Rob Malda Casts a Jaded Eye at Amazon's Silk 143
m.ducharme writes "Slashdot's recently departed editor and Fearless Leader muses about the security implications of Amazon's Silk, which uses Amazon's massive cloud computing services to provide 'pre-caching' for the new Fire devices." Another potential downside to bear in mind (depending on exactly how much Silk relies on the AWS infrastructure) is that it provides a single point of failure, and sometimes cloud services go down.
Huh? (Score:5, Funny)
Re: (Score:2, Informative)
Rob Malda
From Wikipedia, the free encyclopedia
Rob Malda
Malda at LinuxWorld Boston 2006
Born May 10, 1976 (age 35)
Other names CmdrTaco
Known for founder of Slashdot
Slashdot
Rob Malda (CmdrTaco)
Jeff Bates (hemos)
Slashdot effect
This box: view  talk  edit
Rob Malda (born May 10, 1976. in Holland Michigan), also known as CmdrTaco, is founder and former editor-in-chief of the website Slashdot. He is a gradua
Re: (Score:2)
Son of a bitch.
Take a while off from the site (been busy at work for the last month or so) and Malda retires ?@?!?!?
WTF and HTF did I miss that?
oh, and yeah, interesting topic too.
Re: (Score:2)
Son of a bitch.
Take a while off from the site (been busy at work for the last month or so) and Malda retires ?@?!?!?
WTF and HTF did I miss that?
oh, and yeah, interesting topic too.
He was modded down.
Re:Huh? (Score:4, Funny)
I couldn't tell if the gp was being sincere or just trolling.
Isn't that the goal of every slashdot commenter?
Re: (Score:2, Offtopic)
+1
Dammit, I wish I hadn't just spent all my Mod points on the Health Care thread...
Re: (Score:1)
I don't care, but I suppose he's looking for a job. Henceforth, any press is good press.
Re:Huh? (Score:5, Funny)
The guy who infamously responded to the announcement of the original iPod: "No wireless. Less space than a nomad. Lame." So I'm sure we're all interested in his opinion about Silk.
Re:Huh? (Score:5, Interesting)
But this only follows the /. standard response to any new device. There is not enough space, it's underpowered, it's overpriced, it doesn't render 3D models, it can't control the space shuttle, it can't beat Kasparov in chess, it can't even construct Kelly LeBrock for us - therefore, /. neckbeards have no use for it. Lame. Fail. Insertmeme
Re: (Score:2)
You forgot the most important part: He was right about the original iPod. It was a less useful device at a higher price point than the rest of the field.
Re: (Score:2)
You're right... this involves Android, and Android is exempt from all other /. rules of behavior/emoting...
Re: (Score:2, Informative)
His comment was correct, though. The first iPod WAS objectively inferior to the Nomad of the time. Note that the comment was a quality judgment of the product in question, not a prediction that it would fail in the marketplace.
The original iPod... (Score:1)
...was Mac ONLY. People seem to forget this every time they bring up Slashdot's doom and gloom assessment of the original iPod. The first iPod was a turd. It was horrendously overpriced, required FireWire (which never really caught on for PCs) and didn't hold much music.
Re: (Score:3)
I don't see why this comment was modded informative. The original iPod had less storage space than the Nomad, but it was smaller and had higher transfer rates. Definitely not "objectively inferior".
Do you remember the original iPod? (Score:2)
It really was lame.
Re: (Score:1)
Re: (Score:3)
The guy who infamously responded to the announcement of the original iPod: "No wireless. Less space than a nomad. Lame." So I'm sure we're all interested in his opinion about Silk.
Because we all know that the original iPod did have wireless and in fact had more space than a nomad, so clearly CmdrTaco was factually incorrect. Oh, wait...
Just because the iPod became incredibly popular doesn't mean you can go back and rewrite history. At the time, the iPod was nothing special, its main advantages were that it was much cooler looking than its rivals, and very easy to use (if you had a Mac with firewire)
Rob Malda... (Score:3)
Re: (Score:2)
Failure Not a Big Deal but Security Risk is (Score:1)
From my understanding it can dynamically determine which parts to load from the cloud and which locally on the tablet. So theoretically if it's down then it just acts as any other browser would.
The security/privacy risks are actually pretty frightening.
Re: (Score:2)
No, it's more like Opera Turbo [opera.com]. There's a server which preprocesses a web page for you, making it easier for the device to process and present. So yes, if Silk were ever down you'd be basically unable to surf the web.
Then again, every single online service i use daily has the same issue.
Re: (Score:3)
No, parent is right.
All of the browser subsystems are present on your Kindle Fire as well as on the AWS cloud computing platform. Each time you load a web page, Silk makes a dynamic decision about which of these subsystems will run locally and which will execute remotely.
The server can preprocess the web page for you, but it's not required.
Re: (Score:2)
Is this like him pranking all the other editors for the years of shit he's taken for posting exactly this kind of thing?
Re: (Score:2)
I don't understand the "single point of failure" gripe. I already have numerous single points of failure. My ISP. The cable jack on my wall. The modem itself.
Re: (Score:2)
My understanding (I may be wrong) is that you can opt not to use Silk. As long as its not on by default, there are no privacy issues (opting in is willing declaration you dont care.)
If it's on by default, and you must hunt down how to turn it off, then yea, privacy is indeed an issue as most users may never realize they are even using it.
Even then, I dont think Amazon sells private data they collect. They use it, allright, but selling it just allows potential competitors to catch up with them. It's in their
Should a tablet be used to do secure stuff anyhow? (Score:2)
And finally, it is assumed that you will be able to install other web browsers at som
Re: (Score:2)
So if you then decide you want to buy that movie would you get up and turn a desktop computer on rather than just loading up Amazon and ordering the DVD? E-commerce from mobile devices is already a significant force in retail so obviously most people don't think the same way you do.
Re: (Score:1)
Re: (Score:2)
Well, if you're buying from Amazon anyway, who cares if their browser 'cloud' can sniff it, right?
Re: (Score:2)
So if you then decide you want to buy that movie would you get up and turn a desktop computer on rather than just loading up Amazon and ordering the DVD? E-commerce from mobile devices is already a significant force in retail so obviously most people don't think the same way you do.
Most likely, yes. For me, ordering things off the web crosses that threshold where it's enough easier on a real computer that it's worth getting my butt of the couch.
Re: (Score:2)
Lots of people use the iPad for travel, and even serious work. It may be somewhat less likely people would use the Amazon tablet for that, but many would at least use it to check web email...
And as for being "not secure" well try a public internet cafe when traveling if you really want to let the kimono hang wide open! Any of the tablets are a way better bet than something that can and probably does have a key logger attached...
I see your point (Score:2)
Lots of people use the iPad for travel, and even serious work. It may be somewhat less likely people would use the Amazon tablet for that, but many would at least use it to check web email...
Indeed, the first time I saw an iPad in the wild was on a train. The person happened to be passing the time with a game of some sort at the time. This was on August 5th 2010, a few months after release. (I recall some programmers at my university working with them in the spring, not quite "in the wild")
I do occasionall
Re: (Score:2)
MD in general love tablets. They were the only group that really bought the old Laptop Tablets with a stylus. So yes it needs to be secure..
Re: (Score:2)
It isn't much different that what RIM and Opera did in the mobile space.
As far as security goes I am not to worried. If Amazon blows it they will get sued to death and they know it so they probably be more secure than the average browser. I bet they revoke certs at light speed.
As far as the Gubmit spying on me. They have already told me that I am too boring.
Re: (Score:2)
There is no particular reason why you shouldn't be able to have an encrypted home (or root!) and use VPN to your tablet device, especially with the ponderous flash most of them are equipped with. If you couple this with a decent password input scheme (moving the characters around the screen is a goodie) it ought to then be a pretty secure platform, if the OS it runs on is worth a damn.
You could do this on a PDA with Angstrom now if you liked.
Single point of failure (Score:3, Insightful)
Re: (Score:1)
Re: (Score:2)
yes, but those services are isolated single point of failure, Silk isn't if it fails, your browser do not reach any site, unless you turn Silk off if it is possible to turn it off, or of you know about it, normal users will just say, the internet is down
Re: (Score:2)
Or unless silk is written to fail-over automatically.
btw. Amazon loose millions of dollars an hour if Amazon.com goes down, I would say they are valuing your browsing time fairly highly by putting it on the same system.
Re: (Score:2)
Agreed. Our power went out for half a day this last week. I was really wishing I could just connect through 4G and keep working from a cloud hosted workstation.
Re: (Score:2)
If someone hacks Battle.net/etc, you might find out. The cloud is a much larger beast and if some fundamental underlying technology in it is hacked you may never have any clue, Amazon may not ever even catch it. Eventually the systems are just too big to secure based on traffic load and the insane amounts of data, you have to play bug smasher after its already compromised and proactively defend the systems, but there is a critical point at which you just cant prevent, only mitigate, damage that can be done
Good ol' Taco (Score:5, Funny)
Carrying on the proud Slashdot tradition of not giving a whit about copy editing by mangling the very first sentence. We're gonna miss ya, Rob.
Re: (Score:2)
I actually decided to read the article and buck another proud Slashdot tradition, but I gave up after three paragraphs. It hurt too much.
But it's real use is to be a front end for the amazon store... the iPad always was meant to be a front end to Apple's stores... but it was always much more than that.
As I look at Silk and it's just making me nervous.
Random punctuation strewn everywhere, incoherent sentences...I know that complaining about grammar on /. gets you slapped down pretty quickly, but I found myself having to read most paragraphs two or three times just to understand what he was trying to say.
Forget it. I can get plenty of insightful content from a hundred different places on the web; there's very little whic [slashdot.org]
Re:Good ol' Taco (Score:5, Informative)
I got as far as the fifth paragraph (fourth, if you don't count the obviously unintended break between 4 & 5) and realized the horrible truth: he DID have spellcheckers and editors going over his work while he was here and, God bless their tortured souls, they did as much as they could--they just couldn't completely contend with the torrent of spelling and grammatical errors he sent their way.
My favorite bit is this sentence in paragraph 2:
Silk is the tech amazon [not capitalized] has built to pre-render? [he uses two spaces after questions marks and periods; sometimes three] to pre-cache? web pages on the massive AWS/EC2/S3 network (the same network that Iâm [quotation marks instead of an apostrophe] using to actually host this very web page in fact. [Parentheses not closed]
Slashdot editors, I salute you. *wipes tear from eye*
Re: (Score:2)
To be fair, two spaces after a sentence close is normal. One space after a comma.
Re: (Score:2)
Flat-out wrong. Two spaces after a period only if you're using an actual, physical typewriter or a monospaced font. [slate.com]
Re:Good ol' Taco (Score:4, Interesting)
To be fair, two spaces after a sentence close is normal
Flat-out wrong. Two spaces after a period only if you're using an actual, physical typewriter or a monospaced font. [slate.com]
Meh, I'll toss in a token 'get over yourself, kid' for all of us grumpy oldsters that were taught to touch-type with 2 spaces after each sentence (. or ? or !). Doublespacing periods isn't a sin. It's not 'flat out wrong'. It's an innocuous habit I still have due to decades of typing and an edge case: I go back and forth between monospace code and publishable material like this post. I could do a lot worse. For starters, I could be a grammar nazi while (squints at screen) typing 2 sentence fragments and a -- sweet web-formatting jesus, did you really use just 12 words to anchor a link while telling us 2 *INVISIBLE* spaces is bad juju?! Get the Hell. Off. My. Lawn.
tl;dr: parent = grammar nazi post that has mistakes. There ought to be a meme for this...
Re: (Score:2)
If for some obscure reason you should ever want to print something you 2-space type or display it in a monospaced font, you can just take your original text and use it as-is. Someone following the 1 space rule will need to co
Re: (Score:2)
Flat-out wrong. Two spaces after a period only if you're using an actual, physical typewriter or a monospaced font. [slate.com]
Not really. If you're using typography software (which is the perspective from which your slate.com article is arguing) then using one space is absolutely correct. However, that's only because tyopgraphy software automatically inserts the correct extra space after a period. Have a play with LaTeX sometime, you might be surprised.
For everything else, it's two spaces if you want your stuff to be fully readable. That's your call, of course, and a slightly subjective argument. But if you're arguing from a
all this bullshit (Score:1)
http://www.learningbooks.net/wholeword.html [learningbooks.net]
Yes, but (Score:5, Informative)
I agree about the security/privacy implications.
On SPOF though -
1. Amazon has a *huge* interest in keeping its cloud services up and running. Downtime is likely to be negligible.
2. From what I understand, the Silk browser can fall back to a more conventional mode of operation.
My stance on this is:
- Read and understand Amazon's privacy policy
- Decide how much you trust their security
- Put your Silk browser into client-only mode when you think it's appropriate -- e.g. when doing online banking.
Re: (Score:1)
1) Lehman Brothers had a vested interest in making sensible investments and not betting everything on the housing market. Diginotar had averted interest in securing their systems. Self interest doesn't guarantee success, especially when there is a cost.
2) I didn't realise there was a client only mode. That is good and I would use it for everything but I think it should be default for https connections.
I don't like any one company knowing too much about me, I already have Amazon knowing a fair bit about wha
Single point of failure? (Score:3, Insightful)
Well depending on how Amazon is using EC2, they could be doing the pre-caching in multiple zones so there may not be a single point of failure. But seriously, is this really a concern when:
1. The Kindle Fire screen, battery, PCB, etc are all a single point of failure
2. Your WiFi base station is probably a single point of failure
3. Your home cable/DSL modem is a single point of failure
4. The wires running between your home and the network POP is single point of failure
5. The DSLAM/whatever it's called in cable-speak is a single point of failure
6. etc etc etc
Yes, I know if you're using it at work you prolly have multiple WiFi access points and possibly redundant routers/connections to the internet, but why are you watching movies and playing angry birds at work?
Hell, the whole internet has gone down for large segments of the US due to construction workers/etc indiscriminately using backhoes to create huge fiber cuts, not to mention under sea cables being cut for various reasons.
I mean there's a lot of valid reasons why you may not want a Kindle Fire (I'm personally not interested in tablets at all), but I find this to be one of the weakest arguments out there.
Re: (Score:2)
But seriously, is this really a concern when: 1. The Kindle Fire screen, battery, PCB, etc are all a single point of failure
Sure, but there's no way to get rid of that aside from buying multiple devices. But we're talking about a different kind of problem here: if all Kindle Fires use this service, then you're introducing a single point of failure for *all* of these devices. A single problem in Amazon's services could cause all Kindle Fires to be completely unable to access web pages, even when the device and the internet connection are fine. What's more, it's an unnecessary single point point of failure.
Malda's single point of failure (Score:2)
not realizing when we don't give a crap about his opinion.
I know who he is and my first reaction was, so what.
Karma be damned, it felt good to type it.
As to the Fire, I will have one when it ships and it may be my Christmas gift to friends and family if it provides and ease of use for mail and surfing.
Re: (Score:1)
At first read, I swear that last sentence said "Ass to the Fire".
I sure hope there's not an app for that.
This is not a novel idea. (Score:1)
Re: (Score:2)
Opera Mini has been doing this for years.
Re: (Score:1)
Re: (Score:2)
Yes. Opera did it first. As usual!
Its all about the latency... (Score:4, Insightful)
This sort of structure for a web browser has huge potential latency savings.
Web pages consist of lots of pieces, from lots of places, and lots of dependencies. (Open up Firebug, open the HTTP console, and open up the New York Times to see). Latency is the huge limiting factor on page loads, and is why it takes 1.7 seconds for the NY Times to load for me, even though it only transfered 300 kB of data (which is only .12s on my Internet connection).
The Silk-style structure beats the latency bottleneck in two ways.
For NEW content, the Silk proxy is much closer to the content itself. If its just 20ms closer, that will still save 40ms for each dependent fetch from a different site, 20ms for each dependent fetch from an existing site.
And for content that Silk has CACHED, its even faster, shaving basically ALL latency off the fetch.
IT doesn't hurt that the Fire probably has too small a processor and too little memory to run a real browser, but the latency wins make this structure attractive even for real browsers.
Re: (Score:3)
And for content that Silk has CACHED, its even faster, shaving basically ALL latency off the fetch.
I shaved all the latency off my fetch too. Now it's silky smooth.
Re: (Score:2)
IT doesn't hurt that the Fire probably has too small a processor and too little memory to run a real browser
1.2GHz dual core ARM with 512MB of memory. That's plenty enough for a web browser. Plus, there are already multiple web browsers available on Amazon app store [amazon.com].
Re: (Score:1)
IT doesn't hurt that the Fire probably has too small a processor and too little memory to run a real browser, but the latency wins make this structure attractive even for real browsers.
That part's wrong -- it's an OMAP4 (TI's dual A9), which start from 1GHz or so, and is a more capable SoC than the Tegra2 (has dual-channel memory controller, NEON (SIMD for sound/video decoding), etc.); on par with the iPad 2, and significantly more powerful than most smartphones and tablets that have been running real Gecko and webkit browsers for years. 512MB RAM isn't a lot, but it's not tiny either -- no problem there.
Re: (Score:1)
I was going to suggest that you check out SPDY as another approach for improving latency of deeply-nested content, but it turns out that Amazon Silk actually uses the protocol in addition to any "cloud rendering" they have in the background.
I would have thought that high latency cell connections would have pushed us toward a pre-loading, single connection approach already, but apparently it's difficult to get the entire Internet to change...
HTTPS (Score:2)
Re: (Score:1)
You can turn off the proxying if you want the speed.
Re: (Score:2)
You don't understand how HTTPS works, do you?
Or maybe s/he does -- Amazon controls the browser AND controls the proxy, so we have to trust them to follow the rules.
If they rewrite the part of WebKit's TLS stack that checks certificates then they can successfully and silently man-in-the-middle any secure site.
How would you know this was happening? After all, iOS was subject to a similar "bug" for years before anyone noticed.
Jaded is polite. (Score:2)
Is this what we are in for? Hardware dependent on cloud services, essentially a dumb terminal with content pushed to it, an item relatively useless if there are no supporting cloud services.
I realize at this point that description doesn't fully fit Fire, but mobile tech seems to be headed that way, seemingly turning the Internet into TV.
Re: (Score:2)
I'm in two minds.
On the one hand, I agree with you. It would be very easy for this kind of thing to turn the Internet back into AOL. That would be bad.
On the other hand, it's a really cool way of squeezing a better experience out of cheap hardware.
So, I think that rather than dismissing it out of hand, we should be thinking of ways to protect ourselves and others from lockin and walled gardens, without throwing out the baby with the bathwater.
Can we flash it? (Score:2)
Opera Mobile (Score:2)
Isn't this basically the same thing? Albeit on a much larger scale and capability given Amazons (presumably) more numerous data centers and backbone capacity.
These concerns are way overblown (Score:2)
It is a consumer device that has a feature to make the browser a faster experience. I think we can live if the small chance that Amazon's cloud services can temporarily go down. There is concerns for security, but I don't think it is any worst than relying on Gmail for private email or Amazon to store your credit card information.
Amazon also is a reputable company that has lots of experience in cloud computing. They are going to be more reliable than most people can set up on their own. It is more likel
So what? (Score:3)
So, cloud services sometimes go down? My local browser client crashes occasionally too.
The point being that if it's a system that will allow (generally) faster/smoother delivery of content to mobile endusers, that's a great thing. Yes, the 'cloud' might fail occasionally, but I don't know if you've ever browsed through your phone before but it's a fairly shitty experience anyway, and you'd ostensibly have a current-standard client browser available as a backup if the cloud-failure is persistent, no?
STARSHIP TROOPERS (Score:2)
Anybody remember this awful movie? You must since it's on TBS every other weekend. Their idea of "interactive TV" was that things were still broadcast, but you get to vote, or something like that. This is what these passive media devices (tablets) are moving us towards. "The Cloud" provides us with TV and we watch it on our mobile device.
For interactivity, we get to vote, or perhaps read something of our choice (from what's available)... Sorta like cable TV is now with 1000 channels.
Starship Troopers (the m
It Can Be Turned Off (Score:4, Informative)
Amazon has stated that the split browsing mode is optional and can be turned off so that Silk is like a conventional browser accessing its content directly instead of from Amazon.
http://arstechnica.com/gadgets/news/2011/09/amazons-silk-web-browser-adds-new-twist-to-old-idea.ars
Opera (Score:3)
Opera Mini has the same problem.
Instead of avoiding the issue like Amazon though, they admit it openly: http://www.opera.com/mobile/help/faq/#security [opera.com]
I remember reading that FAQ few years ago, and they were even more candid about it. It used to say something along the lines of:
"Yes, technically we have access to every website you visit, even if it's encrypted. We promise, however to respect our user's privacy and never look, but ultimately it's up to you if you trust us. If you don't, please do not use Opera Mini to access sensitive websites".
Unfortunately I can't find that quote anymore. I guess some MBA must've found it "unprofessional" or something.
Re: (Score:2)
I know some banks block Opera Mini for this reason. I would think they'll block Silk too.
Re: (Score:2)
Don't worry, the First National Bank of Amazon will be opening soon. They'll happily let Silk go through.
Slashdot's recently departed editor? (Score:2)
Rob Malda has a blog .... (Score:2)
So he writes posts about technology and other news for.. well lets just call them socially awkward math wizards. And he has people commenting and discussing the stories ... That sounds like this other website he used to have... What was it called "slanty line -period" or something. .. Can't remember off the top of my head.
The target audience doesn't care (Score:2)
This thing isn't an iPad killer, to start with, it's deftly sidestepping that. This is a media consumption tablet. Stripping out all the things that confuse people is a positive - something that Apple figured out a long time ago and nerds just can't seem to get our withered mirror neurons around.
The people who are going to buy it to read books and magazines aren't going to care where their packets go. I do, but I also want my tablet to be a laptop replacement.
Indiana Jones returns... (Score:2)
Re: (Score:2)
Just like old times (Score:2)
Taco makes an ill thought out post that ignores important facts (like this being an optional service), slashdot readers work themselves into a frenzy arguing the minutiae of a scenario that isn't true, and then the rest of us just not reading the article and posting snide comments.
It's like he never left.
Single point of huh? (Score:1)
Cache for Speed (Score:2)
Well that's a dumb design (Score:2)
Will the MITM HTTPS? (Score:2)
So, will Amazon follow Opera Mini's lead (see http://www.opera.com/mobile/help/faq/#security [opera.com]) and rewrite WebKit's security stack so that it doesn't check SSL certificates?
That's the million dollar question, here.
I don't care if Amazon sees what my family does on the public internet. But if they're going to proxy my GMail, bank account, and other HTTPS sites, then we have a problem. And, most likely, a Congressional investigation. Because unlike Opera Mini, Silk isn't being billed as a stripped down mobile
Re: (Score:2)
I wonder how we'll be able to tell if they do this, anyway? Will they release the source code? Will they admit to it, if no one important enough asks?
You browse to a site that you own that supports SSL. You look at the access logs and see where your connection came from. If it came from your device then it's cool. If it came from an Amazon IP address then you have MITM and it's not cool. There are other variations with a self signed cert to see if something hollers. It won't take much to tell what is going on.
Re: (Score:2)
Duh! I forgot about client IP address. Thx.
Re: (Score:2)
Single Point of Failure (Score:1)
Man, I know what you mean I have the same problem with Firefox. When my internet connection goes down it won't load up facebook. I should submit a bug report. Totally unacceptable.
Stop with the links to other slashdot articles (Score:2)
And on the subject of off-topic moans, why are we still getting variations on "In a story from first-time submitter X..." No one cares.
Now, everyone off my lawn, I'm going for a lie down