Re: Bug in acroread?

Tue, 13 Mar 2007 01:59:41 -0800 

On Tue, Mar 13, 2007 at 02:33:04 -0500, Ron Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 03/13/07 01:16, Joe Hart wrote:
> [snip]
> > 
> > Since you know so much about PDF files, let me ask you another
> > question. Does PDF have DRM capabilities built in?
> 
> They can be password encrypted.  Don't know about anything else.

There are two different things:

1) A "user password" can be set. That means that the document is
   encrypted and you need the password to open the document. The old
   standard was 40bit encryption (due to US cryptography export
   restrictions) which can be brute-forced in quite a short time with
   modern computers. The new standard is 128 bit encryption. 

2) An "owner password" can be set. This can be used to restrict what the
   user can do with the document. You can for example disallow printing
   totally, only allow low-quality print-outs or prevent the user from
   copying the content of the document. These restrictions have to
   honored by the PDF reader, of course. Most open-source readers either
   ignore the DRM restrictions or give you an easy way to turn them off;
   KPDF, for example, has an "Obey DRM restrictions" option which can be
   unchecked. (In the worst case you can find the DRM check in the
   source code, comment it out and recompile.) I believe that this is in
   violation of Adobe's licensing terms for the PDF standard, which
   AFAIK require that you implement the DRM if you code a PDF reader
   based on their specifications.

Option 1) and 2) can also be combined, of course.

It is furthermore possible to write custom plug-ins which impose
additional restrictions. For example, we once got a reprint-PDF for an
article that we had published in a scientific journal. This PDF required
a plug-in so that it could contact the publisher's server to make sure
we could only print 50 high-quality copies of the paper. Needless to
say, this plug-in was only available for Windows. A nice way to take the
"P" out of PDF...

-- 
Regards,
          Florian


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to