Best Practices For Using PDF Security Software
We have discussed the effectiveness of copy protection in
PDF security software before, which is the prevention of copy of the PDF contents while open and on display, so this article will deal with the prevention of sharing and unauthorized distribution, which can for some be a more important issue, because if a PDF document can be shared, there is no need to copy it. All the thief has to do is save the file and send that file to whoever they please.
Having exam questions or secret recipes distributed to all and sundry has diabolical consequences, so let us look at what can be done to prevent such unauthorized distribution of your company secrets, intellectual property and private data.
There is absolutely no way that one can prevent the copy of files once presented with an example of that file. At least not within anyone's realistic budget that is. There has been millions spent on the research and development of file protection, but the best that they came up with was locking a file to its storage media, such as CD or DVD, in which the decryption key for the file is stored in a secret partition on the disk. But even that has been exploited because being used to protect full feature films it has been a prime target for hackers. In fact throughout Asia, the distribution of pirated copies of new film releases and software is big business and a national sport... anything to deprive capitalists of a dollar.
In Malaysia I found some shopping centers with numerous stores selling the latest films and software for about $5 each. That's right, cheap as chips, and the place to get the latest release of AutoCad which usually costs several thousand dollars per license. Apparently the pirates are so well organized that they can distribute new releases within a couple of weeks, complete with a printed user-guide. Sure, the piracy is illegal, but the penalties are superficial. Every now and then the authorities make an example of one store, confiscate their goods and fine them a small amount. But usually, that store owner is back in business within 30 days.
Now AutoCad and other top level softwares are often protected by a "dongle" which looks like a printer port adaptor, that stores the serial number required to unlock and run the software. But that hasn't prevented the pirates who somehow must be getting software and dongle to unlock the software to reproduce it. No doubt the only entities going to that length, paying out big bucks to get unlocked software, must be well organized and with massive distribution networks for the resale of those pirated items. My impression was that anyone wanting to open a store could easily open an account with the pirates.
Anyway, enough of that, but by now you have a idea of the lengths that pirates will go and that preventing "file copy" is not a viable solution for most. So what can be done that is effective yet affordable?
Scammers within the copy protection industry tout "password protection" as DRM (Digital Rights Management) but it does nothing to prevent sharing of the password that opens an otherwise protected and encrypted file. Leaving the best recourse to using proper DRM in which the vendor has control over just who does have access rights to open their file. To properly prevent sharing the PDF document needs to be locked to individual users by requiring validation in the form of MAC address or unique Computer ID.
Only on Windows computers can Computer ID be determined reliably, leaving all other OS to identification by MAC address which has some limitations, because to establish a MAC address the computer needs to be connected to the Internet and the MAC address will be different with each type of Internet connection, whether it be LAN, Wi-Fi, modem, satellite etc, thus requiring the capacity for enabling multiple MAC addresses and then a hole is opened enabling a user to share his extra identities with others.
Thus the most secure method for determining a user's identity is on Windows computers and by using Computer ID as the criteria. Now some may say that they need support across all OS including mobile devices. But the crunch there is that those devices may not be that secure, because by design, they have limitations in that their apps are limited to using simple HTML and JavaScript which leaves decryption routines open to exploit.
So if your data is mission critical and for the eyes of the intended recipient only, stick with Windows, and if the business owner insists on having mobile access for himself, ask him if he is sure that to satisfy himself that he is prepared to jeopardize the integrity of what otherwise could be the most secure DRM solution possible?
Real DRM can effectively stop sharing and prevent unauthorized distribution if you want. In fact with call-to-home DRM where the PDF, video or
image protect software checks the user rights from a database online, authors and vendors can have total control over who has access, when and how, with immediate effect on any changes made, even on files still out in the wild on CD or already saved to the user's computer.
ArtistScope revolutionized DRM when they developed the means of identifying users by Computer ID, and their new web browser, ArtisBrowser, can be used by any web application to identify that ID which is unavailable to other web browsers.
Author: William Kent
Date: 17th September 2019
Return to DRM and Copy Protection
Comments
No comments
