Privacy concerns over Amazon's Silk web browser

As part of its reveal of the Kindle Fire tablet, Amazon made a big deal about the tablet's web browser and its features. The $199 tablet will use Amazon's own Silk browser that will take advantage of the company's Elastic Compute Cloud (EC2) service to share the workload of downloading and displaying web pages in the tablet. But a new blog post on a software security company's web site has raised questions about both security and privacy for people who use the Silk browser.

The Naked Security blog, hosted by the Sophos web site, states that people who use the Silk browser in tandem with its EC2 features will expose their web visits to Amazon's servers. It states, "All of your web surfing habits will transit Amazon's cloud. If you think that Google AdWords and Facebook are watching you, this service is guaranteed to have a record of *everything* you do on the web." Indeed, the blog site points out that the official terms and conditions for using the Silk browser have this condition:

Amazon Silk also temporarily logs web addresses known as uniform resource locators (“URLs”) for the web pages it serves and certain identifiers, such as IP or MAC addresses, to troubleshoot and diagnose Amazon Silk technical issues. We generally do not keep this information for longer than 30 days.

If you plan to buy the Kindle Fire when it is released on November 15 but don't want to have your web surfing info recorded by Amazon's cloud servers, the Silk browser does have the option to turn off the links to the EC2 service. As the Naked Security site states, "If you buy a Fire device, think carefully as to whether your privacy is worth trading for a few milliseconds faster web surfing experience."

Report a problem with article
Previous Story

Google and Samsung to hold press event Oct. 11

Next Story

More rumors surface on Xbox Live TV service

14 Comments

Commenting is disabled on this article.

Because its none of their dang business. Its called "big brother" watching over everything you do, and recording it all. What other reason could they possibly have to record it, except for big brother. Believe it or not, but we DO have a right to privacy. Your a fool if you think otherwise.

So what if someone knows what you're browsing habits are? Seriously? Virtually everyone thinks their online activities are so important governments and companies want to track them. They don't. They only want to personalise ads for you. That. Is. It. Seriously. What are they going to do? Email your wife and say you've been buying jewellery and she's not the recipient?

dancedar said,
So what if someone knows what you're browsing habits are? ?

Actually companies are now performing background research on people via the web. You show questionable character and you might be out of the game before you get in it.

Honestly, for all practical purposes, if you don't want anyone to know your surfing habits, it's best not to surf the web at all.

SkolVikings said,
Honestly, for all practical purposes, if you don't want anyone to know your surfing habits, it's best not to surf the web at all.

Bingo. ISP's could record your browsing habits just the same as Google, Amazon, Facebook, etc. Same deal with ISP email accounts.

I take privacy very seriously, but there comes a point where you can take things too far.

Fourjays said,

ISP's could record your browsing habits just the same as Google, Amazon, Facebook, etc. Same deal with ISP email accounts.

The difference is that your ISP doesn't have anything to gain by monitoring your activity. Google and the like rely on tracking your activity to generate targeted advertisements that are the key source of their income; while your ISP will do some vague monitoring for purposes such as throttling certain traffic types they don't need to know the precise details because their income comes from the overall volume of your activity rather than what it comprises.

I had thought about that yesterday... but more importantly is that it also presents a nice SSL issue in regards to man in the middle SSL attacks.
Hopefully it's optional to use EC2, but I bet the option won't be very clearly worded.

cybertimber2008 said,
I had thought about that yesterday... but more importantly is that it also presents a nice SSL issue in regards to man in the middle SSL attacks.
Hopefully it's optional to use EC2, but I bet the option won't be very clearly worded.

the Silk browser does have the option to turn off the links to the EC2 service.

It is stated right in the article...

FuhrerDarqueSyde said,

It is stated right in the article...

If this causes a lot of ruckus I'm sure they can/will send out an update that will add an option.

no-sweat said,

If this causes a lot of ruckus I'm sure they can/will send out an update that will add an option.

THERE IS AN OPTION. He just quoted it to you!