Hello, thought I might pitch in with some information as I have worked with the pdf-security-scheme.
CommanderROR: You are correct that you are stuck with bad compatibility or bad protection. If someone can access the content they can also create a new pdf with the same content but without the protection rather easily.
Owner-password does not give ANY protection from this in the current scheme and as I stated above it is quite clear that it cannot provide any protection as long as the user can access the content.
The only protection that works is to give only users that you trust access to the content and even then, these users may extract the content that they have access to and produce a copy without protection.
A scheme that might work in the future is to have hardware DRM that remove a user the right to do what they want with their computer and by that enforcing the restrictions you set, but, as always we have the analog hole even then and you can always (it might be more or less hard though) reproduce the content manually by creating a completly new copy.
Current PDF-files are really quite easy to break if you know the user-password or if it is unencrypted. If the user-password is null and the document unencrypted it is as easy as recalculating the checksum that it is matched to with the new permission you want to set. If the document is encrypted with null-password, all you need to do is to decrypt and write back the unencrypted information and then recalculate the checksum (and possible the file-offsets), and if you have a userpassword that the user have access to or manages to crack you can rather easily unencrypt and then do the above (and maybe recalculate the checksum).
Instead of recalculating the checksum you might remove the encryption-object in the trailer alltogther.
|