On 7 Dec 2012, at 19:03, Jeffrey Walton <noloader () gmail com> wrote:
On Fri, Dec 7, 2012 at 11:55 AM, Gaurang Pandya <gaubrig () yahoo com>
wrote:
It has been noticed that internet browsing traffic, instead of directly
hitting requested server, is being redirected to proxy servers. They get
redirected to Nokia/Ovi proxy servers if Nokia browser is used, and to
Opera
proxy servers if Opera Mini browser is used.
More detailed info at :
http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/
It sounds a lot like http://click-fraud-fun.blogspot.com/.
We know proxies can cause a lot of trouble in practice. For example,
http://blog.cryptographyengineering.com/2012/03/how-do-interception-proxies-fail.html
.
Proxies and data snatching are the reason to pin certificates when
using VPN and SSL/TLS if a pre-existing relationship exists (for
example, you know the host and its public key). Are you talking to an
Nokia/Ovi proxy, an Interception proxy (perhaps enabled by Trustwave),
or the host expected during a SSL/TLS negotiation?
We now have a much better body of knowledge. Its too bad most browser
don't offer the features for those who are security conscious. On
Android, Google went so far as to offer pinning as "opt-in" for sites:
http://groups.google.com/group/android-security-discuss/browse_thread/thread/f5898be7ee9abc48
.
Jeff
BlackBerry does this, Amazon Kindle Fire almost certainly does it, for
caching purposes. I'm not sure whether that's why the Nokia phone is doing
it though - you need a good infrastructure to support it.
Regards,
Philip Whitehouse
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
