Re: Nokia phone forcing traffic through proxy

[Philip Whitehouse <philip () whiuk com>]

On 7 Dec 2012, at 19:03, Jeffrey Walton <noloader () gmail com> wrote:

> On Fri, Dec 7, 2012 at 11:55 AM, Gaurang Pandya <gaubrig () yahoo com> wrote:
> > It has been noticed that internet browsing traffic, instead of directly
> > hitting requested server, is being redirected to proxy servers. They get
> > redirected to Nokia/Ovi proxy servers if Nokia browser is used, and to Opera
> > proxy servers if Opera Mini browser is used.
> >
> > More detailed info at :
> > http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/
> It sounds a lot like http://click-fraud-fun.blogspot.com/.
>
> We know proxies can cause a lot of trouble in practice. For example,
> http://blog.cryptographyengineering.com/2012/03/how-do-interception-proxies-fail.html.
>
> Proxies and data snatching are the reason to pin certificates when
> using VPN and SSL/TLS if a pre-existing relationship exists (for
> example, you know the host and its public key). Are you talking to an
> Nokia/Ovi proxy, an Interception proxy (perhaps enabled by Trustwave),
> or the host expected during a SSL/TLS negotiation?
>
> We now have a much better body of knowledge. Its too bad most browser
> don't offer the features for those who are security conscious. On
> Android, Google went so far as to offer pinning as "opt-in" for sites:
> http://groups.google.com/group/android-security-discuss/browse_thread/thread/f5898be7ee9abc48.
>
> Jeff

BlackBerry does this, Amazon Kindle Fire almost certainly does it, for caching purposes. I'm not sure whether that's 
why the Nokia phone is doing it though - you need a good infrastructure to support it.

Regards,

Philip Whitehouse
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/