Blog

Nokia gets caught decrypting your HTTPS traffic

Nokia was recently caught decrypting users HTTPS traffic on their smartphone series Asha/Lumia. Their response to this is that they are doing this to help provide better service. Essentially they would send traffic to their servers and decrypt it and then send it back out. The problem with this is that Nokia made smart phones accept certificates issues by them which means that you would never receive a notification stating that your traffic had been hijacked. This is a little disconcerting for the end user as the put their full trust in the phone providers. Nokia claims all the data is secure and that they don’t store it but it makes you wonder. If someone were to hack into that, they would be able to access all of your data.