There was some controversy [1] [2] about Nokia decrypting SSL connections for their accelerated browser. Not familiar with their platform, or whether you could remove them, but Nokia proxy certificates are certainly being trusted by default.
If you're this paranoid, build one of those laser cut Arduino GSM phones instead[3]. You could add your own discreet baseband kill switch.