Windows Mobile’s awful web browser has forced me to consider alternative browsers on Windows Mobile phones for years. Skyfire’s browser became a lot more useable and useful after one of its updates last year. And, Opera Mini looks pretty good as of its update this year. However, I’ve always been concerned about the web proxys that both browsers use for their mobile page rendering magic. My rule has been to not use these browsers with websites that need an account name and password since I don’t know what their reformatting servers do with secure SSL connection (https). It may be that even this cautious behavior may not be enough based on this PC World report that indicates that the mobile carriers themselves (never mind browser proxy servers) may provide a source of insecurity.
A security researcher found that phone subscriber information could be mined from mobile web traffic data found in web server logs. This issue may be a special problem for feature phones whose browsers always go through the mobile carrier’s proxy servers to reformat web pages on the fly.
I’ll contact (tweet) both Opera and Skyfire to see if they want to discuss what their proxy servers collect when smartphones use their services for web page reformatting.