Nokia, You’ve gotta be kidding me!

Meatloaf is not amused

From GigaOM:

Nokia has confirmed reports that its Xpress Browser decrypts data that flows through HTTPS connections – that includes the connections set up for banking sessions, encrypted email and more. However, it insists that there’s no need for users to panic because it would never access customers’ encrypted data.

Nokia is playing the role of the man in the middle with the Xpress Browser. Nokia installs its own SSL/TLS certificate in the XPress Browser so it could create a secure/encrypted session to Nokia’s own server. The server then initiates https session with the website.

Does anyone remember what Opera Mini does?

Some corporate networks use proxy that request https session on the proxy on behalf of the computers in their networks.

Google Voice Voicemails Appear in Google Search Result.

This week started off with one big news on Google Voice. Apparently people are finding out that random Google Voice voicemails appears in Google search result.

Use Google to query: site:https://www.google.com/voice/fm/*

Previously we noticed that every time we received a new voicemail notice from Google Voice, we could play the message without ever logging in. That was a concern we had.

google-voice-voicemail-notification

The phone numbers are also visible in these “public search result” of Google Voice voicemails. Talk about privacy breach. We believe that Google should close this privacy breach by forcing users to log in to retrieve any contents from Google Voice.

Even though “only” a handful voicemails were leaked, the damage is done. Well, then again, Google voice is still in “beta” (*cough*).

——-

Note:

Yes, We all at 37prime have Google Voice accounts.