Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Privacy Security Your Rights Online

Nokia Admits Decrypting User Data Claiming It Isn't Looking 264

Posted by Unknown Lamer from the we-won't-peek dept.
judgecorp writes "Nokia has admitted that it routinely decrypts user's HTTPS traffic, but says it is only doing it so it can compress it to improve speed. That doesn't convince security researcher Gaurang Pandya, who accuses the company of spying on customers." From the article, Nokia says: "'Importantly, the proxy servers do not store the content of web pages visited by our users or any information they enter into them. When temporary decryption of HTTPS connections is required on our proxy servers, to transform and deliver users' content, it is done in a secure manner. ... Nokia has implemented appropriate organisational and technical measures to prevent access to private information. Claims that we would access complete unencrypted information are inaccurate.'"
This discussion has been archived. No new comments can be posted.

Nokia Admits Decrypting User Data Claiming It Isn't Looking More

Nokia Admits Decrypting User Data Claiming It Isn't Looking

Comments Filter:

  • If you don't like it (Score:2, Interesting)

    by ArhcAngel ( 247594 ) on Thursday January 10, 2013 @10:40AM (#42545467)
    Get a BlackBerry. [blackberry.com]
    Blast them all you want for getting left behind in the app ecosystem but iOS, Android, and WP can't hold a candle to RIM's security. [blackberry.com]

  • Re:How do they even do that? (Score:4, Interesting)

    by houstonbofh ( 602064 ) on Thursday January 10, 2013 @11:08AM (#42545825)
    How is easy, as other have said. How legally? That is another matter. As I read it, they are committing a DMCA violation by breaking a security measure. Should be able to go after them for anticircumvention tools, and force them to remove the cirt.

  • Re:Any browser publisher is the same way (Score:5, Interesting)

    by tepples ( 727027 ) <tepples.gmail@com> on Thursday January 10, 2013 @11:46AM (#42546377) Homepage Journal

    The point is... you can find a browser that doesn't fuck you over and use that.

    And you can find a phone that doesn't take advantage of you and use that. The trouble is, this sort of "doesn't take advantage of you" isn't exactly a selling point among the mass market, which means a product like this won't be produced for a mass-market price.

    for things like, say, open source browsers, you can read the code and see what it is doing.

    But do most people verify that the binary they download matches the source code? And do they diverse-double-compile [dwheeler.com] their compiler toolchain to make sure it isn't infected with a "Reflections on Trusting Trust"-style virus [bell-labs.com]? I'm under the impression most end users take this on faith.

  • Re:How do they even do that? (Score:4, Interesting)

    by CKW ( 409971 ) on Thursday January 10, 2013 @12:35PM (#42547053) Journal

    Yes, this IS wiretapping. I don't care if they've got a tiny tiny line item in their terms of service that say they're doing this, NO ONE expects their https encrypted session with their bank to be in the clear on Nokia's servers.

    I'd really really like to see the RCMP charge Nokia Canada's CIO just on principle. Just because big companies have lawyers and huge t.o.s. don't mean they should be treated any differently than joe blow secretly inserting software on his aunt's computer to listen in to her voip conversations.

Slashdot Top Deals

"No matter where you go, there you are..." -- Buckaroo Banzai

Close