The Downward Spiral

Write his temp file to an encrypted disk and then open that file in Acrobat… that’s about the only thing.. you have to shut off my ability to write to unprotected media Shawn!

Or.. if you can figure out how to do this in RAM… make Acrobat load something from a RAM disk that is unaccessible from the rest of the file system… probably an encrypted RAM disk… since you are using Adobe.

Or… ditch Adobe and write your own PDF viewer that reads from memory… way harder to grab sections of memory and save them to a file… but you can still do it… probably still need encryption… but no “disk”.

good luck

This is, of course, opinion, based on what I saw about a year ago and from the updates I’ve heard… so take it with all the grains of salt you want.

To protect PDFs, there is a fairly sophisticated (written in Perl ) locking model going on with their website and all that. That’s fine (but I bet if Shawn wrote it, being, I bet, not a security expert, my security expert friend, or at least someone at his company, could break these keys). But what they are purporting to stop, first and foremost, is users that get a file and then share it with their friends. Their software does not have the ability to do this. This code mechanism is irrelevant… I’m not saying that sharing the file is easy, but one can get a legitimate copy of the file, open it exposing the PDF inside the EXE and then COPY or OPEN the PDF by itself.

I think they are trying to exploit a “feature” in the Windows / CIFS / SMB filesytem called Mandatory Locking. That is, a process keeps a lock on a file and makes changes to that file “undoable”. Explorer, for instance, won’t let you play with a file that has been Mandatory Locked by another process. So the standard copy/move GUI commands won’t work. Also, the clipboard is disabled (probably by constantly copying null or some such trick).

But, there are ways around those things… specifically the filesystem thing (screw the stupid clipboard )… even some built in to “Windows”. One is the DOS prompt… or.. sorry the COMMAND prompt.. my bad. The command prompt emulator thingy, from what I’ve seen, apparently ignores those locks in 2000 and XP. That makes sense, since DOS was a single user, single process workspace. Also, some utilities in Windows can still read a file that has been locked.

Or… maybe they are just screwing with explorer… like screwing up the UI… that’d be funny… I can’t remember… I was gonna get a copy again, but haven’t.

Anyway.. once the EXE is extracted, the file is assigned a temporary filename in the user’s TEMP directory… using, I believe, the C open temp file call thing.. then it pipes the contents of the PDF in to that tmp file, and then opens that temp file in Acrobat.

Uh oh! Anything on a disk, anywhere, I can copy, if I can get at that disk. I can use alternate tools, change my TEMP to be on a network partition where those locks don’t work anymore, or even do as my friend did and put TEMP on a removalable disk and just remove the disk while viewing the PDF.

Then there’s the screwing with Adobe… for some reason they got rid of the entire tool bar and couldn’t disable just the “Save a Copy” button… or.. I think maybe they did and decided that wasn’t good enough. Anyway.. now you can’t zoom or find… or maybe you can find if you happen to know that Ctrl-F is find in Acrobat. Neat. Anyway… overkill… and if they _couldn’t_ disable just the “Save a Copy” function, then, well, this is a bad solution still.

So… if you use this CB Protect dealy, remember that it is just smoke and mirrors… meant to keep people that don’t really care to dig too deeply… i.e. no further than their interface and Acrobat (which got gimped)… which is, yes, bad security. Or front door is locked tight… I just hope they don’t go around back… cuz there’s no back door… just a big hole.

I wanted to share a lovely conversation a friend of mine had with these CB Protect Virtual Vault people. I’m the one that got my old employer going with these people, and thus him… but I didn’t think they were as rediculous as this. All that I wanted them to do is get rid of the “Save a Copy” feature in Acrobat.. which they did… well enough for me… but then they went nuts.. thinking they really are doing more than just the smoke and mirrors I was satisfied with (because there’s no better way, in principle) … and made a thing that just doesn’t work as advertised.

*From:* Virtual Vault Admin
*To:* ‘Support’
*Sent:* Tuesday, December 20, 2005 10:24 AM
*Subject:* **Another Virtual Vault Update**

Shawn Pringle here again with an important update and announcement. First the update…

As always, we have been working hard behind the scenes to make sure that The Virtual Vault remains up-to-date and totally secures your digital products. We understand better than most the importance of keeping your documents secured from would-be thieves and software pirates, and we are always on top of it.

[clip]

And now for an important announcement. We have been offering the web’s easiest and most secure digital product security solution for almost 3 years now. We have released many updates and are constantly improving our product. At the same time, we have been eating all of these costs as a benefit of doing business with us. Well, the time has come to unfortunatley pass these costs onto our valued customers. We will be raising the price from $24.95 to $29.95 monthly. Please understand that our costs continue to rise and we must take this step in order to maintain the quality you have come to expect from us. And I personally guarantee that we will not raise our price again for another 3 years, if ever!

This new price change will take effect on January 1st, 2006. Thank you for your continued patronage, and we wish you all the very best for 2006!

** Happy Holidays to you and your family,
Shawn Pringle
TopNet Solutions
http://www.topnetsolutions.net/

——————

Perhaps if you had realized that your claims of “totally secure” DRM are too great to actually deliver, you wouldn’t have to keep chasing all the holes that are uncovered and facing increased development costs.

And by the way, even with the newest update installed, I can still open a locked PDF using one access code like a normal customer, and then copy the unlocked pdf file from the Temp folder using the copy command from a dos prompt:

C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP>copy gg165.tmp c:\
1 file(s) copied.

I’d hardly call that “totally secured” nor worthy of a price increase.

Also, we are still getting complaints from customers about the removal of the search and zoom features from the toolbar. I understand that you can search using Ctrl+F, but I haven’t found a way to zoom in or out without the toolbar or View menu.

Please advise.

——————

Jane Tanner has responded to your help desk request.

The temp files should be locked from being copied, and we have the programmers looking at this now.
As for the zoom feature, in order to secure the PDF we must remove the toolbar which unfortunately removes the zoom feature. There is nothing we can do about that, and it is a small side-effect to having a secured document.

——————-

Well, it’s a “small side effect” which might leave the user with a completely unreadable document if they can’t zoom in to a reasonable text size.

The temp files are “locked” from being copied using the windows clipboard or drag and drop, but they are still readable using other applications, including the dos copy command. I can even open the .tmp file in a text editor and save it to a new file with a pdf extension to get the unlocked contents.

Once again, as long as the Virtual Vault writes an unencrypted version of the locked file to the disk, there WILL be a pretty simple way to copy it.