eBooks security � theory and practice

Presented at DEF CON 9 (2001), July 15, 2001, 2 p.m. (50 minutes)

Security aspects of electronic books and documents, and a demonstration of how weak they are:

"standard" PDF encryption, Rot13 (used by New Paradigm Resources Group, Inc.), FileOpen (by FileOpen Systems), SoftLock (by SoftLock Services, Inc.), Adobe's Web Buy, Adobe's eBook Reader (GlassBook Reader) InterTrust DocBox plug-in.

Documents publishing in electronic form have a lot of advantages against traditional on-paper publishing. You could easily find list of such advantages on web server of any company, which provides eBook solutions. But nobody perfects, and there is one big problem that related with eBooks. Information in electronic form could be duplicated and transmitted, and there is no reliable way to take control over that processes. There are several solutions from different companies that were developed to prevent unauthorized distribution of the electronic documents.


Presenters:

  • Andy Malyshev
  • Dmitry Sklyarov
    My name is Dmitry Sklyarov. I'm employee of the ElcomSoft Company. As we have demonstrated in our speech on Black Hat Win2K Security (February 2001), encryption in Microsoft Office documents is very weak and password protection may be removed without any problems in most cases. In this speech I'll try to cover password protection aspects of electronic books and documents. The most attention will be paid to documents in PDF format.

Links:

Similar Presentations: