If you think HTTPS traffic from your mobile web browser travels unaltered, and safely encrypted all the way to the remote web server you requested information from, don't be so sure. Opera Mini developers were asked:
Is there any end-to-end security between my handset and - for example - paypal.com or my bank?
To rule out any doubt:
If you need full end-to-end encryption, you should use a full web browser such as Opera Mobile.
Just to be clear "end-to-end encryption," in this case, means HTTPS (encrypted) traffic travels to a remote web server, a bank for example, unhampered (not decrypted).
I don't use any of Opera's web browsers. I'll be honest, even if I did use Opera, I would not have known about the redirection. I only started checking what mobile web browsers were doing after a colleague informed me the tech press crucified Nokia for doing something similar.
How it started
The upheaval about mobile web browsers started when Gaurang Pandya, Infrastructure Security Architect at Unisys Global Services India, determined HTTP web-browser requests on his Nokia phone were unexpectedly redirected to Nokia servers. Gaurang explains on his personal blog site:
It has been noticed that internet browsing traffic, instead of directly hitting requested server, is being redirected to proxy servers. They get redirected to Nokia/Ovi proxy servers if Nokia browser is used and to Opera proxy servers if Opera Mini browser is used.
Then Gaurang tried to sidestep the redirection:
I could not see any straightforward way to bypass this proxy setting and let my internet traffic pass through normally. This behavior is noticed regardless of whether the browsing is done through 3G or Wi-Fi network connections.
Gaurang wasn't done; he decided to see if the same applied to HTTPS web-browser requests. He found his answer, posting his findings in this blog post:
[I]t is evident that Nokia is performing a Man In The Middle Attack for sensitive HTTPS traffic originated from their phone, and hence they do have access to clear text information which could include user credentials to various sites such as social networking, banking, credit card information, or anything that is sensitive in nature.
Needless to say, Gaurang's comments garnered a great deal of attention. The blog post received 10,000 views in the first 24 hours, and currently has 20 pages of comments debating if redirecting traffic could "officially" be called a Man in the Middle attack or not. I'll get to that later. Right now, I'd like to focus on the comment by Mark Durant, Nokia Communications:
We take the privacy and security of our consumers and their data very seriously. The compression that occurs within the Nokia Xpress Browser means that users can get faster web browsing and more value out of their data plans. Importantly, the proxy servers do not store the content of web pages visited by our users or any information they enter into them. When temporary decryption of HTTPS connections is required on our proxy servers, to transform and deliver users' content, it is done in a secure manner.
This confirmation by Nokia virtually silenced those disagreeing with Gaurang's results.
Why do it?
Why go through all this? The developers had to know there would be push back from people concerned about privacy. As alluded to in the above quote, it's all about reorganizing the web page for speed and viewing on a mobile device. The question then becomes what does a Man in the Middle attack, a proxy redirection, or whatever you want to call it have to do with improving the mobile web browsing experience?
Mobile web browsers are not as powerful as the ones installed on computers. To help, Nokia and Opera shift most of the rendering work from the mobile web browser to the web browser's home servers, which after optimizing the web page code send the web page information back to the mobile web browser for viewing.
The problem is when the traffic from the mobile web browser is encrypted (HTTPS). The Nokia or Opera servers are unable to manipulate the web page response. So, Nokia and Opera have altered their mobile web browsers to set up an encrypted link to their servers. That is, the HTTPS traffic we see, is also the HTTPS traffic Nokia and Opera can decrypt as they have the encryption keys.
It might help to look at one of Gaurang's tests. He was watching what happened when his Nokia mobile web browser sent out a website request for Google.com.
Here are the steps:
- Mobile web browser attempts to connect to https://www.google.com.
- Connection is redirected to https://cloud13.browser.ovi.com (Nokia server as seen in the above slide).
- The mobile web browser receives a valid HTTPS certificate for cloud13.browser.ovi.com, not Google.com.
- The server behind cloud13.browser.ovi.com makes a connection to https://www.google.com, acting as the mobile web browser by proxy.
- Nokia's server replicates requests, and replies between the mobile web browser and Google.com.
One way to look at it -- there are two distinct encryption processes taking place, one at the mobile web browser, and one at the Nokia server. The issue then becomes whether we are comfortable with Nokia, Opera, or whichever mobile web browser developer intercedes, having the ability to do whatever they want with what we consider sensitive information, otherwise, why would we be using HTTPS encryption?
I've been trying to determine which mobile web browsers use this approach, but wading through privacy policies, and contacting the developers is slow going. For now, the best approach may be to assume any mobile web browser that displays HTTP, and particularly HTTPS web pages differently than on a computer should be suspect.
I already use a proxy service with my computer and mobile devices, so I believe I unknowingly have been avoiding this issue. This may be an alternative solution for those who are concerned about sensitive information being controlled by yet another organization.
I should have been aware of HTTPS traffic redirection. I've written two articles, "Ashkan Soltani introduces MobileScope, an innovative approach to online privacy" and "Find out which mobile apps are stealing your identity," where both featured applications employed redirection techniques.
I also wanted to mention Gaurang has an update on his blog, stating Nokia still uses HTTPS proxy redirection, but no longer employs MitM technology, a good sign they listened. I was asked why Nokia was getting so beat up about using redirection, and not Opera. I would have to say it is because Opera was up front about it, and Nokia was not.
I'd like to end with a quote from Bruce Schneier, well-known security expert:
This is an area where security concerns are butting up against other issues. Nokia's answer, which is basically ‘trust us, we're not looking at your data,' is going to increasingly be the norm.
I want to thank Gaurang for his research, and allowing me to use quotes and slides from his blog site.
Michael Kassner is currently a systems manager for an international company. Together with his son, he runs MKassner Net, a small IT publication consultancy.