Archive for September, 2011

Amazon’s Kindle Fire – Is the Silk Browser a Major Security Risk?

Amazon has finally release its long awaited “iPad Killer” – Kindle Fire. BUT is the center piece of this new mobile device – the Silk Browser – a major security risk? Here is how it is architectured and why the most significant part of this may be something you want to not touch.

Traditional browsers typically get their data directly from the publishing web site(s). Yes, there is some caching at the web site level and in the browser. However, you really get it “directly”. This takes time and in a lot of cases a LOT of time.

Enter Amazon… What they have done is to re-structure the browser such that it takes advantage of their EC2 (Elastic Cloud Computing) computing powerhouse. Amazon is ON the Internet backbone.. it’s (almost) a part of it. BY using their “back-end” computing power and net bandwidth they can really speedup delivery of web pages significantly. So much that it leaves everything else in the dust and delivers a really great user experience (on a $200 device ;-). Over time “it” (the “back-end”) “learns” the user’s browsing habits and even pre-fetches pages/sites before you actually navigate there.

What does this all smack of?… you are being “tracked”.. and all the pages/sites you fetch are being “held” in the big EC2 could (in the sky). In security terms, we call this the “man in the middle”. There is a massive computing resource that sees each and every byte of data you look at.

Is this bad? – depends… depends on just what Amazon does with this info/data and just how you feel about it – or better said, if you are doing company business and running a corporate web based application – say a CRM system – then is confidential information being exposed?

Answer – we really do not know since the Kindle Fire is only available for pre-order and really has not been taken to the test – yet. Only time will tell if Amazon has built a better mouse-trap or a very bad security risk setup.

, , ,

Leave a comment