Nokia Redirecting Traffic On Some of Its Phones, Including HTTPS

An anonymous reader writes "On Wednesday, security professional Gaurang Pandya outlined how Nokia is hijacking Internet browsing traffic on some of its phones. As a result, the company technically has access to all your Internet content, including sensitive data that is sent over secure connections (HTTPS), such as banking credentials and pretty much any other usernames and passwords you use to login to services on the Internet. Last month, Pandya noted his Nokia phone (an Asha 302) was forcing traffic through a proxy, instead of directly hitting the requested server. The connections are either redirected to Nokia/Ovi proxy servers if the Nokia browser is used, and to Opera proxy servers if the Opera Mini browser is used (both apps use the same User-Agent)."

Re:So...um...

[AliasMarlowe]

Non-story. Yawn.

Indeed. Same behavior as any of several other smartphone browsers, and with no MITM attack over https.
But we're left wondering what sort of "security professional" this Gaurang Pandya might be.

Re:Many mobile browsers do this.

[Anonymous Coward]

And what's to stop a disgruntled Nokia worker from firing up Wireshark and recording whatever they want without approval?