MobileRead Forums - View Single Post - The Kobo DRM-free epub fiasco

DiapDealer · 02-13-2015, 03:18 PM

It's a fair point that B&Ns "direct downloads" could conceivably be considered "less secure" than the ACSM download/ACS fulfillment process that most other epub retailers use. And that from a strict "security" sense, B&Ns changes have seemed to put their security "on par" with the other retailers.

Ignoring for the moment, of course, the fact that all the direct downloads are actually still available on B&N's servers. Only the hyperlinks to those files have been removed in users' libraries. That's how TamperMonkey is able to simply recreate the missing links to files that are still very much available (and technically just as insecure as they were for users whose keys remain unchanged).

Changing their key generation wholesale and leaving the download links in place would have been more "secure" than removing the links and only changing some (including new) users keys.

02-13-2015, 03:18 PM	#269
DiapDealer Grand Sorcerer Posts: 28,744 Karma: 206739468 Join Date: Jan 2010 Device: Nexus 7, Kindle Fire HD	It's a fair point that B&Ns "direct downloads" could conceivably be considered "less secure" than the ACSM download/ACS fulfillment process that most other epub retailers use. And that from a strict "security" sense, B&Ns changes have seemed to put their security "on par" with the other retailers. Ignoring for the moment, of course, the fact that all the direct downloads are actually still available on B&N's servers. Only the hyperlinks to those files have been removed in users' libraries. That's how TamperMonkey is able to simply recreate the missing links to files that are still very much available (and technically just as insecure as they were for users whose keys remain unchanged). Changing their key generation wholesale and leaving the download links in place would have been more "secure" than removing the links and only changing some (including new) users keys.