It's not a web browser in the way you are thinking of. It's a client for a Nokia service. The client does not attempt to connect to a website, instead it asks the Nokia service to render a website and provide a rendered version.

These phones are too under-powered to render modern web pages. It's either this or they have to view only WAP pages. If you have never used WAP on an old phone, go login to Yahoo Mail at http://wap.yahoo.com/

http://www.opera.com/mobile/specs/ Opera Mini in that picture is basically the same as the Nokia browser. You are not client, you just control remote client that will communicate with web server, retrieve data, process them and display them to you.

Overly complicated comparison would be you controlling browser on a remote desktop. Nothing has to be cracked, yet you can see data on your computer while the other computer can see them too.

Your phone is basically just remotely using a browser on Nokia's servers. Their servers are the ones actually initiating the SSL connection.

Got it. I think the title of the article is misleading when it says they decrypt the data. It's true of course, since they hold the client certificate. I hope data is ferried to their server in an encrypted format at least.