Amazon Addresses Silk Tablet 'Optimized Browsing' Privacy Concerns - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices
06:05 PM
Connect Directly

Amazon Addresses Silk Tablet 'Optimized Browsing' Privacy Concerns

Amazon's response to the Electronic Frontier Foundation's inquiries should ease concerns that the Kindle Fire's Silk browser is invading users' privacy.

Amazon's first color tablet, the $199 Kindle Fire, will be available starting November 15. However, its custom browser, named Silk, has generated considerable discussion because of the way it achieves its claimed high performance.

Silk uses what Amazon calls a "split-architecture" that performs some of the Web page rendering locally on the Kindle Fire tablet itself while other network- and computational-intensive tasks as well as caching are performed on Amazon Web Services (AWS) cloud services. This means that Web pages are intercepted by Amazon's AWS servers, optimized for the Silk browser, and then sent to the Kindle Fire tablet. This led to the concern that Amazon would be tracking the Web-browsing habits of Kindle Fire users and possibly intercepting SSL-encrypted Web pages.

The Electronic Frontier Foundation (EFF) contacted Amazon to clarify how the Silk Web browser and AWS handled web pages enroute to Kindle Fire tablets.

The responses the EFF received from Amazon should put to rest the initial fears about the Silk browser. In fact, the Silk browser might be more secure to use with public hotspots than other browsers.

Amazon does not intercept, track, or process (accelerate) SSL-encrypted traffic. This means not only that Amazon is not looking at shopping, banking, and other sensitive financial Web interactions, but it is not looking at other Web sites that are (or can be) SSL encrypted, such as Gmail, Facebook, and Twitter.

Note that all Web traffic is encrypted by Amazon from its AWS servers to the Kindle Fire's Silk web browser. Amazon uses Google's SPDY (a short non-acronym way of spelling "speedy") Web-content network transport protocol in a persistent encrypted connection. This helps keep Web surfing in public hotspots safe from man-in-the-middle attacks, such as those popularized by the Firesheep attack tool.

Amazon also argues that its logging practices are reasonable from privacy and security points of view. Logged information is restricted to the URL being requested, the timestamps, and the token identifying a session. Logged data is kept for 30 days.

The EFF notes that Amazon does store website URLs on a per-browsing-session basis. The Silk browser has, however, the option to be placed in an "off-cloud" mode where all AWS-based interception and acceleration is turned off. This will, of course, result in slower Web browsing.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Flash Poll