Slashdot Mirror
Rob Malda Casts a Jaded Eye at Amazon's Silk
m.ducharme writes "Slashdot's recently departed editor and Fearless Leader muses about the security implications of Amazon's Silk, which uses Amazon's massive cloud computing services to provide 'pre-caching' for the new Fire devices." Another potential downside to bear in mind (depending on exactly how much Silk relies on the AWS infrastructure) is that it provides a single point of failure, and sometimes cloud services go down.
Who's Rob Malda?
From my understanding it can dynamically determine which parts to load from the cloud and which locally on the tablet. So theoretically if it's down then it just acts as any other browser would.
The security/privacy risks are actually pretty frightening.
I had much the same thoughts, but then I realized that I wouldn't use a seven inch tablet for work or anything else important. It would just be for when I'm too lazy to get off the couch to look up the name of a movie thats rattling around in my head. Frankly, this goes for all tablets. The mobile browsers have simply not been around long enough for me to say that they are secure, so if security is an issue, dont use them.
And finally, it is assumed that you will be able to install other web browsers at some point. While there are none to speak of on Amazons App Store I have little doubt that someone will figure out how to get Firefox Mobile etc installed.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Just like Battle.net, Xbox LIVE, Office 365, netflix (which uses AWS btw), etc etc so on and so forth. There are plenty of services out now with single points of failure.
Good-bye
Carrying on the proud Slashdot tradition of not giving a whit about copy editing by mangling the very first sentence. We're gonna miss ya, Rob.
I don't care why you're posting AC
I agree about the security/privacy implications.
On SPOF though -
1. Amazon has a *huge* interest in keeping its cloud services up and running. Downtime is likely to be negligible.
2. From what I understand, the Silk browser can fall back to a more conventional mode of operation.
My stance on this is:
- Read and understand Amazon's privacy policy
- Decide how much you trust their security
- Put your Silk browser into client-only mode when you think it's appropriate -- e.g. when doing online banking.
Well depending on how Amazon is using EC2, they could be doing the pre-caching in multiple zones so there may not be a single point of failure. But seriously, is this really a concern when:
1. The Kindle Fire screen, battery, PCB, etc are all a single point of failure
2. Your WiFi base station is probably a single point of failure
3. Your home cable/DSL modem is a single point of failure
4. The wires running between your home and the network POP is single point of failure
5. The DSLAM/whatever it's called in cable-speak is a single point of failure
6. etc etc etc
Yes, I know if you're using it at work you prolly have multiple WiFi access points and possibly redundant routers/connections to the internet, but why are you watching movies and playing angry birds at work?
Hell, the whole internet has gone down for large segments of the US due to construction workers/etc indiscriminately using backhoes to create huge fiber cuts, not to mention under sea cables being cut for various reasons.
I mean there's a lot of valid reasons why you may not want a Kindle Fire (I'm personally not interested in tablets at all), but I find this to be one of the weakest arguments out there.
It's worth taking note that this is not a completely novel idea. The Blackberry web browser when running the Blackberry Internet Service has also used server-side resources of RIM's infrastructure to slice and dice and optimize web services. The same is true of email attachments -- the RIM infrastructure intercepts and re-optimizes. Especially apparent in viewing PDF attachments to email. In the Blackberry Enterprise Server infrastructure, this functionality actually moves to ones own BES server instance, with end-to-end encryption between the BES server and the handheld. This fact, at least, provides a corporation with the ability to not have the security exposure of having RIM decipher the pages and content. Perhaps the objection is that for Kindle fire we don't have an independently implementable server-side browsing optimization node?
This sort of structure for a web browser has huge potential latency savings.
Web pages consist of lots of pieces, from lots of places, and lots of dependencies. (Open up Firebug, open the HTTP console, and open up the New York Times to see). Latency is the huge limiting factor on page loads, and is why it takes 1.7 seconds for the NY Times to load for me, even though it only transfered 300 kB of data (which is only .12s on my Internet connection).
The Silk-style structure beats the latency bottleneck in two ways.
For NEW content, the Silk proxy is much closer to the content itself. If its just 20ms closer, that will still save 40ms for each dependent fetch from a different site, 20ms for each dependent fetch from an existing site.
And for content that Silk has CACHED, its even faster, shaving basically ALL latency off the fetch.
IT doesn't hurt that the Fire probably has too small a processor and too little memory to run a real browser, but the latency wins make this structure attractive even for real browsers.
Test your net with Netalyzr
So if you then decide you want to buy that movie would you get up and turn a desktop computer on rather than just loading up Amazon and ordering the DVD? E-commerce from mobile devices is already a significant force in retail so obviously most people don't think the same way you do.
I don't want Amazon being the man in the middle on any of my https connections. It's bad enough that they would be able to see all my unsecured browsing by using them as a proxy.
Home internet connections no matter what ISP go down from time to time. Hell most peoples homes don't have back up generators for power outages. Another single point of failure! Look around, the whole world is full of single points of failure! Why the fuck should a cut rate tablet need to have enterprise level redundancy? It isn't a mission critical device. It is for dicking around on the internet and wasting time.
Lots of people use the iPad for travel, and even serious work. It may be somewhat less likely people would use the Amazon tablet for that, but many would at least use it to check web email...
And as for being "not secure" well try a public internet cafe when traveling if you really want to let the kimono hang wide open! Any of the tablets are a way better bet than something that can and probably does have a key logger attached...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Is this what we are in for? Hardware dependent on cloud services, essentially a dumb terminal with content pushed to it, an item relatively useless if there are no supporting cloud services.
I realize at this point that description doesn't fully fit Fire, but mobile tech seems to be headed that way, seemingly turning the Internet into TV.
"If any question why we died, Tell them because our fathers lied."
If we do, just flash it with Cyanogenmod or other stuff like that and turn it into in a cheap standard Android tablet.
So you're worried that Amazon will know your browsing habits when you order things from Amazon? I think that may be a non-issue.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Isn't this basically the same thing? Albeit on a much larger scale and capability given Amazons (presumably) more numerous data centers and backbone capacity.
there's always been a single point of failure, even before the Cloud. It's called your friendly local idiot.
Well, if you're buying from Amazon anyway, who cares if their browser 'cloud' can sniff it, right?
Dilbert RSS feed
change his name from cmdrtaco to cmdrObvious. Great insight there.
Wireless. Less cost than an iPad. Pr0n.
It is a consumer device that has a feature to make the browser a faster experience. I think we can live if the small chance that Amazon's cloud services can temporarily go down. There is concerns for security, but I don't think it is any worst than relying on Gmail for private email or Amazon to store your credit card information.
Amazon also is a reputable company that has lots of experience in cloud computing. They are going to be more reliable than most people can set up on their own. It is more likely that my ISP will go down, my power going off, forgetting to charge tablet's battery or the motherboard dying on my home built server.
So, cloud services sometimes go down? My local browser client crashes occasionally too.
The point being that if it's a system that will allow (generally) faster/smoother delivery of content to mobile endusers, that's a great thing. Yes, the 'cloud' might fail occasionally, but I don't know if you've ever browsed through your phone before but it's a fairly shitty experience anyway, and you'd ostensibly have a current-standard client browser available as a backup if the cloud-failure is persistent, no?
-Styopa
Anybody remember this awful movie? You must since it's on TBS every other weekend. Their idea of "interactive TV" was that things were still broadcast, but you get to vote, or something like that. This is what these passive media devices (tablets) are moving us towards. "The Cloud" provides us with TV and we watch it on our mobile device.
For interactivity, we get to vote, or perhaps read something of our choice (from what's available)... Sorta like cable TV is now with 1000 channels.
Starship Troopers (the movie) really predicted 'American Idol' more than anything else, but I see Tablets headed this way as well, where The Cloud decides what we can watch and what we can't.
He who controls the cloud, controls the world?
If telephones are outlawed, then only outlaws will have telephones.
The best prisons are the one where the inmates don't know they are held captive.
Amazon has stated that the split browsing mode is optional and can be turned off so that Silk is like a conventional browser accessing its content directly instead of from Amazon.
http://arstechnica.com/gadgets/news/2011/09/amazons-silk-web-browser-adds-new-twist-to-old-idea.ars
Opera Mini has the same problem.
Instead of avoiding the issue like Amazon though, they admit it openly: http://www.opera.com/mobile/help/faq/#security
I remember reading that FAQ few years ago, and they were even more candid about it. It used to say something along the lines of:
"Yes, technically we have access to every website you visit, even if it's encrypted. We promise, however to respect our user's privacy and never look, but ultimately it's up to you if you trust us. If you don't, please do not use Opera Mini to access sensitive websites".
Unfortunately I can't find that quote anymore. I guess some MBA must've found it "unprofessional" or something.
not realizing when we don't give a crap about his opinion.
I know who he is and my first reaction was, so what.
Karma be damned, it felt good to type it.
As to the Fire, I will have one when it ships and it may be my Christmas gift to friends and family if it provides and ease of use for mail and surfing.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
He's some guy that wants the cloud kids to get off his lawn. It's Android, if you don't want to use Silk (and I'm sure it will work fine without using AWS), there are like 50 other webkit browsers you can download for free, so this is not an important point. The larger issue is privacy in my mind but the public doesn't seem to care (the market has spoken).
MD in general love tablets. They were the only group that really bought the old Laptop Tablets with a stylus. So yes it needs to be secure..
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I never knew the guy personally, but my condolences to the Slashdot community. He was to young to die.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
So he writes posts about technology and other news for.. well lets just call them socially awkward math wizards. And he has people commenting and discussing the stories ... That sounds like this other website he used to have... What was it called "slanty line -period" or something. .. Can't remember off the top of my head.
Well.. maybe. Or Maybe not. But Definitely not sort of.
This thing isn't an iPad killer, to start with, it's deftly sidestepping that. This is a media consumption tablet. Stripping out all the things that confuse people is a positive - something that Apple figured out a long time ago and nerds just can't seem to get our withered mirror neurons around.
The people who are going to buy it to read books and magazines aren't going to care where their packets go. I do, but I also want my tablet to be a laptop replacement.
...searching for the fabled Jade Eye of Rob Malda with his new side kick Jar Jar Binks.
It isn't much different that what RIM and Opera did in the mobile space.
As far as security goes I am not to worried. If Amazon blows it they will get sued to death and they know it so they probably be more secure than the average browser. I bet they revoke certs at light speed.
As far as the Gubmit spying on me. They have already told me that I am too boring.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
easy it is to have any random elected official of my government simply request my account be removed from amazons cloud, I feel the need to abstain.
Good people go to bed earlier.
Taco makes an ill thought out post that ignores important facts (like this being an optional service), slashdot readers work themselves into a frenzy arguing the minutiae of a scenario that isn't true, and then the rest of us just not reading the article and posting snide comments.
It's like he never left.
They haven't had the entire service go down, ever, and never will. They've had single data centers have problems, and once they had a major thing that caused performance issues in an entire region with EBS volumes, but even that didn't mean "single point of failure." Because guess what, there's this cool thing called geoip which you should be using anyway, and then you could be using multiple regions (which you should be doing anyway, for better performance). And if, for some reason, an entire region fails...then, you serve only from the other regions for a bit. No biggie.
Having survived the great fiasco that took down Netflix earlier this year yet left a tiny guy like me completely unaffected (sans a slight performance hit for the alternate routing) I can speak to this well. I really don't understand why - for many reasons (stability, performance, etc) Netflix was so dependent upon not only a single AWS region, but a single datacenter...that's just so wrong, on so many obvious levels.
Sounds like a great idea. This way with the more common data hosted by Amazon, I more quickly learn about the sudden Japanese treachery at Pearl Harbor.
The browser depends on the internet - that's a single point of failure. Obviously a non-starter.
There is no particular reason why you shouldn't be able to have an encrypted home (or root!) and use VPN to your tablet device, especially with the ponderous flash most of them are equipped with. If you couple this with a decent password input scheme (moving the characters around the screen is a goodie) it ought to then be a pretty secure platform, if the OS it runs on is worth a damn.
You could do this on a PDA with Angstrom now if you liked.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I mean, as soon as you lose connectivity, your web browser stops working!
So if you then decide you want to buy that movie would you get up and turn a desktop computer on rather than just loading up Amazon and ordering the DVD? E-commerce from mobile devices is already a significant force in retail so obviously most people don't think the same way you do.
Most likely, yes. For me, ordering things off the web crosses that threshold where it's enough easier on a real computer that it's worth getting my butt of the couch.
So, will Amazon follow Opera Mini's lead (see http://www.opera.com/mobile/help/faq/#security) and rewrite WebKit's security stack so that it doesn't check SSL certificates?
That's the million dollar question, here.
I don't care if Amazon sees what my family does on the public internet. But if they're going to proxy my GMail, bank account, and other HTTPS sites, then we have a problem. And, most likely, a Congressional investigation. Because unlike Opera Mini, Silk isn't being billed as a stripped down mobile browser. There really isn't any need for them to expose themselves to our private data, if all they are trying to do is optimize the public web for their CPU.
I wonder how we'll be able to tell if they do this, anyway? Will they release the source code? Will they admit to it, if no one important enough asks?
It really was lame.
Slashdot's codebase was and still is a flaming pile of dogshit, so I'm not sure why Rob Malda would be the authority on such matters.
and yet you still were able to understand what he meant to tell perfectly havent you.
http://www.learningbooks.net/wholeword.html
Read radical news here
For systems like this in order to log into any website you have to send your username and password to Opera or Silks servers so it can login as you and then send the page back.
I found that out the hard way. My company's IT dept monitors logins and send out "change your password immediately and don't use Opera Mini" service when it sees logins from services like that
I don't think I'll be using Silk for the same reason.
...was Mac ONLY. People seem to forget this every time they bring up Slashdot's doom and gloom assessment of the original iPod. The first iPod was a turd. It was horrendously overpriced, required FireWire (which never really caught on for PCs) and didn't hold much music.
---
DRM is like antifreeze, to the MPAA/RIAA it's sweet, to the consumers it's poison.
Man, I know what you mean I have the same problem with Firefox. When my internet connection goes down it won't load up facebook. I should submit a bug report. Totally unacceptable.
Does it run Doom?
You consider AWS a single point of failure because you do not understand cloud technologies. Services can be engineered to utilize several unique locations that allow for near-continual to continual uptime. Instead of creating a negative perspective I challenge you to come up with an architecture that will have 99.9999999% uptime in the cloud. It can and has been done already, though I am quite certain you can come up with a unique way to accomplish the challenge.
I thought the real problem with silk is that it has to be dry-cleaned, and that gets expensive.
No 3G. Less space than an iPad. Lame.
Lots of people use the iPad for travel, and even serious work. It may be somewhat less likely people would use the Amazon tablet for that, but many would at least use it to check web email...
Indeed, the first time I saw an iPad in the wild was on a train. The person happened to be passing the time with a game of some sort at the time. This was on August 5th 2010, a few months after release. (I recall some programmers at my university working with them in the spring, not quite "in the wild")
I do occasionally miss having Internet access while on vacation.
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
It's really quite irritating when for once you decide to click what seems to be the link to the FTA and it just takes you to another slashdot story (I know, I know, I have transgressed an unwritten law)..
And on the subject of off-topic moans, why are we still getting variations on "In a story from first-time submitter X..." No one cares.
Now, everyone off my lawn, I'm going for a lie down
To have a right to do a thing is not at all the same as to be right in doing it
Amazon is also a hosting company.
server side caching is here to stay, no body say a word about it. client side caching is here also, only a few is worry
Look, facebook and privacy, no body should be caring about it.
Move over, boy, grow up now
get free photoshop updates at
http://www.photoshopupdates.blogspot.com