Amazon’s Silk Raises Privacy, Security Concerns

By | October 3, 2011

Amazon's Silk Raises Privacy, Security ConcernsRemember Amazon’s new web browser Silk that is being included with the Kindle Fire? Well, it’s gotten some security and privacy experts to start thinking!

In a short FAQ about Silk, Amazon conveyed that it will handle the encrypted traffic between consumers and websites secured with SSL (secure socket layer), such as log in pages, other shopping sites, and online banking sessions.

This makes Amazon like your ISP. Every site, everything you do online through Silk will go through Amazon. That’s a new role for someone like them, and I don’t think it’s at all clear that Amazon can step into that, or that it will be apparent to consumers. – Aaron Brauer-Rieke of the Center for Democracy & Technology (CDT)

Chet Wisniewski, a security researcher for Sophos, interpreted that to mean that Amazon will install a trusted certificate in Silk that lets them provide a man in the middle SSL proxy to accelerate users’ SSL browsing.

Furthermore, in the Silk terms and conditions statement that Amazon has published on its website, it has acknowledged that it will temporarily log URLs for the pages it serves, as well as record the originating IP (Internet protocol) or MAC (media access control) addresses, which would identify the network used by the browser, or the individual Fire device.

Such information is not kept for more than 30 days according to Amazon, however.¬†Users will also be able to run Silk without the connection to Amazon’s servers if they want, the company confirmed in its FAQ.

[Thanks, Sebastian]

About (Author Profile)

Being passionate about software, Armin joined in early 2011 and has been actively writing ever since. Having accepted the challenge, he also enjoys watching anime, indulging in good books, staying fit and healthy, and trying new things.

Comments (2)

Trackback URL | Comments RSS Feed

  1. Anonymous says:

    How is it different from Opera mini?

    • Anonymous says:

      I think this one processes Dynamic elements such as javascript on the amazon servers (caches them too), Opera on the other hand compresses and caches pages reducing size. Processing is done on the device.

      This is why you have these privacy concerns