The Kindle Fire's Internet Browser, Silk, Raising Security Concerns
Amazon's newly announced tablet, the Kindle Fire, boasts all sorts of unique features, one of them being its very own Internet browser named Silk. Silk is supposed to increase the speed of mobile surfing and the device's battery life. However, these conveniences come at a potential security cost to the consumer.
Silk is based on an open-source WebKit engine that directly connects to Amazon's Elastic Computing Cloud (EC2). When people use Silk on their tablets, they are directly connecting with Amazon and not the destination page. It is the EC2 that composes web pages, pre-renders and fetches content and squeezes the size of the page's components specifically for the Kindle Fire. The connection between the page and the browser is kept open indefinitely which is what allows for the faster web browsing. Amazon does promise to establish a secure connection from the cloud to site owners. This means that there is a trusted certificate in Silk that allows them to provide a man-in-the-middle SSL to accelerate user's browsing.
According to the blog Naked Security, maintained by Chester Wisniewski of the security firm Sophos, this means that Amazon will be able to directly monitor all the content of the Kindle Fire's consumers. The Fire's consumers' IP address, URLs and MAC addresses will all be stored on Amazon's servers for approximately 30 days.