Nokia has confirmed reports that its Xpress Browser decrypts data
that flows through HTTPS connections — that includes the
connections set up for banking sessions, encrypted email and more.
However, it insists that there’s no need for users to panic
because it would never access customers’ encrypted data.
Seems like a huge privacy violation. I don’t see how there’s any way Nokia can justify this. (Compare and contrast with Amazon’s Silk, which uses a proxy server for regular HTTP traffic but doesn’t touch HTTPS traffic.)