DRM PDFs (and SED and ETD ...)
 

Johannes Wiedersich on 29/05/08 09:02, wrote:

On 2008-05-28 20:36, Adam Hardy wrote:

Just thought I'd ask, even though my web searches don't reveal anything
but Adobe promises and work-arounds involving printing to postscript on
a windows box first - but is there software for linux to read DRM pdfs?


I don't know, if I understand you correctly. If you just want to read a
DRM pdf, there are various linux tools as suggested. I've had good luck
with kpdf so far, but xpdf and others might work as well. Those tools
actually ignore (or can be configured to ignore) most of the restrictions.


I haven't found any configuration on any package (xpdf, acroread, evince, pdftk,
kpdf) for ignoring security. In fact you're the second person to say that, but
the man pages don't contain any reference to overriding passwords. Are you sure?




If just the DRM is so 'enhanced' that it won't work with those, there is
also Adobe's acroread.


That's the first package I tried - but Adobe haven't upgraded it yet to
understand security, so it balks at loading the file at all.




If a pdf is password protected, however, you still require the password.
As mentioned, there are password crackers around, but those might
fail/take a very long time, if the password is long and complex.


Tried pdfcrack, haven't found any others.

After looking at the website providing the pdf that I am trying to read, I
realise I must be wrong in my assumption that this pdf file has a password - I
just assumed it would. It's a test pdf provided by the British Library to let
readers check that their set-up can handle the secure electronic delivery.


So the pdf must be written with instructions that link back to the British
Library to control printing - they let you print once and once only (and you
must be online of course for the security to verify with their website).


However evince and kpdf ask me for a password, and pdfcrack says it can't deal
with this version.


So the British Library gives the reader the following ETD (xml), rather than the
PDF,


http://edd.bl.uk/fulfill/ebx.etd?action=free&ordersource=live&bookid=DOI:SE DSuccess&gbdetect=true


and then Adobe Acrobat (or the new version, Digital Editions) grabs the PDF:

http://w2k-edd2.bl.uk/bookbytes/ebx_DOI_SEDSuccess.pdf

and checks operations against some security at the British Library.

There's an attribute in the ETD xml called <nonce> with what looks like an
encrypted value - that is presumably a key for the server, not the PDF password.


Here's their advice (with typical linux fob-off):

http://www.bl.uk/reshelp/atyourdesk/docsupply/productsservices/sed/sedfaq/index.html


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

DRM PDFs (and SED and ETD ...)
 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2008-05-29 13:52, Adam Hardy wrote:
> Johannes Wiedersich on 29/05/08 09:02, wrote:
>> On 2008-05-28 20:36, Adam Hardy wrote:
>>> Just thought I'd ask, even though my web searches don't reveal anything
>>> but Adobe promises and work-arounds involving printing to postscript on
>>> a windows box first - but is there software for linux to read DRM pdfs?
>>
>> I don't know, if I understand you correctly. If you just want to read a
>> DRM pdf, there are various linux tools as suggested. I've had good luck
>> with kpdf so far, but xpdf and others might work as well. Those tools
>> actually ignore (or can be configured to ignore) most of the
>> restrictions.
>
> I haven't found any configuration on any package (xpdf, acroread,
> evince, pdftk, kpdf) for ignoring security. In fact you're the second
> person to say that, but the man pages don't contain any reference to
> overriding passwords. Are you sure?

kpdf: settings -> konfigure kpdf -> "Obey DRM restrictions

However this apparently works only for the 'traditional' DRM stuff (I'm
on lenny).

>> If just the DRM is so 'enhanced' that it won't work with those, there is
>> also Adobe's acroread.
>
> That's the first package I tried - but Adobe haven't upgraded it yet to
> understand security, so it balks at loading the file at all.

- From Adobe's web site:
http://www.adobe.com/products/digitaleditions/systemreqs/

it appears this 'feature' is only available for Wind0w$ and Mac l00sers.

I guess you are out of luck here.

Since it appears to contradict the mission of the British Library [1]
that the part of the population that uses linux and/or other OS is
excluded from this service, I would complain directly. I don't think
this will solve your problems in the short term, but hopefully in the
long term...

YMMV, good luck,

Johannes

[1] http://www.bl.uk/aboutus/foi/overview/index.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIPqmjC1NzPRl9qEURAkalAJ9lw2VSDhHFIq0I4bJnk1 8G+WCZKwCdFOM1
RbWJnirO4KPWg4LZPW+R/HE=
=y3Vh
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

DRM PDFs (and SED and ETD ...)
 

Johannes Wiedersich on 29/05/08 14:03,wrote:

Just thought I'd ask, even though my web searches don't reveal anything
but Adobe promises and work-arounds involving printing to postscript on
a windows box first - but is there software for linux to read DRM pdfs?

I don't know, if I understand you correctly. If you just want to read a
DRM pdf, there are various linux tools as suggested. I've had good luck
with kpdf so far, but xpdf and others might work as well. Those tools
actually ignore (or can be configured to ignore) most of the
restrictions.

I haven't found any configuration on any package (xpdf, acroread,
evince, pdftk, kpdf) for ignoring security. In fact you're the second
person to say that, but the man pages don't contain any reference to
overriding passwords. Are you sure?


kpdf: settings -> konfigure kpdf -> "Obey DRM restrictions

However this apparently works only for the 'traditional' DRM stuff (I'm
on lenny).


Thanks for the pointer, although it doesn't work for me. I unclick the option,
click OK, open the document and the first thing it does is ask me for a password.




--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

DRM PDFs (and SED and ETD ...)
 

Johannes Wiedersich on 29/05/08 14:03, wrote:

- From Adobe's web site:
http://www.adobe.com/products/digitaleditions/systemreqs/

it appears this 'feature' is only available for Wind0w$ and Mac l00sers.

I guess you are out of luck here.

Since it appears to contradict the mission of the British Library [1]
that the part of the population that uses linux and/or other OS is
excluded from this service, I would complain directly. I don't think
this will solve your problems in the short term, but hopefully in the
long term...

YMMV, good luck,

Johannes

[1] http://www.bl.uk/aboutus/foi/overview/index.html


Is there a linux evangelism group somewhere who would be interested in this?


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

DRM PDFs (and SED and ETD ...)
 

On Fri, May 30, 2008 at 10:19:39AM +0100, Adam Hardy wrote:
> Johannes Wiedersich on 29/05/08 14:03, wrote:
>> - From Adobe's web site:
>> http://www.adobe.com/products/digitaleditions/systemreqs/
>>
>> it appears this 'feature' is only available for Wind0w$ and Mac l00sers.
>>
>> I guess you are out of luck here.
>>
>> Since it appears to contradict the mission of the British Library [1]
>> that the part of the population that uses linux and/or other OS is
>> excluded from this service, I would complain directly. I don't think
>> this will solve your problems in the short term, but hopefully in the
>> long term...
>>
>> YMMV, good luck,
>>
>> Johannes
>>
>> [1] http://www.bl.uk/aboutus/foi/overview/index.html
>
> Is there a linux evangelism group somewhere who would be interested in this?

Just find the folks who want the bbc to make iplayer linux compatible?
--
| .'`. == Debian GNU/Linux == | my web site: |
| : :' : The Universal |mysite.verizon.net/kevin.mark/|
| `. `' Operating System | go to counter.li.org and |
| `- http://www.debian.org/ | be counted! #238656 |
| my keyserver: subkeys.pgp.net | my NPO: cfsg.org |
|join the new debian-community.org to help Debian! |
|_______ Unless I ask to be CCd, assume I am subscribed _______|


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

DRM PDFs (and SED and ETD ...)
 

On Fri, May 30, 2008 at 10:17:56 +0100, Adam Hardy wrote:
> Johannes Wiedersich on 29/05/08 14:03,wrote:
>>>>> Just thought I'd ask, even though my web searches don't reveal anything
>>>>> but Adobe promises and work-arounds involving printing to postscript on
>>>>> a windows box first - but is there software for linux to read DRM pdfs?
>>>> I don't know, if I understand you correctly. If you just want to read a
>>>> DRM pdf, there are various linux tools as suggested. I've had good luck
>>>> with kpdf so far, but xpdf and others might work as well. Those tools
>>>> actually ignore (or can be configured to ignore) most of the
>>>> restrictions.
>>> I haven't found any configuration on any package (xpdf, acroread,
>>> evince, pdftk, kpdf) for ignoring security. In fact you're the second
>>> person to say that, but the man pages don't contain any reference to
>>> overriding passwords. Are you sure?
>>
>> kpdf: settings -> konfigure kpdf -> "Obey DRM restrictions
>>
>> However this apparently works only for the 'traditional' DRM stuff (I'm
>> on lenny).
>
> Thanks for the pointer, although it doesn't work for me. I unclick the
> option, click OK, open the document and the first thing it does is ask me
> for a password.

If you uncheck "Obey DRM restrictions" then all the restrictions imposed
by the owner password (e.g. no high-resolution printing, no copying or
modification of the content) will be ignored.

Your document has a user password, which means that its content is
encrypted and can only be accessed if you have the correct decryption
key (which is derived from the user password).

Tools like pdfcrack mostly rely on the fact that many humans tend to
choose not-too-strong passwords of moderate length, often more or less
directly derived from dictionary words. In your case the user password
is retrieved from the authentication server by this windows-only
security plug-in; no human being ever has to remember this password, so
there is little hope that it will be a string that can easily be guessed
by pdfcrack. AFAIK, the decryption key is 128 bit and it is not feasible
to brute-force it in a reasonable time if the dictionary attack fails
(unless you can find a weakness in the cryptographic algorithm or you
have very unusual hardware).

--
Regards, | http://users.icfo.es/Florian.Kulzer
Florian |


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org