Since Apple and Samsung have pretty much taken over the entire cell phone market leaving Nokia to scrounge around for left over pieces, the last thing they need is bad PR. Unfortunately that’s exactly what happened when security professional Gaurang Pandya revealed that Nokia might be hijacking your browsing information and your traffic on its phones. He outlined that Nokia might have access to pretty much all your internet content which includes your banking passwords as well as user credentials for any accounts that you’re using through your phone.
He noticed that traffic was being forced to be routed via a proxy on his Nokia phone rather than going directly to the server involved. Apparently there was no way to bypass this behavior on his phone and all data has to stream through the proxy server which is believed to be directing towards Nokia/Oxy servers. While this could have very well been activity on his phone through a virus, he decided to confirm whether or not it was Nokia who was causing these re-routes.
A simple check of this is to verify the HTTPs traffic, and to check is DNS requests that are sent from the website match those from the server. His quick search revealed that it was evident that Noia was performing the attack to tap into HTTPS traffic. Many experts however jumped to the aid of Nokia and said that this isn’t being caused because of Nokia, it’s because the proxy is transforming the web content into compressed data before sending it on resulting in faster page load time and a smaller data footprint.
Some also believe that it is the behavior or Opera Mini that causes this to happen, and that encrypted HTTPS data is not going to Nokia’s servers. There is also proof in Opera Turbo’s privacy policy that states that when the turbo mode is enabled, the service will compress network traffic thereby causing an increase in download speed and reducing data volume. Various tech companies have contacted Nokia and are awaiting a response from them regarding the situation, but from the widespread reaction on the internet on this being an Opera case and not a security breach, Nokia phones should be safe.
