Electronic Frontier Foundation is concerned about cloud browser.
New Silk Amazon browser, its concern security experts and legislators gave a mixed review of a large privacy-advocacy group today.
Electronic Frontier Foundation (EFF) said that discussions with Amazon has removed some but not all, of her concerns about Silk. "We are pleased with a lot of things that we initially nervous," said Dan Auerbach, a staff technologist with the EFF. "But there are some pretty serious about privacy."
Amazon introduced the page, the browser will be built into the Kindle Four tablet late last month. The fire, which is available for pre-order on Amazon for $ 199, will begin shipping in mid-November.
Silk is based on open source WebKit engine, same that powers Google's Chrome and Apple's Safari, but a different tack than most competitors like Microsoft's Internet Explorer and Mozilla Firefox does. Standard Silk will connect to Amazon's cloud service, which will handle much of the work to compose web pages, pre-rendering and pre-fetch content and terminal size on the page components. , Says Amazon will accelerate browsing and offers low power processors like those in a fire faster than other mobile web browsers and devices.
Questions linger
But routing user traffic in this manner will be asked a series of security and privacy experts to question since Amazon's moving week. EFF, which declined to comment in detail last month, today said it also had questions, and Amazon had asked many questions about the behavior Silk and what information the largest online retailer will collect.
High on the list of ERF was how Silk has to do with encrypted traffic to sites using SSL certificates and HTTPS protocol.
"She made it very clear that absolutely no man-in-the-media," says Auerbach, refers to a term that describes intercept traffic between a browser and a destination site.
Amazon CEO of Silk development, Jon Jenkins, EFF said that "secure web applications are made directly from the Kindle to the fire and the origin server using Amazon's EC2 servers," says Auerbach a blog published earlier today.
"It was one of the main reasons why we asked [Amazon] issues," said Auerbach, "because their message was so clear on this."
Last month, Amazon had said only: "We will ensure the cloud to create the site owner before your account page requests from sites using SSL," a statement that some interpreted as an Amazon would use man-in-the-middle SSL Proxy SSL users faster browsing.
Page will not SSL encrypted browsing faster, says Auerbach, a victory for users who may be worried about the Amazon see data used to log into secure sites, including banking, e-mail and shopping sites.
Assurances
Amazon also assured that the EFF is a limited amount of data received from the silk-users, including destination, a timestamp and a sign that identifies a session log. The data stored for 30 days, Amazon said.
"We have repeatedly asked if there was a way to get the logged information to a particular user or account with Amazon, and we were told that was not there and that Amazon was not able to track users "says Auerbach.
Also on the positive side, Auerbach says, is that all traffic from silk to its encrypted servers that give users some added protection from prying eyes when you browse an unencrypted public Wi-Fi hotspot. But EFF did not like all who heard it from Amazon, or rather not hear.
"You are Amazon trust with an incredible amount of personal information," says Auerbach, pointing out that the URLs Amazon stores can be used to identify individual users through their search history, and that the data Amazon collects may be an attractive target for law enforcement.
Users can turn off the cloud acceleration, and so Amazon intercept page requests of Silk, by pressing a setting. Amazon EFF sure that the change would be visible on the first page of the setting of the browser.
"It's standard, it is a little annoying and something that we are not thrilled," says Auerbach. EFF would prefer that users had to explicitly opt-in to gear, rather than hunting for an institution to opt out.
And still not clear how Amazon will explain Silk new cloud-based browsing and technology impact on consumers, a more exalted point last month. "We hope it would be very visible in the browser of [user interface]," Auerbach says, adding that Amazon does not share information with the EFF.
Auerbach refused to give a recommendation on Silk, says repeatedly that it is important for users to get to consider their balance, faster browsing and protection of privacy to understand.
"We urge Amazon to be as transparent as possible about this and users to feed themselves," says Auerbach.
New Silk Amazon browser, its concern security experts and legislators gave a mixed review of a large privacy-advocacy group today.
Electronic Frontier Foundation (EFF) said that discussions with Amazon has removed some but not all, of her concerns about Silk. "We are pleased with a lot of things that we initially nervous," said Dan Auerbach, a staff technologist with the EFF. "But there are some pretty serious about privacy."
Amazon introduced the page, the browser will be built into the Kindle Four tablet late last month. The fire, which is available for pre-order on Amazon for $ 199, will begin shipping in mid-November.
Silk is based on open source WebKit engine, same that powers Google's Chrome and Apple's Safari, but a different tack than most competitors like Microsoft's Internet Explorer and Mozilla Firefox does. Standard Silk will connect to Amazon's cloud service, which will handle much of the work to compose web pages, pre-rendering and pre-fetch content and terminal size on the page components. , Says Amazon will accelerate browsing and offers low power processors like those in a fire faster than other mobile web browsers and devices.
Questions linger
But routing user traffic in this manner will be asked a series of security and privacy experts to question since Amazon's moving week. EFF, which declined to comment in detail last month, today said it also had questions, and Amazon had asked many questions about the behavior Silk and what information the largest online retailer will collect.
High on the list of ERF was how Silk has to do with encrypted traffic to sites using SSL certificates and HTTPS protocol.
"She made it very clear that absolutely no man-in-the-media," says Auerbach, refers to a term that describes intercept traffic between a browser and a destination site.
Amazon CEO of Silk development, Jon Jenkins, EFF said that "secure web applications are made directly from the Kindle to the fire and the origin server using Amazon's EC2 servers," says Auerbach a blog published earlier today.
"It was one of the main reasons why we asked [Amazon] issues," said Auerbach, "because their message was so clear on this."
Last month, Amazon had said only: "We will ensure the cloud to create the site owner before your account page requests from sites using SSL," a statement that some interpreted as an Amazon would use man-in-the-middle SSL Proxy SSL users faster browsing.
Page will not SSL encrypted browsing faster, says Auerbach, a victory for users who may be worried about the Amazon see data used to log into secure sites, including banking, e-mail and shopping sites.
Assurances
Amazon also assured that the EFF is a limited amount of data received from the silk-users, including destination, a timestamp and a sign that identifies a session log. The data stored for 30 days, Amazon said.
"We have repeatedly asked if there was a way to get the logged information to a particular user or account with Amazon, and we were told that was not there and that Amazon was not able to track users "says Auerbach.
Also on the positive side, Auerbach says, is that all traffic from silk to its encrypted servers that give users some added protection from prying eyes when you browse an unencrypted public Wi-Fi hotspot. But EFF did not like all who heard it from Amazon, or rather not hear.
"You are Amazon trust with an incredible amount of personal information," says Auerbach, pointing out that the URLs Amazon stores can be used to identify individual users through their search history, and that the data Amazon collects may be an attractive target for law enforcement.
Users can turn off the cloud acceleration, and so Amazon intercept page requests of Silk, by pressing a setting. Amazon EFF sure that the change would be visible on the first page of the setting of the browser.
"It's standard, it is a little annoying and something that we are not thrilled," says Auerbach. EFF would prefer that users had to explicitly opt-in to gear, rather than hunting for an institution to opt out.
And still not clear how Amazon will explain Silk new cloud-based browsing and technology impact on consumers, a more exalted point last month. "We hope it would be very visible in the browser of [user interface]," Auerbach says, adding that Amazon does not share information with the EFF.
Auerbach refused to give a recommendation on Silk, says repeatedly that it is important for users to get to consider their balance, faster browsing and protection of privacy to understand.
"We urge Amazon to be as transparent as possible about this and users to feed themselves," says Auerbach.