Thread: Sony Reader Lives on with Rowling!
View Single Post
Old 06-24-2011, 01:07 PM   #111
anamardoll
Chasing Butterflies
anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.anamardoll ought to be getting tired of karma fortunes by now.
 
anamardoll's Avatar
 
Posts: 3,132
Karma: 5074169
Join Date: Mar 2011
Location: American Southwest
Device: Uses batteries.
Quote:
Originally Posted by charleski View Post
A verified name and address is far more useful to them for this purpose. It's easy to filter out and disallow chargecards that aren't associated with verified personal information.

Kobo certainly does keep your credit card number on-file. As does Amazon, as does Apple, as do a lot of online retailers.

If your concern about security is genuine then your only option is not to shop online at all. But frankly, I think this is nothing more than a straw-man.

DRM is obnoxious because it endangers the property rights of the purchaser - you're restricted from enjoying your purchase in the manner of your choice, you can't (responsibly) lend it to others, and when the central servers go down you're deprived of it entirely. Watermarking has none of these problems and when used on film screeners has proven success in restricting the flow of material to file-sharing sites. Ditching DRM and moving to watermarked open-format ebooks would benefit both producers and consumers immensely.
I would like evidence that Kobo keeps my credit card on file for decades if I don't click the "remember my card information" button at checkout. Everything I have read is that most big business do not do this because it is a nightmare situation when (NOT if) their databases are hacked. That's why it's such a big deal when someone like Sony doesn't follow this best practice and then they announce they probably lost 77 million CC#s in the most recent hack.

Big business are also subject to government audits to check their firewalls. Small businesses regularly skate under the radar. I am more confident that, say, Amazon.com is doing the legally-mandated regular checks on their firewalls than I am for this brand new "Pottermore" company who knows so little about the technology they're getting into that they can make a statement like "all devices read ePubs".

DWs *are* DRM and this meme that they're not is already annoying. I've yet to hear a definition for "digital rights management" that doesn't cover watermarking. It's not the sort of DRM that will lock you out of using the book on multiple devices, but it is still DRM.

I've already explained why I don't want to provide my CC# to a company to be either (a) stored forever or (b) embedded in a file that will live on multiple unsecure devices. You call that paranoid, I call it good practice. Can we agree to disagree?

As for the rest, I'm not comfortable signing up to be considered at fault by Pottermore and the FBI and whoever else if a digital file I buy somehow leaves my possession. I store my eBooks on my laptop, on my 4 eReaders, on my phone, and on a Dropbox account that is technically "public" but requires a direct link -- in theory -- in order to get to. But then, last week alone, Dropbox had an error that meant that ANY password was accepted in order to access someone's account. So, hell, my entire library could be on a torrent site right now because someone accessed my Dropbox account and I wouldn't know.*

Quote:
In other words, for about four hours, there was NO security in place at Dropbox. As long as somebody entered an email address belonging to one of some 25 million Dropbox customers (as of the company's April press release), the password field would have accepted any series of characters to allow a login to access the account. Less than 1% means that up to 250,000 people were on the Dropbox system during the period in which there was essentially no barrier to browsing and/ or downloading any user's personal files and information.
* Thank god I was "paranoid" to use a strong email at Dropbox instead of my publicly-posted Amazon/Blog/MobileReads email. Sometimes it pays to be a raving nut.

There are several points of potential access where someone could steal a ebook from me, and I've accepted that risk. (Heck, someone could steal a book from my house or from my bookbag on the bus -- I've accepted that too.) I've taken the appropriate safeguards I feel are necessary, but I'm not going to keep all my eBooks on a single reader that never leaves a safe deposit box in order to keep them safe for Rowling. If someone does access my files and share them with other people, I'm not going to be held responsible for that because the Pottermore folks embedded DRM tracking into my eBook file.

And the thing is, if someone HAD accessed my Dropbox account and pulled my library, I wouldn't be able to prove that I didn't load my books onto the torrent site where the Pottermore folks eventually found it. Heck, I haven't seen the TOS yet (obviously) but they'd probably argue that merely loading it onto Dropbox so that my phone can download my library remotely is a TOS violation.

So, yeah, call me paranoid, but these are the security concepts that are drilled into me daily as part of my current job. I'm not going to be treated like a potential criminal with DRM-trace embedded data that will hold me at fault if my file gets stolen -- not when there's currently no way to prove my innocence in a situation like that.
Last edited by anamardoll; 06-24-2011 at 01:18 PM.
anamardoll is offline   Reply With Quote