Security features
Moderators: Alexander Halser, Tim Green
Security features
Anyone out there know if anyone has designed security features for an e-book file. I want to sell information on e-book or help files and not give it away. we have a martial arts school and want to sell the e-books on CD and need some sort of license key arrangement - hope someone can help. We are not high tech computer whiz people just able to use software like this one.
- Tim Green
- Site Admin
- Posts: 23182
- Joined: Mon Jun 24, 2002 9:11 am
- Location: Bruehl, Germany
- Contact:
Like any other human-readable information documentation files can always be copied -- this is simply a fact of life for text files, which all documentation files essentially are.
H&M's ebooks can be set so that copying and pasting of text on screen is not possible. You can also require a password for opening the file, but this does not provide any kind of real protection -- anybody who makes a copy for a friend will also give them the password.
There is one other copy protection feature that provides much better security but this is hard to implement: You can specify that the eBook can only be opened from a CD-ROM with a specific serial number. Then any copies of the eBook will not be readable. But in order to be able to do this you must create *pressed* CDs in a series where all the CDs have the same serial number -- most pressworks will require you to produce a run of at least 1000 to 3000 CDs. It is not possible to use this feature with burned CDs because burning software applies a random serial number to each CD during the burning process, and it is not possible to know this in advance. Also, each CD has a different serial no. on burned CDs.
All other documentation formats are not copy-protectable at all. They only way to protect them would be to encrypt them completely and give nobody the key -- but then nobody would be able to read the documentation at all. The bottom line here is that if you are distributing documentation on CDs it will be copied. There is not really any way around this.
H&M's ebooks can be set so that copying and pasting of text on screen is not possible. You can also require a password for opening the file, but this does not provide any kind of real protection -- anybody who makes a copy for a friend will also give them the password.
There is one other copy protection feature that provides much better security but this is hard to implement: You can specify that the eBook can only be opened from a CD-ROM with a specific serial number. Then any copies of the eBook will not be readable. But in order to be able to do this you must create *pressed* CDs in a series where all the CDs have the same serial number -- most pressworks will require you to produce a run of at least 1000 to 3000 CDs. It is not possible to use this feature with burned CDs because burning software applies a random serial number to each CD during the burning process, and it is not possible to know this in advance. Also, each CD has a different serial no. on burned CDs.
All other documentation formats are not copy-protectable at all. They only way to protect them would be to encrypt them completely and give nobody the key -- but then nobody would be able to read the documentation at all. The bottom line here is that if you are distributing documentation on CDs it will be copied. There is not really any way around this.
Regards,
Tim (EC Software Documentation & User Support)
Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
Tim (EC Software Documentation & User Support)
Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
-
- Posts: 1
- Joined: Fri Dec 23, 2011 12:26 pm
Re: Security features
Hello all,
How would you go about enabling the password protection of an eBook via H&M?
Presently, we deliver .chm files with the software applications we develop, but we want to try and beef up the security to prevent the content of the chm files being freely distributed.
If we can password protect an eBook file, then perhaps a good way to prevent illicit use of the file would be to not tell anyone what the password was.
The eBook could then be launched via a menu option in the application it was distributed with, with the required password being embedded in the application and passed on the command line when calling the eBook. As the calling application is already protected, this might be a good workaround.
Do you think something like this would be feasible/work ?
Best regards,
Scott
How would you go about enabling the password protection of an eBook via H&M?
Presently, we deliver .chm files with the software applications we develop, but we want to try and beef up the security to prevent the content of the chm files being freely distributed.
If we can password protect an eBook file, then perhaps a good way to prevent illicit use of the file would be to not tell anyone what the password was.
The eBook could then be launched via a menu option in the application it was distributed with, with the required password being embedded in the application and passed on the command line when calling the eBook. As the calling application is already protected, this might be a good workaround.
Do you think something like this would be feasible/work ?
Best regards,
Scott
- Tim Green
- Site Admin
- Posts: 23182
- Joined: Mon Jun 24, 2002 9:11 am
- Location: Bruehl, Germany
- Contact:
Re: Security features
Hi Scott,
Any file that is distributed in multiple copies all with the same password is not really protected very much. Everyone who needs to read it has to have the password, so the password will get out and it only needs to get out once to compromise the entire production run. It will prevent casual copying, but that is really all. It won't prevent intentional copying and it can also annoy and inconvenience your honest customers. PDFs also support passwords, but anyone who knows how to use Google can get the tools to crack PDF passwords in a couple of minutes from anywhere in the world.
Also, you can only add passwords to Windows EXE eBooks yourself. You can add more complex digital rights management to ePUB eBooks, but doing that is a complex and expensive process that requires the support of a solution provider, for example those recommended for this by Adobe. Whether this is really worth the time, effort and expense is at least somewhat dubious. Here too, only one copy needs to get out to render the exercise a waste of time and money.
Any file that is distributed in multiple copies all with the same password is not really protected very much. Everyone who needs to read it has to have the password, so the password will get out and it only needs to get out once to compromise the entire production run. It will prevent casual copying, but that is really all. It won't prevent intentional copying and it can also annoy and inconvenience your honest customers. PDFs also support passwords, but anyone who knows how to use Google can get the tools to crack PDF passwords in a couple of minutes from anywhere in the world.
Also, you can only add passwords to Windows EXE eBooks yourself. You can add more complex digital rights management to ePUB eBooks, but doing that is a complex and expensive process that requires the support of a solution provider, for example those recommended for this by Adobe. Whether this is really worth the time, effort and expense is at least somewhat dubious. Here too, only one copy needs to get out to render the exercise a waste of time and money.
Regards,
Tim (EC Software Documentation & User Support)
Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
Tim (EC Software Documentation & User Support)
Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
-
- Posts: 150
- Joined: Tue Nov 03, 2009 6:14 pm
Re: Security features
While I am wholeheartedly in favor of an author's right to protect his/her/its potentially-paying content from unhindered distribution to those who didn't pay, I essentially agree with Tim.
Any system -- encryption, pressed CDs, passwords, license keys, etc. -- essentially relies on some kind of "pain-in-the-*ss" factor. Those who really *must* "steal" your content will go to the lengths necessary to do so. Those who are "casual" users will not.
But increase the "pain-in-the-*ss" factor too high and eventually even your paying clients will find it to be a pain, and will realize that you don't really trust them, either. Bad customer relations, IMO.
Erect small, simple barriers. Embed download codes in each file, if you must, so that if you want to track inappropriately-distributed content back to its source, you (theoretically) can. (How? Don't ask me. But that's essentially what Apple does with its non-DRMed iTunes content, for instance.)
But otherwise treat your clients like they were honest.
You'll know soon enough if they are not.
Of course, if you are running black ops for some government, your needs are different. But in that case no doubt you'll have a whole different set of tools -- and problems.
Any system -- encryption, pressed CDs, passwords, license keys, etc. -- essentially relies on some kind of "pain-in-the-*ss" factor. Those who really *must* "steal" your content will go to the lengths necessary to do so. Those who are "casual" users will not.
But increase the "pain-in-the-*ss" factor too high and eventually even your paying clients will find it to be a pain, and will realize that you don't really trust them, either. Bad customer relations, IMO.
Erect small, simple barriers. Embed download codes in each file, if you must, so that if you want to track inappropriately-distributed content back to its source, you (theoretically) can. (How? Don't ask me. But that's essentially what Apple does with its non-DRMed iTunes content, for instance.)
But otherwise treat your clients like they were honest.
You'll know soon enough if they are not.
Of course, if you are running black ops for some government, your needs are different. But in that case no doubt you'll have a whole different set of tools -- and problems.