Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] SealedMedia secured content?
From: Crist Clark <crist.clark () GLOBALSTAR COM>
Date: Fri, 3 Nov 2000 13:18:39 -0800

Russ Spooner wrote:

I know I am probably stating the obvious and a bit OT, but almost all DRM is

No matter the encryption methodology an end user eventually puts something
to screen or soundcard, this is the vulnerability.

I know for a fact that there are macros around that will exploit this with
"Secure" text formats like Microsoft Reader E-books, or PDF files.

Basically the macro will take screen shots of each page once it is viewed in
the reader in a format suitable for most OCR packages. In a couple of hours
one can recontruct the originally encrypted material as an "in clear" form.

With "secure" music you can use dummy audio drivers that will just dump the
audio output stream to a file.

With jpegs and gifs, a good old fashioned screen capture will do the trick.

DRM? Which SecurityFocus mail list just got a lecture about tossing in
obscure acronyms without definition? Was it this one? What is DRM?

Anyway, it seems to me that it is even easier to circumvent the controls
on the systems I have seen. The ones that promise to protect _any_ format
rely on the recipient's software to actually handle the data. Why bother
with replacing the audio drivers or do a screen capture? The data is
being fed to some application UNDER THE CONTROL OF THE END USER in an
unecrypted format. That's all you need to say. Game over, no? Why can't
your MPEG or WAV player be a quick proggie that writes its input to a file?

I must caveat this by saying I have only played with one vendor's product.
The idea that you could protect files you give to someone else just seemed
so strange to me that I had to check it out. Did not take me 15 minutes to
get around their restrictions. It may just be I have a funky environment (but
that is not a very good argument for the vendor) or this particular vendor
does not have a great product, but I strongly believe it is a fundamental
issue with the concept.

Systems that protect a specific type of data with an imbedded or "trusted"
application to use data are another issue. That gets to the watermarks
and all that good kind of great stuff.
Crist J. Clark                                Network Security Engineer
crist.clark () globalstar com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]