[free-sklyarov] http://www.adobe.com/support/ebookrdrfaq.html

Seth David Schoen schoen at loyalty.org
Sun Jul 22 09:59:44 PDT 2001 

Anton Chterenlikht writes:

> Guys,
> 
> Try to go to
> http://www.adobe.com/support/ebookrdrfaq.html
> 
> and click on:
> 
> How can I be sure buying from the Adobe Bookstore is safe?
> 
> There is NO answer!!!!!!!!!!

I think people should be careful with this "safe"/"secure" business.
In traditional computer security, the interests of the users are
normally aligned with the interests of the system administrator or
network administrator (or two users are communicating with one
another, and their interests are aligned with one another).

In DRM, the interests of the users are _not_ aligned with the
interests of those who are designing the system; the principal
adversary in this security model _is the customer_.  Thus, if
consumers speak of DRM systems being "secure", they should realize
that this means _secure against them_, _secure in preventing what they
want to do_.

A "safe" eBook is an eBook that blind users can't have read aloud to
them, if the publisher didn't want it read aloud.

Let me say that again:

A "secure" eBook is an eBook that blind users can't have read aloud to
them, if the publisher didn't want it read aloud.

This gets back to how DRM security engineering is totally different
from ordinary security engineering.  In ordinary security engineering,
you don't give out your keys to your adversary, because you aren't
trying to share information with your adversary.

Once again: if I send you encrypted e-mail, I expect that you can
decrypt it; it's not considered "breaking" the security of the system
when you decrypt and view my message.  If a publisher sends you
encrypted content in a DRM system, the publisher considers it
"breaking" the security when you decrypt it, because you are the
adversary.  Yet your computer has to have software to decrypt the
content, if you are going to view it at all.

Therefore Sklyarov did show that the system was insecure _for the
purpose for which it was designed_, from the point of view of Adobe
and of publishers.  However, from the point of view of consumers,
eBooks became more useful because they could now once again make the
ordinary uses they expect to be able to make with PDF files.  Per
Gilmore's "What's Wrong With Copy Protection", there is no reason that
end-users should want the "security" for which some naive publishers
have been hoping.

This point is common-place on the dvd-discuss list (there is no reason
consumers should respect the "region coding" system, which has no
direct support in law but was honored by all the technologies approved
by the DVD publishers) but I don't know that it's sunk in yet over
here.

This is difficult to explain, but it's why there is no reason to
associate Sklyarov with the "hackers" who read your e-mail or steal
your credit card numbers or whatever.  They find insecurities where
the public expects security.  Sklyarov found insecurities where only a
few publishers hoped for security.

This is somewhat different from Izel Sulam's arguments and I don't
know the best way to reconcile the two.

-- 
Seth David Schoen <schoen at loyalty.org>  | And do not say, I will study when I
Temp.  http://www.loyalty.org/~schoen/  | have leisure; for perhaps you will
down:  http://www.loyalty.org/   (CAF)  | not have leisure.  -- Pirke Avot 2:5

More information about the Free-sklyarov mailing list