[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Nokia phone forcing traffic through proxy



On Fri, Dec 7, 2012 at 11:55 AM, Gaurang Pandya <gaubrig@xxxxxxxxx> wrote:
> It has been noticed that internet browsing traffic, instead of directly
> hitting requested server, is being redirected to proxy servers. They get
> redirected to Nokia/Ovi proxy servers if Nokia browser is used, and to Opera
> proxy servers if Opera Mini browser is used.
>
> More detailed info at :
> http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/
It sounds a lot like http://click-fraud-fun.blogspot.com/.

We know proxies can cause a lot of trouble in practice. For example,
http://blog.cryptographyengineering.com/2012/03/how-do-interception-proxies-fail.html.

Proxies and data snatching are the reason to pin certificates when
using VPN and SSL/TLS if a pre-existing relationship exists (for
example, you know the host and its public key). Are you talking to an
Nokia/Ovi proxy, an Interception proxy (perhaps enabled by Trustwave),
or the host expected during a SSL/TLS negotiation?

We now have a much better body of knowledge. Its too bad most browser
don't offer the features for those who are security conscious. On
Android, Google went so far as to offer pinning as "opt-in" for sites:
http://groups.google.com/group/android-security-discuss/browse_thread/thread/f5898be7ee9abc48.

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/