Nokia Decrypts HTTPS Web Traffic, Researcher Finds
NEW DELHI, India – Security researcher Gaurang Pandya noticed that the internet traffic from his Asha phone is redirected to another proxy server without directly reaching the requested server.
Pandya witnessed this while using Nokia’s Xpress browser, which redirects the browsing traffic even from the encrypted HTTPS to Nokia’s Ovi proxy server.
Similar processes can also be witnessed while using the Opera Mini browser for mobile phones. Opera clearly states that the web content needs to be redirected to its proxy servers in order to provide compressed images and content for mobile phones. Nokia, however, hasn’t mentioned this in the description of its Xpress browser. There are reasonable doubts as to whether this action is in conflict with Nokia’s privacy statements.
Nokia, in its defence, said that this decryption is entirely safe and it doesn’t store the web content of its users. The Finnish giant added that this kind of decryption is needed to transform the web content and deliver it to the users, noting that this process is performed in a secure manner.