|
|
Thread Tools | Search this Thread |
09-05-2012, 11:01 AM | #1 |
Junior Member
Posts: 2
Karma: 10
Join Date: Aug 2012
Device: kindle
|
pls advise if any open source platform for DRM on linux for small publishing company
I can't find out more info for "Project DReaM"
Is it still valid and active ? Looking for open source DRM on linux platfrom both server side and eReader side. Thanks ,guys. |
09-05-2012, 11:12 AM | #2 |
Resident Curmudgeon
Posts: 73,677
Karma: 128176798
Join Date: Nov 2006
Location: Roslindale, Massachusetts
Device: Kobo Libra 2, Kobo Aura H2O, PRS-650, PRS-T1, nook STR, PW3
|
Open source DRM is silly. Being open source, the code would have to be released and what good is DRM when the code to how it works can be read by anybody and tools easily made to circumvent the DRM?
DRM is a waste of money and eBook DRM can already be removed very easily. Do you want to possibly screw your customers (those that buy and cannot remove the DRM)? |
09-05-2012, 11:16 AM | #3 |
Omnivorous
Posts: 3,281
Karma: 27978909
Join Date: Feb 2008
Location: Rural NW Oregon
Device: Kindle Voyage, Kindle Fire HD, Kindle 3, KPW1
|
It isn't often I completely agree with Jon, but yeah... Open Source DRM is a contradiction in terms. Just forget about DRM and provide a good product. DRM has never prevented ebooks from being pirated.
|
09-05-2012, 11:31 AM | #4 | |
Grand Sorcerer
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
|
Quote:
PGP was open source and that made it much better. As Phil Zimmermann the creator of PGP had said... and encryption algorithm that can be broken by simply knowing the algorithm is security by obscurity. PGP was secure because having the code didn't help if you didn't have the private key. So, I disagree that an Open source DRM platform could not exist and be secure. Most "breaches" of DRM out there isn't actually a breach.... they are more decryptors that work with the keys which are retrieved from install of the various eReading software. Where I agree... DRM is a waste of time and money since it doesn't really stop unauthorized copying in any way. BOb |
|
09-05-2012, 11:39 AM | #5 |
Wizard
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
|
Not necessarily. Encryption can be open source, and still be secure. I know how a safe works, but does that mean I can easily break into one? Encryption typically requires a key, or some variable to salt the hash (so the output changes). I can know the algorithm, but if I don't know all the information that was used to create the output, the data is still locked away. If I can cheat the system and get a key (as mentioned is how pretty much all known DRM removal apps work), then I can reverse the process. Otherwise, my only real option would be to brute force it, which is to basically guess what the key is, see if that produces an acceptable result, and try again if not.
As far as what the OP wants, probably won't find much. Most FLOSS guys are decidedly antiDRM, because it flies in the face of the spirit of open source (free and open sharing). On top of that, it would actually hinder sales, because then it would only work on devices that supported that particular DRM. For instance, if the OP publishes a book in a custom DRM method, it wouldn't be usable on really any ebook reader. |
09-05-2012, 12:06 PM | #6 | |
The Grand Mouse 高貴的老鼠
Posts: 71,428
Karma: 305784726
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
|
Quote:
Open Source DRM will remain 'secure' for a very, very short time. |
|
09-05-2012, 12:29 PM | #7 | |
Grand Sorcerer
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
|
Quote:
With ANY encryption, Key management is the weakest point. This is why eReader used the customers credit card number as the key... the figured people would not be willing to share that. Of course, knowing that you can use your credit card to decrypt a file and then share IT rather than your credit card. So, Adobe DRM is not 'secure' (by your rendering) either. The fact that it is closed source didn't change the fact that once they key is available a cyphertext can be turned into plaintext very easily. BOb |
|
09-05-2012, 12:44 PM | #8 |
The Grand Mouse 高貴的老鼠
Posts: 71,428
Karma: 305784726
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
|
You're using it in a technical sense about the encryption. I'm using it colloquially as a description of the entire system.
|
09-05-2012, 02:06 PM | #9 | |
Wizard
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
|
Quote:
|
|
09-05-2012, 02:55 PM | #10 | |
The Grand Mouse 高貴的老鼠
Posts: 71,428
Karma: 305784726
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Voyage
|
Quote:
Open Source software means the source code is available. So you can easily tell exactly how the key is stored or generated, and what algorithm is used to decode. OpenPGP is secure (colloquially) because people keep their keys secret. A DRM system can't keep the keys secret. The end users's software must have the key for the end user to be able to read the book. |
|
09-05-2012, 04:27 PM | #11 |
Booklegger
Posts: 1,801
Karma: 7999816
Join Date: Jun 2009
Location: Toronto, Ontario, Canada
Device: BeBook(1 & 2010), PEZ, PRS-505, Kobo BT, PRS-T1, Playbook, Kobo Touch
|
As pdurrant has pointed out, secret keys must be kept secret. If you have a closed group of trusted users, you can have open source DRM. If every reading device has the key somewhere on it, somebody will find it. All DVD drives have those secret keys, so somebody took one apart and read out the memory chips. Same thing could be done on a reader; but why bother when there is a Windows app with the key buried in it on my computer?
|
09-05-2012, 11:41 PM | #12 |
Grand Sorcerer
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
|
There are ways to make DRM highly secure, but they would be very inconvenient.
The bottom line is, DRM does not stop copyright violations and is a waste of money. Can it be secure is a moot point. BOb |
09-06-2012, 09:45 AM | #13 |
Wizard
Posts: 2,549
Karma: 3799999
Join Date: Jun 2009
Location: O'Fallon, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight, Kindle 3
|
Just because something is open source, doesn't mean the keys cannot be kept secret. There are a variety of ways to make things work. Using checksum and watermarked signatures for authentication of the app that passes the key, using an authentication server, multiple keys used in a non preset order, etc.
Security through obscurity is not security at all. Obfuscation only slows down attempts to figure out things, but people will eventually figure out how it works. It would have the same issues as DRM of any sort, open source or not. I mean, look at SecuROM, Mobi DRM, ADEPT, Fairplay, etc. All of them have been broken. You can't really crack them, but they can be stripped on an authenticated system. This is just an issue with DRM itself. |
09-06-2012, 05:27 PM | #14 |
Grand Sorcerer
Posts: 19,832
Karma: 11844413
Join Date: Jan 2007
Location: Tampa, FL USA
Device: Kindle Touch
|
Hellmark.. we keep saying the same thing and people aren't listening.
BOb |
09-07-2012, 04:13 AM | #15 |
frumious Bandersnatch
Posts: 7,514
Karma: 18512745
Join Date: Jan 2008
Location: Spaniard in Sweden
Device: Cybook Orizon, Kobo Aura
|
An encrypted message can be secure if both parties have an interest in keeping it secure. But attempting to keep a message secret when one the receptor is willing to release the unencrypted message to the public is fundamentally flawed.
|
Thread Tools | Search this Thread |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Pls advise - uploading US public domain books | GrannyGrump | Upload Help | 6 | 09-28-2012 07:19 AM |
Penguin launches self-publishing platform | L.J. Sellers | News | 13 | 11-21-2011 06:24 PM |
chinese fonts not showing, pls advise | icaria | Recipes | 1 | 10-09-2010 11:31 PM |
Mac epub issue - pls advise :) | kristabee | Workshop | 1 | 01-25-2009 06:26 PM |
OCRopus - Google's open source Linux software | Bob Russell | News | 1 | 10-24-2007 10:14 PM |