Amazon Addresses Silk Tablet 'Optimized Browsing' Privacy Concerns - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Devices
News
10/24/2011
06:05 PM
Connect Directly
Twitter
Google+
RSS
E-Mail
50%
50%

Amazon Addresses Silk Tablet 'Optimized Browsing' Privacy Concerns

Amazon's response to the Electronic Frontier Foundation's inquiries should ease concerns that the Kindle Fire's Silk browser is invading users' privacy.

Amazon's first color tablet, the $199 Kindle Fire, will be available starting November 15. However, its custom browser, named Silk, has generated considerable discussion because of the way it achieves its claimed high performance.

Silk uses what Amazon calls a "split-architecture" that performs some of the Web page rendering locally on the Kindle Fire tablet itself while other network- and computational-intensive tasks as well as caching are performed on Amazon Web Services (AWS) cloud services. This means that Web pages are intercepted by Amazon's AWS servers, optimized for the Silk browser, and then sent to the Kindle Fire tablet. This led to the concern that Amazon would be tracking the Web-browsing habits of Kindle Fire users and possibly intercepting SSL-encrypted Web pages.

The Electronic Frontier Foundation (EFF) contacted Amazon to clarify how the Silk Web browser and AWS handled web pages enroute to Kindle Fire tablets.

The responses the EFF received from Amazon should put to rest the initial fears about the Silk browser. In fact, the Silk browser might be more secure to use with public hotspots than other browsers.

Amazon does not intercept, track, or process (accelerate) SSL-encrypted traffic. This means not only that Amazon is not looking at shopping, banking, and other sensitive financial Web interactions, but it is not looking at other Web sites that are (or can be) SSL encrypted, such as Gmail, Facebook, and Twitter.

Note that all Web traffic is encrypted by Amazon from its AWS servers to the Kindle Fire's Silk web browser. Amazon uses Google's SPDY (a short non-acronym way of spelling "speedy") Web-content network transport protocol in a persistent encrypted connection. This helps keep Web surfing in public hotspots safe from man-in-the-middle attacks, such as those popularized by the Firesheep attack tool.

Amazon also argues that its logging practices are reasonable from privacy and security points of view. Logged information is restricted to the URL being requested, the timestamps, and the token identifying a session. Logged data is kept for 30 days.

The EFF notes that Amazon does store website URLs on a per-browsing-session basis. The Silk browser has, however, the option to be placed in an "off-cloud" mode where all AWS-based interception and acceleration is turned off. This will, of course, result in slower Web browsing.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll