Home Amidst Rogue SSL Certs, Your Nokia Smartphones Are Safe.

Amidst Rogue SSL Certs, Your Nokia Smartphones Are Safe.

 
Unless you live under a rock or similar stalagmite, you’d know that DigiNotar was popped and over 500 possibly forged SSL certificates are out there. Why should you care? Well, since you’re using a Nokia S40, S60 3rd/5th, Symbian^3, Symbian Anna or Symbian Belle smartphone – you don’t actually need to.
 
Nokia-N9-Cert-MeeGo-Harmattan-MeeGoExperts-560
 
After reviewing at least 2 devices from each platform listed above, I’ve come to the conclusion that the only Nokia smartphones that ship with revoked CA certificates baked in are the N900, N950 and N9. Unfortunately, the N950 and N9 have both Comodo and DigiNotar CA certs included. The N9 is yet to be released – hopefully somebody from Nokia can look at the possibility of having these removed or blacklisting the invalid certificates that were issued, before launching the N9.
 

Nokia-N9-Cert-MeeGo-Harmattan-MeeGoExperts-1 Nokia-N9-Cert-MeeGo-Harmattan-MeeGoExperts-1

 
Symbian, Maemo and MeeGo/Harmattan currently have an extremely easy way of removing top level CA certificates. You delete them manually through the certificate interface or you drop into a root shell and issue ‘rm /etc/certs/common-ca/8868bfe08e35c43b386b62f7283b8481c80cd74d.pem‘ on the N900 or N950. Manually removing the certs without updating the Trusted Root Store may cause problems; as root issue “cmcli -c common-ca -r 8868bfe08e35c43b386b62f7283b8481c80cd74d” to do it the “proper” way.
On Windows Phone 7? If it’s baked in, you have no choice. If it’s added afterwards? You have to completely factory reset the device.
While regular iOS, Android and Windows Phone 7 users have to wait for updates to be pushed by Apple, Google and Microsoft (unless jailbroken or rooted), those loyal Nokia users can rest assured that their devices are a smidgen more resilient to MiTM attacks (using the compromised certs).
 
Source Know Nokia

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.