Amazon Kindle Fire Tablet: Security Concerns

VPN featured

Fewer than 24 hours after Amazon chief Jeff Bezos publicly rolled out the hyped-up upcoming Kindle Fire color tablet, privacy activists are already hopping on the case. They’re looking at the way its built-in optimized for Fire Silk Mobile Browser captures and distributes what they consider to be private data. Expect an Electronic Frontier Foundation comment soon.

Here’s what security analyst Chester Wisniewski wrote today on his blog, naked security.

It sounds as if Amazon will install a trusted certificate in the Silk browser allowing them to provide a man-in-the-middle (MITM) SSL proxy to accelerate your SSL browsing, as well. As Amazon is a US-based company, this would enable a US court order to intercept and record your secure communications. While most of us roll our eyes when confronted with long privacy policies and pages of legalese, privacy risks lurk around every corner. If you buy a (Amazon Kindle) Fire, think carefully as to whether your privacy is worth trading for a few milliseconds faster web surfing experience.

So I want to know. Are you worried? Or am I the last one standing who cares a flying whit about privacy?



  1. Greg Strong

    September 30, 2011 at 6:22 am

    You’re not the last one standing. I have a healthy concern for my privacy that does not transfer, necessarily, to cached web browsing, be it local or “in the cloud”. Many wise people have stated this before, but it bears repeating. If you don’t want it to be on the internet, don’t put it on the internet. I personally maintain that there is no expectation of privacy. Like the secrets you tell a friend, it lasts only as long as the synapse that transfers it from within to without. I expect that my truly important data (SSN, CC#’s, etc) should be safeguarded. I don’t think I worry about who reads comments, my Facebook, Google+, etc.

  2. Spencer

    September 30, 2011 at 7:57 am

    I’m hoping the data is somehow anominized when sent up to the amazon cloud. Otherwise, Amazon needs to make this enabled via Opt-in only vs. Opt-out.

  3. Austin

    September 30, 2011 at 2:57 pm

    Something to keep in mind is that this service will not work (unless configured by the network) behind corporate firewalls.

    I’m normally very privacy minded, but Amazon already has all of my information. They have my credit card number, my address, a history of all my purchases, and if I had opted in for their credit card they would have my social security # too. At this point, them knowing my browsing history seems almost trivial.

    However, this is the same confrontation that Google ran into when they first released Chrome. Amazon will have access to all of it’s users browser history, which they pledge that they will purge after 30 days.

    The important questions here are:
    1. How private will that data be kept,
    2. Will amazon use that data to deliver ads or recommendations.
    3. According to amazon’s response the data is collected “anonymously,” yet why does the Silk ToS say that it tracks “certain identifiers, such as IP or MAC addresses.”
    4. If the data is anonymous, why then is it scrubbed after 30 days? And why is 30 days the magic number?

Leave a Reply

Your email address will not be published. Required fields are marked *


To Top