Adobe's ADEPT DRM Broken

An anonymous reader writes "I love cabbages has reverse-engineered Adobe's ADEPT DRM (e-book protection). On February 18, I love cabbages released code that decrypts EPUB e-books protected with ADEPT and followed that up on February 25, with code that decrypts PDF e-books protected with ADEPT. On March 4, I love cabbages was given a DMCA take down notice. And there's plenty of evidence he got it right. DS:TNG (Dmitry Sklyarov: The Next Generation)?"

and...

[greengrass]

DRM is like trying to make water not wet.

Re:and...

That's not quite right.

To use Bruce Schneier's analogy, it's more like trying to make a safe secure.

There's not such thing as a secure safe. Ultimately, it is not the locks and thick walls of a safe that protects the safe's contents. It is what economists would call "opportunity costs". Why am I wasting my time praying I can cut through this damn thing with a thermal lance before people return for work on Monday morning when I could make easier money doing something else, like panhandling or flipping burgers?

Safes only need to be sufficiently secure that their contents aren't worth stealing; they needn't be any more secure than that. You don't buy a million dollar safe to keep your petty cash in, or for holding cheap costume jewelry. Likewise, DRM only needs to be sufficient secure that people don't bother getting around it. What the recording industry provides is not infinitely valuable, so DRM needn't be infinitely strong.

The obsession of the recording industry with unbreakable DRM isn't rational. It probably reflects a guilty conscience.

If I were creating a DRM scheme, for my content, I'd release the scheme with an exploit. An exploit that anybody could use, but which was a certifiable pain in the ass. It's going to be broken sooner or later, so why not remove the incentive to make a convenient exploit? Anybody who is chary of losing access to their DRM purchases is reassured that they will always have access to it, but the vast majority won't ever bother. Of course that means the content would appear illegal sharing sites, but that was going to happen anyway.

In a sense, that's where Apple is with Fairplay. It's been cracked for ages, but at $0.99/track, almost nobody bothers.

Re:Hey, why not just steal GPL code?

[Nursie]

Non-sequitur

Opening up DRM'd media so that it can legally be used in more situations by someone with a valid license is not the same as rampant piracy. Removing DRM so that consumers have a choice over how and when to use content they have paid for is a great thing.

It is regrettable that these developments are also massive boosts for piracy, but without this sort of action there would be no DVD playback on Linux.

Re:Hey, why not just steal GPL code?

[TheRaven64]

I can't believe that this nonsense keeps being repeated. The GPL (a license I don't really like, but respect) is a distribution license. It follows both the spirit and the letter of copyright law, allowing the original author to restrict how people copy their work. DRM, in contrast, restricts how people use their work. This is counter to the spirit of copyright law - there's a reason it's called copyright not useright - and is antithetical to Free Software. Note that even laws like the DMCA talk about copy protection, rather than DRM. They are not the same thing. Copy protection only prevents copying, while DRM prevents various forms of use, for example annotating a PDF or playing a DVD from a different country.

Took down the links, not the content..

[XenoPhage]

There is of course, Google Cache ...

Or, you can just get it from pastebin:

http://pastebin.com/f1cb3663c

and

http://pastebin.com/f26972321

Re:Took down the links, not the content..

[skeeto]

Or on Freenet, where it is impossible for anyone to remove,

CHK@Lxdd7kNnDxsKDbJvN954w8VVTkyeXriXBc~CZQi7yh0,CpQsd8KQkbzeRnfpY4tprGAlt2LYjIKtwVdDYXWY~nE,AAIC--8/ineptpdf.pyw

CHK@0sthR-c3bxeDPtyRP4vLst4MKLAYunyPgL3DFgijAR4,GLU99yTKNtuIx9A54tvh20XisaAPwCcul58wTmTKjRE,AAIC--8/ineptkey.pyw

Re:Hey, why not just steal GPL code?

[fuzzyfuzzyfungus]

"Copyright law" does not equal "technological enforcement of whatever terms somebody feels like enforcing".

While some DRM-crackers are indeed, more or less unrelated(you don't see GPL proponents celebrating the availability of cracked copies of proprietary software), the DRM-crackers who stand up for our freedom to own and control our computers, rather than the other way around, have pretty much exactly the same objective as core GPL proponents.

Re:Hey, why not just steal GPL code?

[amiga3D]

If anyone other than fat, neck-bearded, Cheeto-stained, basement-dwelling gruntwaffles actually *used* Linux

Hey! I am not a gruntwaffle! Or....maybe I am...WTF is a "gruntwaffle?"

Re:Hey, why not just steal GPL code?

[js_sebastian]

Opening up DRM'd media so that it can legally be used in more situations by someone with a valid license is not the same as rampant piracy.

As a rights-holder? Bull. Shit. "You have the right to use content provided you do so in a manner consistent with the license provided with it." That's the same basic principle protected in the GPL, as well as in DRM-licensing terms.

You fail (again). The GPL does not, in any way, restrict your use of the licensed code. It only restricts the way you redistribute that code (if you should choose to do so). And, newsflash, even if the GPL wanted to restrict your use, it couldn't, because the GPL is based on copyright law. A license can only grant you MORE freedom than is already allowed to you by copyright law. And copyright law regulates distribution, not private usage.