September 30th, 2011, 16:39 PM
Amazon's Silk browser raises privacy, security eyebrows
Amazon's new Silk browser has raised some eyebrows among privacy and security experts.
"This makes Amazon like your ISP," said Aaron Brauer-Rieke of the Center for Democracy & Technology (CDT), Washington D.C.-based advocacy group. "Every site, everything you do online [through Silk] will go through Amazon. That's a new role for someone like them, and I don't think it's at all clear that Amazon can step into that, or that it will be apparent to consumers."
On Wednesday, Amazon introduced its new Kindle Fire touch-based tablet, and the browser that will run on the Android-powered device: Silk.
The browser, which is based on the open-source WebKit engine -- the same that is the foundation of both Google's Chrome and Apple's Safari -- will by default connect to the company's cloud service, which will handle much of the work of composing Web pages, pre-rendering and pre-fetching content, and squeezing the size of page components. That, claimed Amazon, will speed up browsing and let low-powered processors like those in the Fire render sites faster than other mobile browsers and devices.
To do that, Amazon will maintain an open connection between Silk on the Fire and its Elastic Compute Cloud (EC2) service, and will act as a middle-man proxy on all page requests.
In other words, said Chet Wisniewski, a security researcher for Sophos, "Web connections from your tablet will connect directly to Amazon, rather than the destination web page."
In a short FAQ about Silk, Amazon intimated that it will also handle the encrypted traffic between consumers and websites secured with SSL (secure socket layer), such as log-in pages, other shopping sites and online banking sessions.
Full story: Computerworld