*bump*
I don't have a solution for changing the proxy settings on a K3 yet, but some relevant links and more questions.
Does the K3 proxy all wifi traffic through the amazon proxy at fints-g7g.amazon.com?
This page says about the K2,
Quote:
|
One slightly terrifying thing I noted in the NetFront configuration file on the Kindle 2 - All traffic is proxied through fints-g7g.amazon.com, Amazon's Kindle web proxy. HTTP and HTTPS alike are proxied on port 80. Amazon can see what you're downloading, even if you "use SSL." (As could anybody who could sniff your EVDO traffic, but I'm told that's something that's only easy if the attacker is running MovieOS). I know there are solid technical reasons for this decision on Amazon's part. It doesn't exactly make me comfortable.
|
Is this actually true for K3 wifi browsing?!! I'm having trouble with a wifi tcpdump, so I haven't been able to verify this.
Confusingly, I also cannot figure out how or where the K3 sets its proxy settings or even User Agent. The K3 file "/opt/amazon/ebook/config/browser_wv.conf" sets up the UA "Mozilla/4.0 (compatible; Linux 2.6.22) NetFront/3.4 Kindle/2.2", but when I browse to
whatsmyuseragent.com, it says "Mozilla/5.0 (Linux; U; en-US) AppleWebKit/528.5+ (KHTML, like Gecko, Safari 528.5+) Version/4.0 Kindle 3.0 (screen 600x800; rotate)". And grepping for ''Mozilla/5.0" on the entire K3's file system turns up nothing.
Peter Hannay has some great tips in his talk "
Hooray for Reading: Hacking the Kindle", but how to set up a non-Amazon proxy still isn't clear.
Is Amazon proxying all Kindle wifi traffic, including HTTPS? If true, this is very disturbing and highly insecure. Does Amazon have a stated privacy policy about such traffic? Does Amazon state if they log or track web traffic from Kindles?
Does anyone have any ideas how to set up a Kindle browser to use a secure wifi proxy?