Amazon Kindle Fire's Silk browser sounds privacy alarm bells

Filed Under: Featured, Mobile, Privacy

Amazon Kindle FireAmazon announced the newest addition to their Kindle line today named Fire. The Fire is a tablet based on the Android software stack with a customized Amazon interface layered over the top.

The focus appears to be on a very rich media consumption experience, similar to the iPad.

The real news isn't just another Android tablet though, it's the new mobile browser Amazon introduced called Silk. Amazon has crafted Silk to both increase the speed of mobile browsing and increase battery life.

How does it work? Silk relies on the Amazon Elastic Compute Cloud (EC2) to behave as an intelligent proxy. The concept is to use the power of EC2 to retrieve web pages and pre-render any objects (or reduce their size) in a way that lowers the burden placed on the tablet.

All web connections from your tablet will connect directly to Amazon, rather than the destination web page. Amazon will keep this connection between your Kindle Fire and EC2 open indefinitely while you are actively surfing, reducing the latency and connection times to retrieve web pages.

Hopefully you can start to see the problem here. All of your web surfing habits will transit Amazon's cloud. If you think that Google AdWords and Facebook are watching you, this service is guaranteed to have a record of *everything* you do on the web.

In fact Amazon Silk's terms and conditions notes that URLs, IP addresses and MAC addresses will be logged and can be retained for 30 days.

The Silk FAQ also makes confusing statements regarding HTTPS connections as well. It states:

What about handling secure (https) connections?
We will establish a secure connection from the cloud to the site owner on your behalf for page requests of sites using SSL (e.g. https://siteaddress.com).

Amazon Silk will facilitate a direct connection between your device and that site. Any security provided by these particular sites to their users would still exist.

It sounds as if Amazon will install a trusted certificate in the Silk browser allowing them to provide a man-in-the-middle (MITM) SSL proxy to accelerate your SSL browsing as well.

As Amazon is a US based company this would enable a US court order to intercept and record your secure communications.

No cloudFortunately Amazon will support an "off-cloud" mode for Silk. This lets users opt-out of the benefits of using EC2 while retaining the traditional privacy benefits of connecting directly to remote web sites.

While most of us roll our eyes when confronted with long privacy policies and pages of legalese, privacy risks lurk around every corner. If you buy a Fire device, think carefully as to whether your privacy is worth trading for a few milliseconds faster web surfing experience.

Update: A spokesperson for Amazon contacted me this morning to clarify their position. They stated "usage data is collected anonymously and stored in aggregate, and no personal identifiable information is stored."

This does not prevent Amazon from capturing your traffic if ordered to do so, but suggests that the logging they perform may not be useful for invading someone's privacy.

, , , , , , ,

You might like

25 Responses to Amazon Kindle Fire's Silk browser sounds privacy alarm bells

  1. Jeremy · 937 days ago

    Mobile Opera already did this.

    • Don't you mean Opera Mini? Opera Mobile and Opera Mini are two seperate browsers. Opera Mini fetches content through Opera's servers and decrypts the connection and re-encrypt while in Opera Mobile, most of the rendering and decrypting is done on the device itself (similiar to desktop browsers).

    • Phil · 937 days ago

      You're thinking of Opera Mini. Opera Mobile doesn't MITM ssl connections: In the Opera Mini FAQs, Opera suggests that you use Opera Mobile if you need end-to-end security: even "Opera Turbo" enables, Opera Mobile won't send https connections via the Opera servers.

  2. MCB · 937 days ago

    This strikes me as relatively unremarkable. Don't 3G mobile devices (e.g., smartphones) typically go through carrier proxies? They definitely did in the WAP/GRPS/1xRTT era.

    It's slightly different here since Amazon is the back-end content provider, not the network provider, but if you use a smartphone with a proxy, the carrier has a full record of your browsing sessions.

  3. Michael S · 937 days ago

    And Amazon is about to discover all the pain that RIM goes through. For what benefit?

  4. mittfh · 937 days ago

    I'd assume most ISPs maintain proxy servers which also log client connections, maintain the logs for a set period of time, and in the UK, the RIP Act allows certain organisations to request a customer's communications data.

    • sdlkjsdf · 937 days ago

      ISP proxies are different in that they do not monitor HTTPS connections - the Silk browser essentially allows Amazon to present you with a "fake" certificate and intercept and read seamingly encrypted traffic.

      Plus: Many countries have much stricter privacy laws than the US and silk MIGHT mean that all data gors through the US falling under very lax protections only.

  5. Right - this is same as RIM's browsing.

  6. Mr. Inconsistent · 936 days ago

    Note to self: Do not research chloroform or kinky porn on my new Fire. Must restrict all my nefarious undertakings to my PC connected through 256-bit encrypted VPN. Tinfoil hat at the ready.

  7. scottwilkins · 936 days ago

    Oh brother. More "tin foil hat" style reporting. Gees guys, you can't be afraid of everything, can you?

    • Apparently the amount of data Amazon already collects, which IS personally-identifiable (as opposed to this, which isn't) doesn't constitute a "tin-foil hat" epidemic, but a legitimately useful prefetch system is "oooooo scary".

      Knock it off, guys. No one REALLY wants to see your browsing history anyway. You aren't that interesting!

      • Machin Shin · 935 days ago

        It is not really a question of if some one REALLY wants to see my history that bothers me. It is about the same as I'm pretty sure no one REALLY wants to watch me wander my house changing and so forth, this does not mean I'm going to be ok with leaving all my windows wide open and strutting in front of a camera.

        This new silk is going to allow them to see everything you do online. I for one don't care to make it that easy for someone to look at what I do. I also would like to point out that YES amazon does REALLY care what you look at online. Think of the opportunity this will give them. They know that any traffic to your device is you or at least someone close to you. This is linked to your account on their server and so now they can analyze your browsing history to try to sell you things. So you spent an hour on a news page, next time you go to amazon you will suddenly find they want to sell you newspapers e-editions. You visit a medial website looking up warts and suddenly amazon wants to sell wart remover. It is really not that hard to see coming.

        • That extra help with finding things sounds great. Where can I get that wart remover? How about that Viagra? I will not have to read that pharmaceutical SPAM any more, Amazon will give me the right information at a good price. Boy I can't wait!

  8. Steve Thomas · 936 days ago

    This is going to put Amazon on very shaky legal ground.

    Even in the US, many states' wiretapping statutes require both parties to a communication to consent to its being intercepted for the interception to be legal. So even if Amazon adequately explains to its customers that it is snooping on their supposedly confidential communications, it will also have to notify, explain and get consent from banks, merchants, email providers and any other websites that use SSL that the communication is being monitored by Amazon. I wonder if they have such a mechanism for obtaining such consent!

    In the EU, there are almost certainly even stricter rules on this sort of thing. My gut feel is that it's probably outright illegal, no matter how many disclaimers and shrink-wrap contracts you get the customer to agree to.

    It really surprises me that Amazon are doing this.

    • This isn't wiretapping. They're providing a convenient service that you can opt out of if you find the idea of AGGREGATE DATA (that happens to include your own) to be of grave personal concern.

      • lachild · 935 days ago

        @dmaterialized - But wait let me guess... The service is turned on by default? Google "BonziBuddy" for more information as to why this kind of thing is scary... Man I miss that funny little monkey. :(

  9. Nigel · 936 days ago

    Concerns about the state ordering Amazon (or any other similar service provider) to hand over user information are entirely valid. I would call such concerns "unjustified paranoia" if the state actually were trustworthy, but that's pretty much a contradiction in terms.

    I realize it's probably tantamount to heresy to utter such a thing, but only among those who have no knowledge of history. Unfortunately, I suspect that such individuals constitute the majority.

    Nevertheless, the gradual erosion of personal liberty is a fact. State snooping compromises our security in the name of ensuring our security, and it always starts with the justification that it's "necessary" for our protection from the bad guys.

    Here's more heresy: I trust Amazon with my information far more than I trust the state with it. I don't have to be their customer. If I'm unhappy with Amazon, I can fire them and use a competitor's service. I can't do that with the state.

    • Agree 100%. I trust Amazon to do the right thing because they always have. I'm far less trustful that a massive, multi-layered government and legal system won't make decisions that both 1) affect me personally and 2) are ones I disagree with vehemently.

      For these reasons, Amazon can collect ALL the data they want about me. Because guess what? It HELPS me when they do. (Can hardly say the same for the state.)

  10. andrewperreault · 936 days ago

    All the press releases are still coming out on this new system, and people are blasting the legalities. Love it. I guess the high paid leaders, designers and engineers behind Silk didn't put any thought into this? Really? Of course they did. You'll learn more soon.

  11. pair a noid · 936 days ago

    Well I'll never sign on to a bank or brokerage site via the Kindle Fire, if it's true they are acting as a proxy for SSL. I don't trust any single site having userid/passwords for all my financial institutions. Everyone's site is vulnerable to being hacked, so I wouldn't want all my eggs in any single site's basket. It still amazes me people give up all that private information to mint.com or yodelee, etc.

    And god help us if we ever lose control of our government to any one religious/fascist ideology.

  12. WoodyAnderson · 936 days ago

    I work for a bank. If Silk does indeed terminate SSL, we will block this browser from accessing online banking. We block OperaMini browsers, which also terminate SSL, for exactly the same reason - your sign-on credentials will be IN THE CLEAR on a 3rd party site.

    As the bank is the one offering the security guarantee and talking the risk, we cannot afford to have credentials in the clear on some else's site -- ever.

    • I hope your bank is the one I bank with. Which bank are you? BA, Wells Fargo, CityBank? Great banks all.

  13. @i_love_copy · 936 days ago

    He's right. Opera Mobile and desktop Opera also do this when using "turbo" mode.

  14. I wouldn't be too concerned about security issues with the Kindle Fire. I'm sure Amazon has made all of the precautions to make their new tablet as safe as possible.

  15. Gilbamesh · 908 days ago

    When I read a book, that's a thing between the book and myself. It irritates me even if my wife peeks over my shoulder and asks me about what I'm reading.
    Why should I then allow anyone else, a faceless company, a bookseller or even the Government, to do the same?
    And how can I be sure that the confounded thing really turns off its remote link if I tell it to do so?
    As such I don't think I'll get the Kindle I planned to buy myself as a Christmas present. I'd rather look for some more primitive E-book reader that won't blab around about what I'm reading, when, where and why.
    And if it doesn't have an internet connection, well, it won't be that hard to survive all the same.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.