Asia's Source for Enterprise Network Knowledge

Thursday, April 24th, 2014

Email and Web security

Get incognito with Amazon Silk

The cloud-based design of Amazon's Silk browser has positive security side effects because it encrypts all traffic between users and websites, especially important when connected over unprotected Wi-Fi networks where session hijacking attacks can occur easily, the company said.

Amazon developed Silk to increase browsing performance on its new Android-based tablet, the Kindle Fire, by leveraging the power of the company's AWS servers to process and optimize Web content requested by users.

Soon after its release, the browser came under criticism for the alleged risks it poses to user privacy and security. The main issues revolve around the browsing data logged by the company and its handling of SSL traffic.

In a dialog with digital rights watchdog the Electronic Frontier Foundation (EFF), Amazon tried to alleviate some of the fears associated with Silk's split-browser architecture. For one it clarified that HTTPS requests do not use cloud acceleration and are routed directly to users.

As for browsing data, the company said it keeps an anonymized record of visited URLs, along with corresponding timestamps and session tokens, for 30 days, and that information cannot be tied to individual users.

One interesting piece of information that came out of Amazon's talk with the EFF is the company's contention that Silk can actually increase security. "The persistent SPDY [networking protocol] connection between the user's tablet and Amazon's servers is always encrypted," the EFF said. "Accordingly, if you are using your tablet on an open WiFi network, other users on that network will not be able to spy on your browsing behavior."

This is a security layer that users normally implement by routing traffic through secure VPNs (virtual private networks) after they connect to open Wi-Fi access points.