| Story Views | |
| Now: | |
| Last Hour: | |
| Last 24 Hours: | |
| Total: | |
Nokia Admits Decrypting User Data But Denies Man-in-the-Middle Attacks
Nokia has rejected claims it might be spying on users’ encrypted Internet traffic, but admitted it is intercepting and temporarily decrypting HTTPS connections for the benefit of customers.
A security professional alleged Nokia was carrying out so-called man-in-the-middle attacks on its own users. Gaurang Pandya, currently infrastructure security architect at Unisys Global Services India, said in December he saw traffic being diverted from his Nokia Asha phone through to Nokia-owned proxy servers.
Pandya wanted to know if SSL-protected traffic was being diverted through Nokia servers too. Yesterday, in a blog post, Pandya said Nokia was intercepting HTTPS traffic and could have been snooping on users’ content, as he had determined by looking at DNS requests and SSL certificates using Nokia’s mobile browser.
Nokia: We’re not doing man-in-the-middle attacks
“When checked, the DNS request was sent for ‘cloud13.browser.ovi.com’ which is same host where we had seen even HTTP traffic being sent,” he wrote.
“It is evident … that even HTTPS requests are also getting redirected to Nokia/Ovi servers, which raises a question about [the] certificate that [is] being received from Nokia’s servers and [the] trusted list of certificates in Nokia [phones].
Having checked the trusted certificates list in the phone, the researcher found Nokia had pre-configured the device to trust certificates sent from its servers. “Which is the reason why there are no security alerts being shown during this man-in-the-middle attack by Nokia,” he added.
Learn more:
http://www.techweekeurope.co.uk/news/nok…cks-103799
2013-01-10 17:18:20
Source:
