Nokia's Xpress Mobile Browser Decrypts HTTPS Traffic
Nokia earned some time in front of the InfoSec firing squad this week, after they admitted to intercepting Web traffic sent by its Xpress Mobile Web Browser. Nokia’s interception via proxy was a bit of a known secret, but has gained traction in the news due to a security researcher’s blog post earlier this week.
On Wednesday, Gaurang Pandya posted some basic, yet inconclusive evidence, that Nokia was using a proxy to funnel Web traffic, and that the proxy servers were decrypting HTTPS traffic. Nokia’s browser, Xpress, is a proxy browser, so the idea that it connects to a proxy isn’t news. What earned headlines was the claim made by Pandya in the conclusion of his post.
“From the tests that were preformed, it is evident that Nokia is performing Man In The Middle Attack for sensitive HTTPS traffic originated from their phone and hence they do have access to clear text information which could include user credentials to various sites such as social networking, banking, credit card information or anything that is sensitive in nature,” he wrote.
The test presentation, which consisted of a Wireshark screenshot (packet captures) and images of certificates that were issued from sub-domains of Nokia’s ovi.com, didn’t conclusively prove the Man-in-the-Middle claims. At least not in the way the blog post was presented. In fact, it proved that Pandya might be overhyping the issue. However, 24-hours after the post, Nokia confirmed that they are collecting traffic.
“The compression that occurs within the Nokia Xpress Browser means that users can get faster web browsing and more value out of their data plans. Importantly, the proxy servers do not store the content of web pages visited by our users or any information they enter into them. When temporary decryption of HTTPS connections is required on our proxy servers, to transform and deliver users’ content, it is done in a secure manner,” Nokia’s Mark Durrant said.
“Nokia has implemented appropriate organizational and technical measures to prevent access to private information. Claims that we would access complete unencrypted information are inaccurate. We aim to be completely transparent on privacy practices. As part of our policy of continuous improvement we will review the information provided in the mobile client in case this can be improved.”
In short – Nokia says they’re collecting the data, but they don’t do anything with it. Trust them. While millions of consumers have no idea that this is happening, and honestly they likely couldn’t care less, trust is an easily broken concept in the security world.
So the question is - how much are you willing to trust Nokia? If you’re fine with what they’re doing, then all is well. Otherwise, you’ll need to use a different browser, such as Opera Mini on the device.
However, this isn’t the end of the story. In fact, some are saying that the questionable research from Pandya has made things worse. The issue is complex, and despite headlines that say otherwise, Nokia may have been doing the right thing all along.
“There are two TLS sessions. One from phone to Nokia and one from phone to browser, via phone to Nokia TLS connection. This is common, normal and secure,” a reader going by Miw commented on Pandya’s post.
The comment was made after several other readers condemned Nokia for their actions. If the reader’s comments are correct (and as best as we can determine at SecurityWeek they are), then Nokia was essentially sending unreadable data via a tunnel. Pandya’s blog post even confirms this. On Friday, Nokia updated their Xpress browser, but it might not have helped the situation.
“Mate you need to retract your post before you do any more damage. As I said 2 days ago the entire premise of your post in wrong, and you misunderstand how TLS and proxy servers work. The tech media is ignorantly reporting on this — you claim to be an expert but you misunderstand how this all works.
Nokia got so scared they turned off the “outer” layer TLS session that you were seeing in Wireshark. They now use plaintext http proxy for the phone to server TLS session. You have successfully weakened [Nokia’s] security model. TLS in TLS tunnel that Nokia were deploying offered additional resistance AGAINST interception,” added Miw.
Nokia has made no additional comment on the issue. Pandya thanked Nokia for fixing the “problem” in an update, but did not address the questions pertaining to his work.
“Read how proxying works. The only thing I can tell you is that as a result of your “effort” Nokia deleted the extra protection they were giving to people for non HTTPS traffic,” reads another comment on Pandya’s blog.