Penetration Testing mailing list archives
Re: [PEN-TEST] SealedMedia secured content?
From: Russ Spooner <labrat () INTERROREM COM>
Date: Fri, 3 Nov 2000 18:02:30 -0000
I know I am probably stating the obvious and a bit OT, but almost all DRM is flawed. No matter the encryption methodology an end user eventually puts something to screen or soundcard, this is the vulnerability. I know for a fact that there are macros around that will exploit this with "Secure" text formats like Microsoft Reader E-books, or PDF files. Basically the macro will take screen shots of each page once it is viewed in the reader in a format suitable for most OCR packages. In a couple of hours one can recontruct the originally encrypted material as an "in clear" form. With "secure" music you can use dummy audio drivers that will just dump the audio output stream to a file. With jpegs and gifs, a good old fashioned screen capture will do the trick. Admittedly there is usually a degradation in the quality of the replicated material, however this is usually of little concern, as an example: the extraordinarily poor quality of pirated analogue video has not stopped millions of people watching pirate videos. As for java class files and the like, one wonders at what point it hands over to the JVM, or if the end user will have to use a "custom/secure" version. In the end it think DRM for the internet is going to be as successful as DIVX. -----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Christian Jensen Sent: 03 November 2000 16:19 To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] SealedMedia secured content? Has anyone here evaluated the claims of SealedMedia. They claim they can secure your online content, whether it be html, jpg, mp3, pdf, etc., from copying, printing, viewing the source, and downloading. I know some folks, such as Bruce Schneier, may scoff at anybody who thinks they can maintain complete control of digital content once it leaves the server. I wonder if anyone here has had practical experience with this particular company and the ability of its software to deliver as promised.
Current thread:
- [PEN-TEST] SealedMedia secured content? Christian Jensen (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? GC (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Russ Spooner (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Crist Clark (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Iván Arce (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Russ Spooner (Nov 05)
- Re: [PEN-TEST] SealedMedia secured content? Crist Clark (Nov 04)
- <Possible follow-ups>
- Re: [PEN-TEST] SealedMedia secured content? Security Related (Nov 07)