ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Amazon Silk offers users a choice between fast browsing and privacy, not both

By | September 29, 2011, 7:16am PDT

Summary: Privacy issues relating to Amazon’s Silk service.

One of the most interesting announcements to come out of Amazon announcement yesterday wasn’t new hardware but a software/cloud feature - Amazon Silk.

Amazon Silk is an implementation of Amazon’s Elastic Compute Cloud (EC2) that allows the company’s vast cloud presence to act as an intelligent proxy server for the Kindle Fire Android tablet. The EC2 will be used to fetch (and pre-fetch) web pages and compress objects such as images for delivery to the tablet, minimizing bandwidth usage, reduce latency and improving speed.

Here’s a video explaining what Amazon Silk is.

Good idea … but …

The problem is that everything you do will go through Amazon’s EC2 cloud, and Amazon will have a record of everything you do on the web. Here’s what Amazon’s Silk T&Cs say:

Amazon Silk also temporarily logs web addresses

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Silk, Privacy, Amazon.com Inc., Security, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

26
Comments
Add Your Opinion

Join the conversation!

Just In

@betelgeuse68 .. i'm with you on this
thx-1138_@... 1st Oct
.. ZDNet have a bunch of hypocritical bloggers that will on one day say "we need to protect ourselves from prying eyes and malware". The very next day they'll spout on about how great Google Chrome .. or the iPhone .. or any other tech' app or device is (..and that, incidentally, often doubles as a stealth tracking / RDP / reporting mechanism.

If we're not discussing the iPhone's ability to track position or Chrome's spyware capabilities or svchost.exe's phone-home abilities via RPC and the like, then it's plain to see it's futile and completely useless trying to pretend that the average citizen can completely hide their whereabouts, activities - or frankly, anything at all they do online. All you online activities are subject to channelling via an ISP and (by proxy): consequently, those communications will pass through the wider, BGP-based world that interconnects us through different portions of the 'www'.

ZDNet - and pretty much anyone else that tries to say we can hide our transmissions - is selling false hope and simply misleading the reading public.

So it's like this, get used to the reality that if you use the Internet, you will definitely leave an indelible (proverbial) 'footprint' that can and often is tracked by one source or another. So Jane & Joe Average, if you dislike that reality, you could always yank the cable out from modem / router and disconnect entirely ... just sayin'.
View in thread
0 Votes
+ -
UK precedent
johnfenjackson@... 29th Sep
There was a very similar service in the UK - BT introduced PHORM technology without users' permission, tracking users' preferences and offering up targettted ads. - but it was abandonded, indeed may have been declared unlawful if it had not been withdrawn.

Be interesting to compare the regulations around the world ...
0 Votes
+ -
I knew
markbn 29th Sep
@Adrian: I knew you were coming: the Apple knight attacking any device could be "confused" with a tablet, or such device's features.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
skwalker59 29th Sep
I am sorry but I am in the technology and know they do not need to do it this way - we are being lulled here. Everything is about marketing ... they want your dollar sad

I really hope this bombs and someone else comes up with a secure connection alternative.

Just in case you dont understand - their support is probably in India/China and they will have access to these logs.
0 Votes
+ -
And the'll be safe if kept on the U.S....
cosuna 29th Sep
...considering the Patriot Act, Sarbanes-Oxley, HIPAA, etc. etc.

Keep dreaming....
0 Votes
+ -
They have to have a warrant to get the data
spdragoo@... 30th Sep
@cosuna
Patriot Act requires that a federal warrant be granted before gaining access to the data. And before anyone starts complaining about how "permissive" the permission might be...teh government have had the ability *for decades* to use warrants to gain access to your private financial records, phone call histories, real estate purchases, etc., via a warrant. Patriot Act just opened up access to more records & record formats.
0 Votes
+ -
Yes but everything you transmit already passes through someone
betelgeuse68 Updated - 29th Sep
If you don't want someone to see what you're transmitting, then use SSL. This is no different than someone arbitrarily deciding they want to sniff your network traffic and they happen to work for your ISP. In essence what you're saying is, someone at Amazon has a greater interest in looking at your network traffic than say Comcast (or pick your ISP)... which frankly is nonsense.

-M
0 Votes
+ -
Contributr
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
Adrian Kingsley-Hughes 29th Sep
@betelgeuse68 I agree, the issue isn't security more privacy ... do you want Amazon knowing what you're looking at?
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
tiderulz 29th Sep
@Adrian Kingsley-Hughes
that is fairly visible to anyone. You ISP, proxy services. It isnt that hard to see what people visit.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
Rama.NET 29th Sep
@tiderulz
Well, your ISP may not record and keep your banking and other sensitive information for a long time. ISP just routes the information to and fro, but here Amazon logs it and keeps it for 30 days and work as Man in the middle.
0 Votes
+ -
And Amazon *can* see your HTTPS content, since its Silk engine builds the
DeRSSS 29th Sep
@Rama.NET: ... page that it sends to the tablet (or PC, shortly). The data which is SSLed is only secured on its way to Amazon, and from Amazon to the user. However, the data is decrypted on Amazon (or otherwise their engine would not be able to build/draw the "secured" internet page).

So Amazon's solution does not provide neither privacy, nor security -- you can not even begin to compare it to ISPs, which never see your secured data decrypted (only you see it raw on your device).
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
Rama.NET Updated - 29th Sep
@DeRSSS
+1. I totally agree with you.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
mrmikeprogrammer 29th Sep
@betelgeuse68 I'm pretty sure it's different because the ISP can see where you go, but Amazon can see where you go and what you see. The silk browser trusts Amazon EC2's SSL Certificate as a man-in-the-middle. As I understand it, that means they can read everything you send and everything you see, passwords and all. Your ISP can't do that, because your desktop browser doesn't trust your ISP, so it would warn you about the SSL certificate. That's what Amazon means when they say they will "establish a secure connection on your behalf". I securely send them my banking password, and, on my behalf, they securely send it to my bank. I wouldn't trust a corporation with that kind of knowledge.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
betelgeuse68 29th Sep
@mrmikeprogrammer

Alright so don't do your banking on it. While the iPad doesn't have this issue since there's no man in the middle when I browse, it's never once crossed my mind to work against my bank with it.

This whole debate is a "tempest in a teapot". If people think they're anonymous, they're naive. It's the world we live in now. If people want to be mostly anonymous, they can go live in the middle of nowhere "off the grid".

-M
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
Rama.NET 29th Sep
@betelgeuse68
How many of the users would know that and how many would effectively use alternative browsers on tablets, not much.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
beevee 29th Sep
SSL is meaningless. Most likely, the site your on is doing HTTPS inspection anyhow. PII data and payload, you hope is left encrypted or not recorded, but there's certainly no guarantee. Anyhow, Flash cookies, Google Search, etc. - just assume someone is mining what you do online.
0 Votes
+ -
@betelgeuse68 .. i'm with you on this
thx-1138_@... 1st Oct
.. ZDNet have a bunch of hypocritical bloggers that will on one day say "we need to protect ourselves from prying eyes and malware". The very next day they'll spout on about how great Google Chrome .. or the iPhone .. or any other tech' app or device is (..and that, incidentally, often doubles as a stealth tracking / RDP / reporting mechanism.

If we're not discussing the iPhone's ability to track position or Chrome's spyware capabilities or svchost.exe's phone-home abilities via RPC and the like, then it's plain to see it's futile and completely useless trying to pretend that the average citizen can completely hide their whereabouts, activities - or frankly, anything at all they do online. All you online activities are subject to channelling via an ISP and (by proxy): consequently, those communications will pass through the wider, BGP-based world that interconnects us through different portions of the 'www'.

ZDNet - and pretty much anyone else that tries to say we can hide our transmissions - is selling false hope and simply misleading the reading public.

So it's like this, get used to the reality that if you use the Internet, you will definitely leave an indelible (proverbial) 'footprint' that can and often is tracked by one source or another. So Jane & Joe Average, if you dislike that reality, you could always yank the cable out from modem / router and disconnect entirely ... just sayin'.
0 Votes
+ -
Re: Amazon can see your passwords
mrmikeprogrammer 29th Sep
You said that when using the cloud "content ... would still be encrypted," but I'm pretty sure a man-in-the-middle SSL proxy can read the content. With a MITM SSL Proxy, there is a secure connection between the client and the proxy and a secure connection between the proxy and the server, but in the middle, the proxy decrypts and re-encrypts the whole message. Otherwise, they couldn't do any of fancy pre-fetching and image compression speed-up stuff because they couldn't see the page content. If I'm right, then Amazon could read, for example, your online banking password, which is a much bigger issue than just tracking where you go.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
aep528 29th Sep
Isn't that exactly how Opera Mini works?
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
dsf3g 29th Sep
Doesn't the Opera Mini web browser do something similar?
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
CowLauncher 29th Sep
I guess it comes down to whose motives you are willing to trust your online persona with, Google, Amazon, Apple, and so on. Our online life and our real life are merging more and more everyday. We need to ask ourselves "why" these entities exist and what we are getting in return for creating a relationship with them. Is it worthwhile? Is there value? What am I giving up?
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
mrlinux 29th Sep
This statement is wrong, the content will be decrypted @ the proxy then encrypted and sent on it's way
although not the content, as this would still be encrypted
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, no
Rabid Howler Monkey 29th Sep
A bit of a red herring. Amazon's AppStore for Android has a "Web Browsers" category. One could choose to install a 3rd party web browser (e.g., Dolphin Browser Mini) and use it for all your web browsing or some subset of it (e.g., online banking, securities trading).
0 Votes
+ -
Not really, no.
spdragoo@... 30th Sep
@Rabid Howler Monkey

Article's talking about using Amazon's Silk browser on their Fire tablet. It's not claiming that Amazon will do the same for 3rd-party browsers at all.
0 Votes
+ -
Yes really, yes
Rabid Howler Monkey 30th Sep
@spdragoo@... And I'm talking about running a 3rd party browser on the Amazon Fire. It's an option for those concerned about Silk privacy and security. In other words, Amazon is not locking their users into the Silk browser (as Google does with Chrome on Chrome OS).

Why don't you read before responding? I never stated or implied that Amazon might do the same with a 3rd party browser.
0 Votes
+ -
Opera Turbo does this already
Maarek 29th Sep
The Opera Mini browser which has been around for years and the turbo option does this relativly quickly without Opera keeping track of your history, so you do have privacy where the silk, you don't.
0 Votes
+ -
RE: Amazon Silk offers users a choice between fast browsing and privacy, not both
CobraA1 29th Sep
I believe Opera Mini does something like this, so this wouldn't be the first technology to do so.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix