerendering unless it can actually decrypt the stream.

This means the proxy has to run two separate HTTPS connections phone->proxy and proxy->server. The proxy doesn't have the SSL certificate installed for the real website - so it has to generate its own one for the domain on-the-fly so that the phone doesn't display an error about invalid certificates. The ONLY way that can be done is for Nokia to have created their own Certificate Authority to sign these on-the-fly certificates and ships these phones with this certificate installed by default.

a) You become entirely reliant that the proxy correctly checks the SSL certificate of the web server your're connecting it
b) It will be unable to verify any certificates signed any unknown CAs including ones you have created yourself for personal or corporate use
c) If their CA private key is cracked/leaked all your phone HTTPS sessions are insecure (and it will be accessible to at least all Nokia sysadmins working on the proxy servers)
d) Since the stream gets decrypted and reencrypted on the proxy as it prerenders, it is trivial to spy on or modify sessions there. It's completely different from a router forwarding encrypted packets without being able to look inside them.

c & d mean you become extremely vulnerable to insider jobs or hackers attacking the proxies.

This is exactly a man-in-the-middle attack, albeit a 'trusted' and 'innocent' one. But by deliberately engineering such a system gives you a single point that you can attack to break every encrypted sessions for all Nokia phones!

Real CAs have a lot of security systems in place to make sure the CA private key never gets leaked, since if it is the entire CA is broken and would need to be revoked and all certificates reissued. That means dedicated signing servers accessible by a elite select trusted few, and all other interfaces submitting CSRs and getting the CRT but never getting access to the signing key. That's simply not possible on this kind of proxy system, since every proxy server needs the private key installed and readable by the proxy software at all times. The sheer load means it wouldn't be possible to have a small group of servers signing every request, so you end up having to put a lot of trust in servers directly connected to the 'net.

Whether they cache by default is irrelevant. Just because their system doesn't do it by design doesn't mean a hacker/insider couldn't modify it to do so. Plus if they have copied the server's private keys from the proxy then they only need to capture the HTTPS session to the phone on any network it passes through and will be able to decrypt it after-the-fact.

Re:

[pod]

Whether they cache by default is irrelevant. Just because their system doesn't do it by design doesn't mean a hacker/insider couldn't modify it to do so.

Except they almost certainly log the access information (URL, date, etc), and cache the rendered images, at least _sometimes_, you know, for debugging purposes.

This is tailor made for a man in the middle attack. An insider can spy on any user at will, and most likely without leaving a trace.

Re:

[bws111]

If you don't trust Nokia to handle this 'remote display' correctly, why do you trust them at all? How do know know they don't have keyloggers on your phone, or any other nerfarious things that could be done?

Re:

[alexibu]

Security researchers would have an opportunity to detect the data coming out of a key logger etc. There is no opportunity to detect the nefarious things if they are all on nokias servers.

Re:

[Kjella]

The whole point of SSL is that it connects only to the server you requested, and encrypts the data so only that server can see it. Do you really think that Joe Sixpack has read Nokia's website before he logs into his bank? Seems like just another nail in Nokia's coffin...

Not really, nor do I expect him to read this story, nor understand it, nor care. The make or break for Nokia isn't going to be this, it's Win8. In two weeks they're publishing their Q4 figures and we'll know.

Re:

[vux984]

The whole point of SSL is that it connects only to the server you requested, and encrypts the data so only that server can see it.

Not if you are using remote desktop. Then everything you do is sent via the RDP protocol to the browser on the terminal server, and then from there it is sent to the remote server.

These phone mini "proxy" browsers are really not much different than using a "published application" from a terminal server.

Do you really think that Joe Sixpack has read Nokia's website before he logs i

Re:

[Anonymous Coward]

It's their phone

No. It was their phone. Then they sold it to someone else.

Re:

[CanHasDIY]

It's their phone

No. It was their phone. Then they sold it to someone else.

HA!

I take it you've never actually read a EULA or ToS?

Re:

[ericloewe]

I'm relatively sure Nokia's browser has the same feature, as they announced (if I'm not imagining it) some time ago.

Nothing to see here, move along...

Re:

[gl4ss]

the full mobile opera allows use of the accelerator as a simple toggle, desktop version as well.
also you can get around some regional blocks with it !

opera mini is j2me and requires the proxy to function.

Re:

[aztracker1]

You don't think this is possible on Android, etc? Any vendor can modify the distributed OS to do something similar with the default browser.. and even at the OS level. Doesn't the OS controls DNS and certificate services in mobile...

Re:

[tlhIngan]

It seems like when using my BlackBerry connected to BIS (AT&T) it has certificates installed for my wireless provider and content is going through their servers. My understanding was that the BIS was doing some translations to make the content suitable for the BlackBerry browser, but I imagine they could intercept anything and I wouldn't have been alerted about it.

I always wondered why BlackBerry was considered so secure given this...

Because the security is not in BIS. But B*E*S. For BES, the BlackBerry