

Silk, Fire and Another Loss For Privacy - jnorthrop
http://jnorthrop.tumblr.com/post/10802288463/silk-fire-and-another-loss-for-privacy

======
ck2
It's worse than that for webservers.

I block all Amazon AWS/EC2 on my servers because it's never humans and I've
yet to see a useful bot from there - they just suck bandwidth and cpu time.
Since they have free, unlimited inbound, there's a bunch of nonsense going on.

Now I suspect silk is going to use the same IP range as amazon aws, so if you
block aws, you block silk?

So no more using iptables to stop the traffic - maybe I can do it on another
layer, allowing the ip via user-agent but of course bots will start spoofing
that too.

Anyone know if silk will cache and serve content that is not fresh while
ignoring no-cache headers?

Bonus points if anyone as access to a Fire and can test the ip range and
header obedience (as well as pre-fetching aggressiveness).

~~~
ScottWhigham
Good question and I haven't seen a response yet. This may be a serious problem
for Amazon since you aren't alone in your blocking of AWS/EC2 IP ranges. If
users use the tablet and find that the Silk browser doesn't show them all the
sites they want, then people will be disappointed in Amazon. Hopefully they'll
separate/segment IPs to prevent users from not using the browser.

~~~
MatthewPhillips
More likely, if AWS fails to fetch a page it will fallback on the browser to
do the work. So the user will still get to the page they want, and your site
will be blamed for being "slow" due to blocking AWS caching.

~~~
ck2
Why would they assume local connect would work when AWS times out or notices
it was never able to fetch a page?

I think it will only be available via a buried setting that most users will
never touch.

Fire seems to discourage any kind of advanced user, it's the king of "no"

    
    
      Bluetooth? No
      HDMI? No
      Camera? No
      Microphone? No
      micro/SD slot? No
      GPS? No
      3G? No
      Android Market? No  (only amazon's market)
    

It also brings yet another browser to worry about for website compatibility
and will require simulation to test.

~~~
jonknee
Why wouldn't they assume that? Amazon surely knows that some people block AWS
servers (AWS customers sure know!).

You also have to realize that Amazon gets the advantage of crowd sourcing--in
short order they should know who's blocking what and not even have to make the
original requests to be blocked.

~~~
qjz
Not only that, but what's to prevent them from caching content after the first
client makes a successful direct connection? After that, they can serve the
cached content quickly to other Silk users. Circumnavigating such blocks may
even be one of the driving forces behind developing Silk in the first place,
since it allows Amazon to access content they can't easily reach otherwise.

------
mustpax
When intercepting a regular HTTP session Silk is no more of a MITM attack than
any ISP out there. I trust Amazon more than I trust AT&T or Verizon.

What disturbs me is that _Amazon Silk will terminate SSL on their end by
default._ * This is the break from the past that's worrisome.

* Source: [http://www.amazon.com/gp/help/customer/display.html/ref=hp_l...](http://www.amazon.com/gp/help/customer/display.html/ref=hp_left_cn?ie=UTF8&nodeId=200775440)

~~~
jonknee
"Amazon Silk will facilitate a direct connection between your device and that
site. Any security provided by these particular sites to their users would
still exist."

Between your device and that site doesn't sound like terminating at AWS. Also,
the SPDY connection to AWS is secure which gets you a leg up on sites that
aren't using SSL.

~~~
ryankshaw
read the sentence right above that: " _We_ will establish a secure connection
from the cloud to the site owner _on your behalf_ for page requests of sites
using SSL (e.g. <https://example.com>)." that means that the SSL is terminated
at amazon's servers, they see it in plaintext, then they send it via SPDY (re-
encrypted) to your device. so it is always secure over the wire, but is
plaintext readable by amazon. if you are worried about what someone on the
wire can see, you are good. if you are worried about what amazon can see,
you're not.

~~~
srdev
Let's not forget that this decryption and re-encryption[1] is going on in the
AWS cloud, which is ostensibly shared infrastructure. Its not just what Amazon
can see, but what other people who happen to be running on the boxes doing
this re-encryption can see (through security vulnerabilities).

[1] I'm making the assumption here that re-encryption is actually occurring.
It could be the case that its not and the phrasing was simply poor.

~~~
metamatt
Yeah, that's what I find worrisome as well.

And I don't see how it's possible for them to proxy SSL content without being
MITM and re-encrypting. They could stay entirely out of the way for HTTPS
requests, but if that's how they were doing it, I think their FAQ answer would
just say so. If, on the other hand, they're inline enough to do the Silk
acceleration thing at all, they have to be able to decrypt the traffic.

------
RexRollman
According to Ars Technica's article on Silk, it is possible to turn off the
split browsing mode and use Silk as a regular web browser, so people who have
privacy issues with this can turn it off.

~~~
metamatt
Yup. Also pointed out here (<http://news.ycombinator.com/item?id=3051585>),
sourced to the official terms and conditions
([http://www.amazon.com/gp/help/customer/display.html/?nodeId=...](http://www.amazon.com/gp/help/customer/display.html/?nodeId=200775270)).

------
talmand
There is no such thing as privacy on the internet. Only the illusion of
privacy exists.

~~~
esrauch
I don't think this is quite accurate; it's actually somewhat similar to say
that there is no privacy in the real world because you have to travel through
public property to get anywhere.

Anyone could follow you to any store, keep ultimate tabs on where you go and
who you meet. Except that isn't a problem, it doesn't happen. And it's not
that people don't see you go places; it's very unlikely that you can make it
from your house to the grocery store without a bunch of people seeing your car
and its unique identifier of a license plate.

The thing is that it is almost always different people that see your car on
each trip, and those people would be hard pressed to connect your license
plate back to your name or your house address.

This is true on the internet when your mail, your news source, your social
network all are separate entities that have no real way to link between each
other. Many people knowing a tiny portion of your identity is very nearly the
same thing as none of them knowing anything; and with only the smallest amount
of effort that is easily possible to achieve on the internet.

~~~
talmand
Imagine your ISP is some guy that goes wherever you go and sees whatever you
see and hears whatever you hear and so on.

Now imagine that the guy is willing to share that information with others due
to court order or a nominal fee.

Your analogy works if you imagine the privacy issue is other internet users
seeing what you are doing while they are going about doing whatever it is they
are doing.

Unless you have a direct connection to the Internet that does not go through a
third party everything you do on the Internet is open to the possibility of
being tracked. You use a gateway to get to the Internet and you are not the
gatekeeper.

~~~
esrauch
Even still, the ISP only keeps logs of what URLs you visit and as far as I
know they are almost never mined in any way that correlates to your identity.

At the worst it is like someone knows all of the addresses I go to in real
life, which is still way way less knowledge than private messages to friends
and colleagues or the contents of my email, or even what friends and
colleagues I am contacting. Actually, it's even less than that because going
to gmail or secure.google.com indicates exactly nothing to the ISP about your
behavior, for pages like that it would be like someone having knowledge that
you are a member at the local library without knowing what books you have
checked out; hardly the most privacy infringing knowledge possible.

Additionally I naturally access the internet from at least 3 different ISPs on
any given day, so even then it is still less concentrated than a single
monolithic entity like Facebook.

With regards to court order; literally anything can happen with a court order.
You can claim that phone calls or paper letters aren't private because a court
order could allow police to read their contents, but I think that is really
stretching the truth.

~~~
talmand
"Even still, the ISP only keeps logs of what URLs you visit and as far as I
know they are almost never mined in any way that correlates to your identity."

As far as you know is dead right. The ISP knows who you are and what you are
doing. Why do you think they receive subpoenas all the time to reveal the
identities of people? The entertainment industry has an entire extortion
racket going simply because they can ask a court to force an ISP to tell them
who you are.

Everything you do on the internet has the possibility of being observed. It
may not be active but it can be done. We have privacy because we aren't
important enough to be heavily watched.

The only thing we have is SSL and I for one am not convinced it is as totally
secured as many believe it is.

------
Nate75Sanders
Just playing devil's advocate here: They mention "aggregate user behavior", so
they could be building a large, aggregated Markov chain that stores no user
data whatsoever -- just site transition data for the world.

I haven't read in-depth analysis of how they do their stuff, though.

------
WoodyAnderson
I work for a bank. If Silk does indeed terminate SSL, we will block this
browser from accessing online banking. We block OperaMini browsers, which also
terminate SSL, for exactly the same reason - your sign-on credentials will be
IN THE CLEAR on a 3rd party site.

As the bank is the one offering the security guarantee and talking the risk,
we cannot afford to have credentials in the clear on some else's site -- ever.

------
eslaught
There are alternative browsers available:

[http://www.amazon.com/gp/search/ref=sr_kk_1?rh=i%3Amobile-
ap...](http://www.amazon.com/gp/search/ref=sr_kk_1?rh=i%3Amobile-
apps%2Ck%3Abrowser&keywords=browser&ie=UTF8&qid=1317321315)

That doesn't fix the problem for unaware users, but at least the option to use
other browsers still exists.

