On 7 Dec 2012, at 19:03, Jeffrey Walton <[email protected]> wrote: > On Fri, Dec 7, 2012 at 11:55 AM, Gaurang Pandya <[email protected]> wrote: >> It has been noticed that internet browsing traffic, instead of directly >> hitting requested server, is being redirected to proxy servers. They get >> redirected to Nokia/Ovi proxy servers if Nokia browser is used, and to Opera >> proxy servers if Opera Mini browser is used. >> >> More detailed info at : >> http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/ > It sounds a lot like http://click-fraud-fun.blogspot.com/. > > We know proxies can cause a lot of trouble in practice. For example, > http://blog.cryptographyengineering.com/2012/03/how-do-interception-proxies-fail.html. > > Proxies and data snatching are the reason to pin certificates when > using VPN and SSL/TLS if a pre-existing relationship exists (for > example, you know the host and its public key). Are you talking to an > Nokia/Ovi proxy, an Interception proxy (perhaps enabled by Trustwave), > or the host expected during a SSL/TLS negotiation? > > We now have a much better body of knowledge. Its too bad most browser > don't offer the features for those who are security conscious. On > Android, Google went so far as to offer pinning as "opt-in" for sites: > http://groups.google.com/group/android-security-discuss/browse_thread/thread/f5898be7ee9abc48. > > Jeff
BlackBerry does this, Amazon Kindle Fire almost certainly does it, for caching purposes. I'm not sure whether that's why the Nokia phone is doing it though - you need a good infrastructure to support it. Regards, Philip Whitehouse _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
