Security Review: Kindle

The Kindle is a portable, electronic, wireless source that allows its users to purchase and read a multitude of books. Books can be purchased online through Amazon.com. Along with these features, The Kindle can also access the Internet. Throughout the past two years, the Kindle has become a very hot item for individuals of all ages because of its convenient and portable nature.
Considering The Kindle is portable and can easily be stolen, I would want it to have a pass code entry. Immediately after turning The Kindle to the on position, a password should be required. Also, if The Kindle goes idle, a password should be necessary. In order to purchase a book on a Kindle, the user must click on the “Buy” tab. The user’s credit card information “is linked to Amazon’s One-Click purchase capability. Therefore, if someone were to steal the Kindle, he/she could obtain personal and financial account information. As well as a locked entry, there should be certain security measures taken because it is a wireless device. Just like any other wireless device, it is possible for a hacker to find a vulnerability in the system and gain personal information.
If I were attempting to find the Kindle user’s credit card information, I would simply need to steal the device and attempt to buy a book. Considering there is no password required to start the device, a hacker would not need to break a code. There is most likely a place to account settings, and the hacker could then easily gain the user’s credit card information.
I believe the owner of the system should accept the risk and continue selling The Kindle. As of now, there have been no major security breaches involving The Kindle. Also, a hacker stealing one device would only allow that hacker to gain one person’s private information. Most advanced hackers are going to hack on a much larger scale than this.

Source: http://rationalsecurity.typepad.com/blog/2009/02/amazons-kindle-some-interesting-security-thoughts.html