What I think CB Protect is doing and why it’s no good
This is, of course, opinion, based on what I saw about a year ago and from the updates I’ve heard… so take it with all the grains of salt you want.
To protect PDFs, there is a fairly sophisticated (written in Perl 
) locking model going on with their website and all that. That’s fine (but I bet if Shawn wrote it, being, I bet, not a security expert, my security expert friend, or at least someone at his company, could break these keys). But what they are purporting to stop, first and foremost, is users that get a file and then share it with their friends. Their software does not have the ability to do this. This code mechanism is irrelevant… I’m not saying that sharing the file is easy, but one can get a legitimate copy of the file, open it exposing the PDF inside the EXE and then COPY or OPEN the PDF by itself.
I think they are trying to exploit a “feature” in the Windows / CIFS / SMB filesytem called Mandatory Locking. That is, a process keeps a lock on a file and makes changes to that file “undoable”. Explorer, for instance, won’t let you play with a file that has been Mandatory Locked by another process. So the standard copy/move GUI commands won’t work. Also, the clipboard is disabled (probably by constantly copying null or some such trick).
But, there are ways around those things… specifically the filesystem thing (screw the stupid clipboard )… even some built in to “Windows”. One is the DOS prompt… or.. sorry the COMMAND prompt.. my bad. The command prompt emulator thingy, from what I’ve seen, apparently ignores those locks in 2000 and XP. That makes sense, since DOS was a single user, single process workspace. Also, some utilities in Windows can still read a file that has been locked.
Or… maybe they are just screwing with explorer… like screwing up the UI… that’d be funny… I can’t remember… I was gonna get a copy again, but haven’t.
Anyway.. once the EXE is extracted, the file is assigned a temporary filename in the user’s TEMP directory… using, I believe, the C open temp file call thing.. then it pipes the contents of the PDF in to that tmp file, and then opens that temp file in Acrobat.
Uh oh! Anything on a disk, anywhere, I can copy, if I can get at that disk. I can use alternate tools, change my TEMP to be on a network partition where those locks don’t work anymore, or even do as my friend did and put TEMP on a removalable disk and just remove the disk while viewing the PDF.
Then there’s the screwing with Adobe… for some reason they got rid of the entire tool bar and couldn’t disable just the “Save a Copy” button… or.. I think maybe they did and decided that wasn’t good enough. Anyway.. now you can’t zoom or find… or maybe you can find if you happen to know that Ctrl-F is find in Acrobat. Neat. Anyway… overkill… and if they _couldn’t_ disable just the “Save a Copy” function, then, well, this is a bad solution still.
So… if you use this CB Protect dealy, remember that it is just smoke and mirrors… meant to keep people that don’t really care to dig too deeply… i.e. no further than their interface and Acrobat (which got gimped)… which is, yes, bad security. Or front door is locked tight… I just hope they don’t go around back… cuz there’s no back door… just a big hole.