Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Formats > Workshop

Notices

Reply
 
Thread Tools Search this Thread
Old 09-05-2012, 11:01 AM   #1
bookme
Junior Member
bookme began at the beginning.
 
Posts: 2
Karma: 10
Join Date: Aug 2012
Device: kindle
pls advise if any open source platform for DRM on linux for small publishing company

I can't find out more info for "Project DReaM"
Is it still valid and active ?

Looking for open source DRM on linux platfrom both server side and eReader side.

Thanks ,guys.
bookme is offline   Reply With Quote
Old 09-05-2012, 11:12 AM   #2
JSWolf
Resident Curmudgeon
JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.JSWolf ought to be getting tired of karma fortunes by now.
 
JSWolf's Avatar
 
Posts: 73,510
Karma: 126422064
Join Date: Nov 2006
Location: Roslindale, Massachusetts
Device: Kobo Libra 2, Kobo Aura H2O, PRS-650, PRS-T1, nook STR, PW3
Open source DRM is silly. Being open source, the code would have to be released and what good is DRM when the code to how it works can be read by anybody and tools easily made to circumvent the DRM?

DRM is a waste of money and eBook DRM can already be removed very easily. Do you want to possibly screw your customers (those that buy and cannot remove the DRM)?
JSWolf is offline   Reply With Quote
Old 09-05-2012, 11:16 AM   #3
jgaiser
Omnivorous
jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.jgaiser ought to be getting tired of karma fortunes by now.
 
jgaiser's Avatar
 
Posts: 3,281
Karma: 27978909
Join Date: Feb 2008
Location: Rural NW Oregon
Device: Kindle Voyage, Kindle Fire HD, Kindle 3, KPW1
It isn't often I completely agree with Jon, but yeah... Open Source DRM is a contradiction in terms. Just forget about DRM and provide a good product. DRM has never prevented ebooks from being pirated.
jgaiser is offline   Reply With Quote
Old 09-05-2012, 11:31 AM   #4
pilotbob
Grand Sorcerer
pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.
 
pilotbob's Avatar
 
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
Quote:
Originally Posted by jgaiser View Post
It isn't often I completely agree with Jon, but yeah... Open Source DRM is a contradiction in terms. Just forget about DRM and provide a good product. DRM has never prevented ebooks from being pirated.
Well, I agree and disagree...

PGP was open source and that made it much better. As Phil Zimmermann the creator of PGP had said... and encryption algorithm that can be broken by simply knowing the algorithm is security by obscurity. PGP was secure because having the code didn't help if you didn't have the private key.

So, I disagree that an Open source DRM platform could not exist and be secure. Most "breaches" of DRM out there isn't actually a breach.... they are more decryptors that work with the keys which are retrieved from install of the various eReading software.

Where I agree...

DRM is a waste of time and money since it doesn't really stop unauthorized copying in any way.

BOb
pilotbob is offline   Reply With Quote
Old 09-05-2012, 11:39 AM   #5
Hellmark
Wizard
Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.
 
Hellmark's Avatar
 
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
Not necessarily. Encryption can be open source, and still be secure. I know how a safe works, but does that mean I can easily break into one? Encryption typically requires a key, or some variable to salt the hash (so the output changes). I can know the algorithm, but if I don't know all the information that was used to create the output, the data is still locked away. If I can cheat the system and get a key (as mentioned is how pretty much all known DRM removal apps work), then I can reverse the process. Otherwise, my only real option would be to brute force it, which is to basically guess what the key is, see if that produces an acceptable result, and try again if not.

As far as what the OP wants, probably won't find much. Most FLOSS guys are decidedly antiDRM, because it flies in the face of the spirit of open source (free and open sharing). On top of that, it would actually hinder sales, because then it would only work on devices that supported that particular DRM. For instance, if the OP publishes a book in a custom DRM method, it wouldn't be usable on really any ebook reader.
Hellmark is offline   Reply With Quote
Old 09-05-2012, 12:06 PM   #6
pdurrant
The Grand Mouse 高貴的老鼠
pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.
 
pdurrant's Avatar
 
Posts: 71,367
Karma: 305065800
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
Quote:
Originally Posted by pilotbob View Post
So, I disagree that an Open source DRM platform could not exist and be secure. Most "breaches" of DRM out there isn't actually a breach.... they are more decryptors that work with the keys which are retrieved from install of the various eReading software.
DRM requires that the end user's software has the key to decrypt the DRM. Open Source DRM would require that the location and specification of the key are readily available, along with the exact decryption algorithm.

Open Source DRM will remain 'secure' for a very, very short time.
pdurrant is offline   Reply With Quote
Old 09-05-2012, 12:29 PM   #7
pilotbob
Grand Sorcerer
pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.
 
pilotbob's Avatar
 
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
Quote:
Originally Posted by pdurrant View Post
Open Source DRM will remain 'secure' for a very, very short time.
I guess we have different descriptions of "secure". To me secure means that you can get to the plaintext contents of a file unless you have the key, even if you know the algorithm.

With ANY encryption, Key management is the weakest point. This is why eReader used the customers credit card number as the key... the figured people would not be willing to share that. Of course, knowing that you can use your credit card to decrypt a file and then share IT rather than your credit card.

So, Adobe DRM is not 'secure' (by your rendering) either. The fact that it is closed source didn't change the fact that once they key is available a cyphertext can be turned into plaintext very easily.

BOb
pilotbob is offline   Reply With Quote
Old 09-05-2012, 12:44 PM   #8
pdurrant
The Grand Mouse 高貴的老鼠
pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.
 
pdurrant's Avatar
 
Posts: 71,367
Karma: 305065800
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
Quote:
Originally Posted by pilotbob View Post
I guess we have different descriptions of "secure". To me secure means that you can get to the plaintext contents of a file unless you have the key, even if you know the algorithm.
You're using it in a technical sense about the encryption. I'm using it colloquially as a description of the entire system.
pdurrant is offline   Reply With Quote
Old 09-05-2012, 02:06 PM   #9
Hellmark
Wizard
Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.
 
Hellmark's Avatar
 
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
Quote:
Originally Posted by pdurrant View Post
DRM requires that the end user's software has the key to decrypt the DRM. Open Source DRM would require that the location and specification of the key are readily available, along with the exact decryption algorithm.

Open Source DRM will remain 'secure' for a very, very short time.
The thing is though, the key could be anything. OpenPGP is completely opensource, and operates on roughly the same principles as DRM, and is considered one of the most secure encryption methods available to the public. You don't hear about that getting cracked. It is not as simple as "the key must be stored here, so copy that and you're freely available to open it". And hell, even if you go based on your methods, that isn't any more secure than Adobe ADEPT or any of that stuff.
Hellmark is offline   Reply With Quote
Old 09-05-2012, 02:55 PM   #10
pdurrant
The Grand Mouse 高貴的老鼠
pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.
 
pdurrant's Avatar
 
Posts: 71,367
Karma: 305065800
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
Quote:
Originally Posted by Hellmark View Post
The thing is though, the key could be anything. OpenPGP is completely opensource, and operates on roughly the same principles as DRM, and is considered one of the most secure encryption methods available to the public. You don't hear about that getting cracked. It is not as simple as "the key must be stored here, so copy that and you're freely available to open it". And hell, even if you go based on your methods, that isn't any more secure than Adobe ADEPT or any of that stuff.
It is exactly as simple as "the key must be stored here, so copy that and you're freely available to open it".

Open Source software means the source code is available. So you can easily tell exactly how the key is stored or generated, and what algorithm is used to decode.

OpenPGP is secure (colloquially) because people keep their keys secret. A DRM system can't keep the keys secret. The end users's software must have the key for the end user to be able to read the book.
pdurrant is offline   Reply With Quote
Old 09-05-2012, 04:27 PM   #11
pholy
Booklegger
pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.pholy ought to be getting tired of karma fortunes by now.
 
pholy's Avatar
 
Posts: 1,801
Karma: 7999816
Join Date: Jun 2009
Location: Toronto, Ontario, Canada
Device: BeBook(1 & 2010), PEZ, PRS-505, Kobo BT, PRS-T1, Playbook, Kobo Touch
As pdurrant has pointed out, secret keys must be kept secret. If you have a closed group of trusted users, you can have open source DRM. If every reading device has the key somewhere on it, somebody will find it. All DVD drives have those secret keys, so somebody took one apart and read out the memory chips. Same thing could be done on a reader; but why bother when there is a Windows app with the key buried in it on my computer?
pholy is offline   Reply With Quote
Old 09-05-2012, 11:41 PM   #12
pilotbob
Grand Sorcerer
pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.
 
pilotbob's Avatar
 
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
There are ways to make DRM highly secure, but they would be very inconvenient.

The bottom line is, DRM does not stop copyright violations and is a waste of money. Can it be secure is a moot point.

BOb
pilotbob is offline   Reply With Quote
Old 09-06-2012, 09:45 AM   #13
Hellmark
Wizard
Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.
 
Hellmark's Avatar
 
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
Just because something is open source, doesn't mean the keys cannot be kept secret. There are a variety of ways to make things work. Using checksum and watermarked signatures for authentication of the app that passes the key, using an authentication server, multiple keys used in a non preset order, etc.

Security through obscurity is not security at all. Obfuscation only slows down attempts to figure out things, but people will eventually figure out how it works. It would have the same issues as DRM of any sort, open source or not. I mean, look at SecuROM, Mobi DRM, ADEPT, Fairplay, etc. All of them have been broken. You can't really crack them, but they can be stripped on an authenticated system. This is just an issue with DRM itself.
Hellmark is offline   Reply With Quote
Old 09-06-2012, 05:27 PM   #14
pilotbob
Grand Sorcerer
pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.pilotbob ought to be getting tired of karma fortunes by now.
 
pilotbob's Avatar
 
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
Hellmark.. we keep saying the same thing and people aren't listening.



BOb
pilotbob is offline   Reply With Quote
Old 09-07-2012, 04:13 AM   #15
Jellby
frumious Bandersnatch
Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.Jellby ought to be getting tired of karma fortunes by now.
 
Jellby's Avatar
 
Posts: 7,514
Karma: 18512745
Join Date: Jan 2008
Location: Spaniard in Sweden
Device: Cybook Orizon, Kobo Aura
An encrypted message can be secure if both parties have an interest in keeping it secure. But attempting to keep a message secret when one the receptor is willing to release the unencrypted message to the public is fundamentally flawed.
Jellby is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Pls advise - uploading US public domain books GrannyGrump Upload Help 6 09-28-2012 07:19 AM
Penguin launches self-publishing platform L.J. Sellers News 13 11-21-2011 06:24 PM
chinese fonts not showing, pls advise icaria Recipes 1 10-09-2010 11:31 PM
Mac epub issue - pls advise :) kristabee Workshop 1 01-25-2009 06:26 PM
OCRopus - Google's open source Linux software Bob Russell News 1 10-24-2007 10:14 PM


All times are GMT -4. The time now is 03:51 AM.


MobileRead.com is a privately owned, operated and funded community.