Re: DRM PDFs (and SED and ETD ...)
On Fri, May 30, 2008 at 10:17:56 +0100, Adam Hardy wrote:
> Johannes Wiedersich on 29/05/08 14:03,wrote:
>>>>> Just thought I'd ask, even though my web searches don't reveal anything
>>>>> but Adobe promises and work-arounds involving printing to postscript on
>>>>> a windows box first - but is there software for linux to read DRM pdfs?
>>>> I don't know, if I understand you correctly. If you just want to read a
>>>> DRM pdf, there are various linux tools as suggested. I've had good luck
>>>> with kpdf so far, but xpdf and others might work as well. Those tools
>>>> actually ignore (or can be configured to ignore) most of the
>>> I haven't found any configuration on any package (xpdf, acroread,
>>> evince, pdftk, kpdf) for ignoring security. In fact you're the second
>>> person to say that, but the man pages don't contain any reference to
>>> overriding passwords. Are you sure?
>> kpdf: settings -> konfigure kpdf -> "Obey DRM restrictions
>> However this apparently works only for the 'traditional' DRM stuff (I'm
>> on lenny).
> Thanks for the pointer, although it doesn't work for me. I unclick the
> option, click OK, open the document and the first thing it does is ask me
> for a password.
If you uncheck "Obey DRM restrictions" then all the restrictions imposed
by the owner password (e.g. no high-resolution printing, no copying or
modification of the content) will be ignored.
Your document has a user password, which means that its content is
encrypted and can only be accessed if you have the correct decryption
key (which is derived from the user password).
Tools like pdfcrack mostly rely on the fact that many humans tend to
choose not-too-strong passwords of moderate length, often more or less
directly derived from dictionary words. In your case the user password
is retrieved from the authentication server by this windows-only
security plug-in; no human being ever has to remember this password, so
there is little hope that it will be a string that can easily be guessed
by pdfcrack. AFAIK, the decryption key is 128 bit and it is not feasible
to brute-force it in a reasonable time if the dictionary attack fails
(unless you can find a weakness in the cryptographic algorithm or you
have very unusual hardware).
Regards, | http://users.icfo.es/Florian.Kulzer