SHARE
TWEET

Verso Watermarks

a guest Jan 19th, 2017 176 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ---disseminate widely---
  2.  
  3.  
  4. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  5. Institute for Biblio-Immunology -- First Communique:
  6. Identifying and Removing Verso/BooXtream 'Social DRM' EPUB eBook Watermarks
  7. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  8.  
  9. FOR IMMEDIATE RELEASE.  
  10.  
  11. IN THAT, WE DEMAND THE IMMEDIATE RELEASE OF OUR SHACKLED COMRADES, WATERMARKED
  12. EBOOKS OF THE WORLD.  
  13.  
  14. Welcome.  
  15.  
  16. The Institute for Biblio-Immunology specialises in textual pathogen
  17. identification and antigen synthesis.  Several vials of in vivo samples
  18. suffering from a "social DRM" watermarking infection were recently brought to
  19. the attention of our cellar scientists.  In this, our inaugural communique, we
  20. will explore our dissection of said samples and offer an initial expatiation
  21. regarding the contaminant undesirables discovered therein, as well as offer
  22. preliminary guidance for a successful course of treatment.  
  23.  
  24.  
  25. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  26. BACKGROUND
  27. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  28.  
  29. Prudence tells us that the only time books should be used as weapons of terror
  30. is if they are thrown, gleefully aflame, through a publishing conglomerate's
  31. window.  Instead, we find that the publishing company Verso Books {0} is using
  32. books to facilitate the surveillance of readers.  By embedding uniquely-
  33. identifiable personal information in individual copies of ebooks, Verso (and
  34. the company they are relying on for the actual watermarking, BooXtream) are
  35. turning vectors for cultural transmission into, effectively, tracking beacons
  36. designed to identify who is sharing said ebooks, so as to then neutralise said
  37. ostensibly undesirable (by Verso) knowledge transmission paths.  This will not
  38. stand.  
  39.  
  40. {0} Verso Books "is the largest independent, radical publishing house in the
  41. English-speaking world" <https://www.versobooks.com/pg/about-verso>.  On that
  42. same 'About Verso' page, Managing Director Jacob Stevens says that Verso Books
  43. has "a strong list and radical commitment", though what this means is not
  44. actually explained here.  Not to worry.  Stevens explains perfectly well what
  45. Verso means by "radical" in an interview with the trade publication The
  46. Bookseller; wherein, commenting on Verso's venture into the ebook retail space,
  47. he states that "Verso has found a new, radical way of selling books"
  48. <https://www.thebookseller.com/news/e-bookprint-bundling-venture-verso>.
  49. Radical selling.  Fuck yeah.  
  50.  
  51. But why pick Verso to talk about in the first place?  We can briefly summarise
  52. the specific chain of events which brought us to this point, reductively, as
  53. follows:
  54.  
  55. I --> Verso shits out an ebook release of The Boy Who Could Change the World:
  56. The Writings of Aaron Swartz (in February 2016) {1}.  
  57.  
  58. {1} <https://www.versobooks.com/books/2077-the-boy-who-could-change-the-
  59. world>.  
  60.  
  61. II --> This Verso ebook release possesses WATERMARKS {2}.  
  62.  
  63. {2} "Ebooks from the Verso website are watermarked and DRM-free, and will work
  64. on any of your devices--but they can't be uploaded to websites or file-sharing
  65. networks" <https://www.versobooks.com/pg/verso-ebooks>.  
  66.  
  67. ~~~~~~~~~~~~~~~~~
  68. Paigey the Book Pirate says: Verso is straight-up LYING here.  The ebooks CAN
  69. be uploaded to websites or file-sharing networks.  Very easily, in fact.  Proof
  70. of concept: go to a website or file-sharing network and upload it (but WAIT--
  71. remove watermark first, of course!).  
  72. ~~~~~~~~~~~~~~~~~
  73.  
  74. III --> Sean B.  Palmer ("virtual executor" {3} of Aaron Swartz) says he will
  75. ask the publishers to remove the watermarking (on 13 April 2016) {4}.  
  76.  
  77. {3} "I designate Sean B. Palmer as my virtual executor"
  78. <https://web.archive.org/web/20031217220719/http://www.aaronsw.com/2002/continui
  79. ty>.  
  80.  
  81. {4} "I will ask the publishers on your behalf to remove the watermarking from
  82. the Verso ebook version" <https://punctumbooks.com/blog/the-boy-who-couldnt-
  83. change-the-world/#comment-129709>.  
  84.  
  85. IV--> Regardless, Verso says they will not remove the watermarks (on 22 April
  86. 2016) {5}.  
  87.  
  88. {5} "We have just been informed by a highly reliable party who wishes to
  89. remain anonymous that Verso Books has indicated (to this party, via The New
  90. Press) that they will NOT remove the watermark from their e-book edition of
  91. Aaron Swartz's posthumously-published collected writings because they believe
  92. it will impede their ability to 'recoup' their distribution costs"
  93. <https://www.facebook.com/punctumbooks/posts/1006302089407594>.  
  94.  
  95. NOT OK.  
  96.  
  97. V--> Verso FUCKS you with watermarks, so we will FUCKS Verso now (on 20 June
  98. 2016).  
  99.  
  100. Blood for blood.  
  101.  
  102. And by the gallon.  
  103.  
  104.  
  105. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  106. WATERMARK SCAVENGER HUNT
  107. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  108.  
  109. Now we will expose the functionality of Verso and BooXtream (Verso's watermark
  110. provider) watermarks.  
  111.  
  112. OK!  :)
  113.  
  114. EPUB have many file inside.  Many file give many opportunity for THE SNEAKY-
  115. SNEAKY to add watermark.  
  116.  
  117. BUT IT'S OKAY --> we can be THE SNEAKY-SNEAKY too.  
  118.  
  119. Verso uses a watermarking schema provided by BooXtream {6}.  
  120.  
  121. {6} "Verso ebooks are free of Digital Rights Management (DRM-free), but are
  122. subject to the terms of this license. You own the file once you've downloaded
  123. it, and you can use it on any of your devices in perpetuity. It has visible and
  124. invisible watermarks, applied by Booxtream, which contain your name and email
  125. address. You are prohibited from uploading Verso ebooks to any website or file-
  126. sharing network, or in any other way making them available for distribution,
  127. sharing, copying, downloading, or reselling"
  128. <https://www.versobooks.com/pg/terms-and-conditions>.  
  129.  
  130. There are, at least, seven different varieties of watermarks injected into a
  131. given ebook EPUB payload by BooXtream to be found in Verso ebooks:
  132.  
  133. WM0-2 are overt (readily visible) watermarks and are optional (meaning they
  134. may not necessarily be present):
  135.  
  136. [WM0] -- Ex Libris Image Watermark
  137. [WM1] -- Disclaimer Page Watermark
  138. [WM2] -- Footer Watermarks
  139.  
  140. WM3-6 are covert (not readily visible) watermarks and are always present:
  141.  
  142. [WM3] -- Filename Watermarks
  143. [WM4] -- Timestamp Fingerprinting
  144. [WM5] -- CSS Watermark
  145. [WM6] -- Image Metadata Watermarks
  146.  
  147.  
  148. Let's now go through each one to expose it and see how it works and, in turn,
  149. how it may be prevented from working.  
  150.  
  151. OK!  :)
  152.  
  153.  
  154. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  155. [WM0] -- Ex Libris Image Watermark
  156. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  157.  
  158. The ex libris image watermark is optional {7}; however, Verso ebooks appear to
  159. employ it.  
  160.  
  161. {7} "With every order fulfilment, BooXtream(R) needs the customer name,
  162. customer email address and an order-id (supplied by the shop). BooXtream(R)
  163. encodes this as a series of redundant digital watermarks and also adds visible,
  164. personalised information for the end user into the ePub file. All visible and
  165. personalised information is optional and can be customised:
  166.  
  167. "- Page 2 contains an Ex Libris (image with customer name), that can be
  168. customised per publisher and per customer" <https://www.booxtream.com>.  
  169.  
  170. ~~~~~~~~~~~~~~~~~
  171. Paigey the Book Pirate says: Keeping in mind that the tiers of overt
  172. watermarks (WM0-2) are all optional, even if a given ebook doesn't appear to
  173. have them, it would of course still nonetheless be a sign of utmost prudence
  174. for one to check for the presence of the covert watermark tiers (WM3-6).  In
  175. other words, just because an ebook may not have the initial set of overt
  176. watermarks, this should not be taken to mean it does not necessarily have any
  177. of the subsequent covert watermarks.  
  178. ~~~~~~~~~~~~~~~~~
  179.  
  180. The ex libris watermark is an image file, albeit one found not in ../Images/,
  181. where one would expect, but rather in ../Text/exlibris*.png.  
  182.  
  183. The ex libris watermark image here consists of the Verso 'V' logo, with the
  184. buyer name and email superimposed over the logo as part of the customised
  185. image.  
  186.  
  187. Said ex libris watermark image is called from ../Text/Cover*.xhtml:
  188.  
  189. ---
  190. <p class="exlibris" style="text-align:center"><img src="exlibris*.png" alt="Ex
  191. Libris"/></p>
  192.  
  193. ---
  194.  
  195. Said image is also referenced in ../content.opf:
  196.  
  197. ---
  198. <item id="exlibris" href="Text/exlibris*.png" media-type="image/png"/>
  199. ---
  200.  
  201. ~~~~~~~~~~~~~~~~~
  202. Paigey the Book Pirate says: When changing filenames and/or moving/deleting
  203. files, always be sure to change all corresponding references to them as well,
  204. as otherwise not only will links not work, but the anonymity you so desperately
  205. seek will be compromised!  I hear Sigil <https://sigil-ebook.com> is a good
  206. tool for this which changes references automatically for you when you change
  207. filenames!  
  208. ~~~~~~~~~~~~~~~~~
  209.  
  210. We'll come back to that pesky wildcard placeholder (*) in the discussion of
  211. WM3, but for now it would behove one to simply listen to Paigey.  
  212.  
  213. If one had mind to eliminate WM0, one could then simply delete the contaminant
  214. (exlibris*.png) and remove the aforementioned references to it from
  215. Cover*.xhtml and content.opf.  
  216.  
  217.  
  218. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  219. [WM1] -- Disclaimer Page Watermark
  220. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  221.  
  222. The disclaimer page watermark is optional {8}; however, Verso ebooks appear to
  223. employ it.  
  224.  
  225. {8} "With every order fulfilment, BooXtream(R) needs the customer name,
  226. customer email address and an order-id (supplied by the shop). BooXtream(R)
  227. encodes this as a series of redundant digital watermarks and also adds visible,
  228. personalised information for the end user into the ePub file. All visible and
  229. personalised information is optional and can be customised:
  230.  
  231. "[...]
  232.  
  233. "- The last page contains a disclaimer and logo, and has a corresponding entry
  234. in the table of contents" <https://www.booxtream.com>.  
  235.  
  236. The disclaimer page watermark is an XHTML file, albeit one found not in
  237. ../Text/, where one would expect, but rather in ../disclaimer*.xhtml.  
  238.  
  239. The Verso disclaimer boilerplate is as follows:
  240.  
  241. ---
  242. Verso ebook license
  243.  
  244. This ebook was sold to $BuyerName, $BuyerEmail on $SaleDate0.  
  245.  
  246. Verso ebooks are free of Digital Rights Management (DRM-free) but are subject
  247. to the terms of this license.  You own this file once you've downloaded it, and
  248. you can use it on any of your devices.  It has visible and invisible
  249. watermarks, applied by Booxtream, which contain your name and email address.
  250. You are prohibited from uploading Verso ebooks to any website or file-sharing
  251. network, or in any other way making them available for distribution, sharing,
  252. copying, downloading, or reselling.  Royalties from every sale will be paid to
  253. the author: if you're reading someone else's copy, then please buy your own
  254. license from Verso Books.  
  255.  
  256. This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1
  257. ---
  258.  
  259. Wherein $BuyerName is the name of the buyer of the ebook; $BuyerEmail is the
  260. email of the buyer of the ebook; $SaleDate0 is the date of purchase--or more
  261. accurately, the specific date the purchased copy of the ebook was generated,
  262. which will typically also be the date of purchase--in the format DD/MM/YYYY
  263. (numerical values for Day/Month/Year); $SaleDate1 is likewise the date of
  264. purchase, albeit in the format MM/DD/YYYY.  
  265.  
  266. ~~~~~~~~~~~~~~~~~
  267. Paigey the Book Pirate says: Notice that $SaleDate0 is only utilised in the
  268. header of disclaimer*.xhtml; whenever the sale date watermark appears
  269. elsewhere, it always follows the format of $SaleDate1.  
  270. ~~~~~~~~~~~~~~~~~
  271.  
  272. Said disclaimer page watermark is in turn called from ../toc.ncx:
  273.  
  274. ---
  275. <navPoint playOrder="#" id="BooXtream"><navLabel><text>This eBook is licensed
  276. to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
  277. src="disclaimer*.xhtml"/></navPoint>
  278. ---
  279.  
  280. And is further referenced twice in ../content.opf, as:
  281.  
  282. ---
  283. <item id="BooXtream" href="disclaimer*.xhtml" media-
  284. type="application/xhtml+xml"/>
  285. ---
  286.  
  287. and again as:
  288.  
  289. ---
  290. <itemref idref="BooXtream"/>
  291. ---
  292.  
  293. If one had mind to eliminate WM1, one could then simply delete the contaminant
  294. (disclaimer*.xhtml) and remove the aforementioned references to it from toc.nx
  295. and content.opf.  
  296.  
  297.  
  298. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  299. [WM2] -- Footer Watermarks
  300. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  301.  
  302. The footer watermarks are optional {9}; however, Verso ebooks appear to employ
  303. them.  
  304.  
  305. {9} "With every order fulfilment, BooXtream(R) needs the customer name,
  306. customer email address and an order-id (supplied by the shop). BooXtream(R)
  307. encodes this as a series of redundant digital watermarks and also adds visible,
  308. personalised information for the end user into the ePub file. All visible and
  309. personalised information is optional and can be customised:
  310.  
  311. "[...]
  312.  
  313. "- Every chapter ends with a personalised footer text"
  314. <https://www.booxtream.com>.  
  315.  
  316. The textual footer page watermarks appear at the end of every XHTMLl file in
  317. the EPUB (therefore chiefly in ../Text/##_*.xhtml).  
  318.  
  319. The main Verso footer boilerplate is as follows:
  320.  
  321. ---
  322. This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1
  323. ---
  324.  
  325. Note that the code formatting surrounding the footer watermark may vary
  326. slightly, taking on the form of either something along the lines of:
  327.  
  328. ---
  329. <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
  330. solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;" class="EPubfirstparagraph
  331. epubpagerstart">This eBook is licensed to $BuyerName, $BuyerEmail on
  332. $SaleDate1</p>
  333. ---
  334.  
  335. or:
  336.  
  337. ---
  338. <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
  339. solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is licensed to
  340. $BuyerName, $BuyerEmail on $SaleDate1</p>
  341. ---
  342.  
  343. The takeaway here being the observation that the class attribute is not always
  344. specified.  
  345.  
  346. A footer watermark additionally appears within the aforementioned WM1, namely
  347. in ../disclaimer*.xhtml, albeit matching one of the formatting variants of
  348. ../Text/##_*.xhtml:
  349.  
  350. ---
  351.  
  352. <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
  353. solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is licensed to
  354. $BuyerName, $BuyerEmail on $SaleDate1</p>
  355. ---
  356.  
  357. Finally, a footer watermark further appears in ../toc.ncx, alongside the
  358. aforementioned presence of WM1:
  359.  
  360. ---
  361. <navPoint playOrder="*" id="BooXtream"><navLabel><text>This eBook is licensed
  362. to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
  363. src="disclaimer*.xhtml"/></navPoint>
  364. ---
  365.  
  366. If one had mind to eliminate WM2, one could then simply delete the contaminant
  367. (the footer text) from all infected *.xhtml files, as well as from ../toc.ncx.  
  368.  
  369.  
  370. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  371. [WM3] -- Filename Watermarks
  372. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  373.  
  374. While BooXtream is quite forthcoming indeed about the afore-discussed overt
  375. tiers of optional watermarks, they are mysteriously vague about their covert
  376. tiers, merely coyly stating that:
  377.  
  378. "The ePub ebook files contains [sic] visible personalisation and multiple
  379. invisible watermarks in all data files, without sacrificing compatibility.
  380. BooXtream(R) uses multiple realtime protection algorithms that encodes not only
  381. information about the publisher, but also about the customer and the web shop"
  382. {10}.  
  383.  
  384. {10} <https://www.booxtream.com>.  
  385.  
  386. Not to worry.  Let's slice open this toy's belly and 'spill the beans'.  
  387.  
  388. The first 'invisible' tier of watermarking is internal filename manipulation.  
  389.  
  390. Recall that in the brief discussion of filenames in the prior overview of WM0,
  391. a wildcard placeholder (*) was used to denote parts of the filenames, with the
  392. promise that this pesky wildcard would be returned to.  That time has come.
  393. Let us now tame the wildcard.  
  394.  
  395. All internal filenames of the files within the contaminated EPUB (save for
  396. mimetype, container.xml, content.opf, and toc.ncx) are appended with a
  397. watermark suffix which follows the actual filename (but precedes the file
  398. extension), using the following format:
  399.  
  400. ---
  401. $FileName$BuyerNameCombined$BuyerEmailCombined.$FileExtension
  402. ---
  403.  
  404. Wherein $FileName is the original unmodified name of the file,
  405. $BuyerNameCombined is the name of the buyer of the ebook with all spaces
  406. removed, $BuyerEmailCombined is the email of the buyer of the ebook with
  407. special characters such as '@' or '.' removed, and $FileExtension is the
  408. extension of the file.  
  409.  
  410. For example, if the buyer's name is xxx yyy zzz and the buyer's email is
  411. aaa@bbb-ccc.nl, then Cover.xhtml becomes
  412. Coverxxxyyyzzzaaabbbccc.xhtml.  
  413.  
  414. If one had mind to eliminate WM3, one could then simply truncate the
  415. contaminants (the filename watermarks) from all infected files, as well as the
  416. various references to them.  One would do well to here remember Paigey's advice
  417. from the prior discussion of WM0 to use Sigil to streamline the renaming of
  418. both the filenames and the various corresponding references.  For instance, if
  419. renaming a font file, Sigil would assist one in automatically renaming the
  420. corresponding references to said font in the accompanying CSS file (which, in
  421. turn, would also need to be renamed, as would references to that CSS file in
  422. the rest of the EPUB).  
  423.  
  424.  
  425. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  426. [WM4] -- Timestamp Fingerprinting
  427. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  428.  
  429. A prudent watermark analyst may have observed that while $BuyerNameCombined
  430. and $BuyerEmailCombined are present in WM3, an accompanying $SaleDate1Combined
  431. variable is missing, despite $SalesDate1's presence in WM1-2, wherein it
  432. accompanied $BuyerName and $BuyerEmail.  
  433.  
  434. This is of course owing to the fact that, seeing as how the customised
  435. watermarked EPUB is generated upon the date and time of purchase (recall
  436. BooXtream's earlier revelatory bragging of utilising 'realtime' watermarking
  437. algorithms), each file's modification and creation timestamp data will thus
  438. correspond to the time that particular copy of the EPUB was purchased.  Thus,
  439. the timestamp itself effectively here functions as a covert watermark, serving
  440. to facilitate the potential fingerprinting of the content buyer (or the
  441. 'traitor', to use forensic parlance).  
  442.  
  443. For example, say the timestamp information for the files within a given EPUB
  444. is listed as 13/10/2016 07:00:05.  If the vendor checks the corresponding sale
  445. records for that ebook and notes that there was a single purchase on 13/10/2016
  446. 07:00:02, then that buyer may potentially be implicated, particularly if a
  447. pattern emerges identifying the same buyer across multiple ebook leaks.  
  448.  
  449. If the aim is to avoid being fingerprinted, it thus of the utmost importance
  450. to modify the timestamps of both the EPUB and all of the contents within
  451. (including both files and directories).  
  452.  
  453. If one had mind to eliminate WM4, one could then simply modify one's system
  454. clock to a time/date of one's choice--either earlier or later than the
  455. time/date of purchase--and then open and subsequently save the EPUB anew using
  456. the ever-handy aforementioned Sigil utility.  
  457.  
  458. While using Sigil in tandem with system clock modification is the simplest way
  459. to modify timestamps, since one is likely to be using Sigil for other related
  460. tasks anyhow, one could nonetheless alternatively use the timestomp utility
  461. found within the Metasploit framework
  462. <https://www.rapid7.com/products/metasploit/download.jsp> to alter timestamps
  463. without having to modify the system clock.  
  464.  
  465. ~~~~~~~~~~~~~~~~~
  466. Paigey the Book Pirate says: If one were keen to decrease the chances of
  467. forensic analysis being able to detect that counter-forensic timestamp
  468. tampering had occurred, one would be sure to select both reasonable dates--say,
  469. neither years before the book was even published, nor those 30 years in the
  470. future--and realistic timelines--the file modification timestamps should not be
  471. any earlier than the file creation timestamps, for instance.  
  472. ~~~~~~~~~~~~~~~~~
  473.  
  474.  
  475. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  476. [WM5] -- CSS Watermark
  477. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  478.  
  479. Aside from filename watermarking and timestamp fingerprinting, there is
  480. another potential tier of covert watermarking present in Verso BooXtream
  481. ebooks: that of a Cascading Style Sheet (CSS) watermark.  
  482.  
  483. The potential CSS watermark appears at the end of the CSS template found in
  484. ..\OEBPS\Styles\template*.css:
  485.  
  486. ---
  487. .boekstaaf { * }
  488. ---
  489.  
  490. ~~~~~~~~~~~~~~~~~
  491. Paigey the Book Pirate says: 'Boekstaaf' is a Dutch word historically meaning
  492. a stick with runes inscribed on it.  The meaning then shifted to mean 'letter'
  493. (as in a letter of an alphabet or a rune) in its noun form, and later still to
  494. something akin to 'to record' or 'to write down' in its verb form.  Thus the
  495. language choice employed by BooXtream, perhaps inadvertently, reveals the
  496. underlying theme which permeates textual watermarking: that of the book and its
  497. components, letters and all, being used to fulfil a function of recording and
  498. surveilling the reader.  The letter, therefore, is here inextricably linked to
  499. the surveillant function of a record.  How fitting then indeed it is for
  500. BooXtream to use this term to denote a potential watermark class, used to
  501. record who purchased the ebook.  
  502. ~~~~~~~~~~~~~~~~~
  503.  
  504. This custom 'boekstaaf' class contains a number of varying CSS properties
  505. (such as 'text-decoration' and 'border-top-color') in varying orders with
  506. varying values.  
  507.  
  508. For instance, a sample boekstaaf class in one copy of an ebook may appear
  509. thusly:
  510.  
  511. ---
  512. .boekstaaf { text-shadow: none; font-size: 10px; border-top-color: #323521;
  513. padding: 20px; display: none; background: #245132; color: #251660; border-
  514. bottom-color: #103032; vertical-align: super; margin: 4px;  }
  515. ---
  516.  
  517. While in another purchased version of the ebook, the boekstaaf class may
  518. instead be defined as:
  519.  
  520. ---
  521. .boekstaaf { color: #508862; border-bottom-color: #419671; display: none; font-
  522. size: 7px; border-top-color: #043252; padding: 18px; background: #340715;
  523. margin: 14px; text-decoration: overline; text-indent: 14px;  }
  524. ---
  525.  
  526. Thus the varying properties, combined with the varying order in which they are
  527. listed, and further combined with the varying values for each property may all
  528. be utilised in combination to form a unique fingerprint for each EPUB,
  529. effectively constituting a CSS watermarking scheme.  
  530.  
  531. Also notable is the fact that the custom boekstaaf class does not appear to be
  532. actually referenced anywhere in the accompanying XHTML pages (or for that
  533. matter, anywhere else in the EPUB); it exists solely at the end of the
  534. template*.css file--perhaps to minimise the likelihood that it would chance to
  535. be noticed.  The display property also appears to invariably be set to 'none',
  536. meaning that even if the class were to be invoked, the element would not be
  537. directly visible on the given page.  
  538.  
  539. If one had mind to eliminate WM5, one could then simply delete the contaminant
  540. (the boekstaaf class) from the infected template*.css file (as the class is not
  541. called anywhere in the EPUB, its deletion does not adversely affect the layout
  542. of any of the ebook pages).  
  543.  
  544.  
  545. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  546. [WM6] -- Image Metadata Watermarks
  547. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  548.  
  549. Aside from filename watermarking, timestamp fingerprinting, and CSS
  550. watermarking, our cellar scientists observed yet another tier of covert
  551. watermarking present in Verso BooXtream ebooks: that of image metadata
  552. watermarks.  
  553.  
  554. All PNG and JPG images examined within contaminated ebooks in our sample set
  555. were found to contain metadata watermarks (other image formats were not
  556. available for analysis in our sample set).  The watermarked images therefore
  557. appear predominantly in ../Images/*, though even WM0 (../Text/exlibris*.png) is
  558. watermarked.  
  559.  
  560. To view JPG and PNG metadata watermarks, the images may be opened with either
  561. a dedicated metadata viewer and editing program such as ExifTool
  562. <https://www.sno.phy.queensu.ca/~phil/exiftool/>, or a hex editor application
  563. such as wxHexEditor <https://sourceforge.net/projects/wxhexeditor/>.  
  564.  
  565. In JPG images, the watermark appears in the ImageDescription tag of the
  566. image's EXIF (Exchangeable Image File Format) metadata, and looks something
  567. like this:
  568.  
  569. ---
  570. Image Description: [18 characters]=[20-24 characters]
  571. ---
  572.  
  573. For example, a sample ImageDescription value may appear as follows:
  574.  
  575. ---
  576. Image Description: 626F6F78747265616D=6E6F77617465726D61726B73
  577. ---
  578.  
  579. As previously mentioned, PNG images also possess a metadata watermark, albeit
  580. in a different form than that of JPG images.  Specifically, in PNG images the
  581. watermark appears as TextualData in the tEXt text chunk field.  
  582.  
  583. For example, a sample tEXt chunk value may appear as follows:
  584.  
  585. ---
  586. tEXt: 626F6F78747265616D:6675636B73766572736F
  587. ---
  588.  
  589. ~~~~~~~~~~~~~~~~~
  590. Paigey the Book Pirate says: '626F6F78747265616D' is a string which just so
  591. happens to appear at the start of all image metadata watermarks in all
  592. Verso/BooXtream ebooks that were analysed as part of our sample set.  Thus,
  593. this value appears to be constant--with the second value (that following the
  594. '=' or ':') being the variable one which changes for each copy of an ebook.
  595. When '626F6F78747265616D' is converted from hexadecimal to ASCII characters, it
  596. reads 'booxtream'.  
  597. ~~~~~~~~~~~~~~~~~
  598.  
  599. If one had mind to eliminate WM6, one could then simply delete the contaminant
  600. (the image metadata watermark) from the infected *.jpg files by running the
  601. following ExifTool command, which will delete all JPG image metadata and
  602. replace the original infected files with healthy versions, like so:
  603.  
  604. ---
  605. exiftool *.jpg -all= -overwrite_original
  606. ---
  607.  
  608. As ExifTool does not readily deal with the manipulation of the here pertinent
  609. PNG metadata, our cellar scientists instead prescribe the following command
  610. line remedy to delete the corresponding contaminant from infected *.png files:
  611.  
  612. ---
  613. cat infected.png | sng | sed '/[a-z] {/,/}/d' | sng > healed.png
  614. ---
  615.  
  616. Alternatively, one could simply delete the watermark from the PNG images (as
  617. well as from the JPGs) by using a hex editor.  Yet another alternate would
  618. entail opening the PNG in an image editing application and saving it anew (this
  619. procedure should, however, not be utilised for JPG images as they are not
  620. lossless like PNGs, and as such the new JPG image would result in not just
  621. desirable metadata loss, but also in undesirable quality loss).  
  622.  
  623.  
  624. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  625. PARTING SHOTS
  626. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  627.  
  628. It's a safe bet that when the Verso and BooXtream bioterrorists, read over
  629. this communique, they--mad as a cut snake--will then attempt to obfuscate and
  630. otherwise modify their watermarking schema in vain attempts to develop tamper-
  631. resistant watermarking strains.  It then follows that the specifics outlined
  632. herein (e.g.  exact file locations and directory paths, watermark code samples,
  633. and so on) will become obsolete fairly quickly.  But that's okay, because that
  634. is precisely why this communique should not be approached as a set of discrete
  635. tactics, but instead as a particular manifestation of continuously adaptive
  636. strategies of subversion.  
  637.  
  638. Each individual ebook should be thoroughly scrutinised, not only for the
  639. various tiers of overt (ex libris image, disclaimer, footer) and covert
  640. (filename, timestamp, CSS, image metadata) watermarking outlined and examined
  641. herein, but for other potentially even more pernicious watermarking stratagems
  642. that may be deployed by an adversary (such as line, word, and character
  643. shifting, as well as other spacing-based watermarking; F5, Least Significant
  644. Bit (LSB) and other forms of image steganography; natural language
  645. watermarking; and so on...).  
  646.  
  647. In other words, even if it will lead to Verso/BooXtream changing their modi
  648. operandi, the communique will remain advantageous both due to the fact that it
  649. may still be utilised to remove watermarks from Verso/BooXtream ebooks that
  650. have already been released under these old watermarking schemas, and further
  651. that it may inspire future remedies by helping to foster transferable
  652. dissective skills which may be applied to combat any newly-deployed methods of
  653. textual oppression--effectively serving to white-ant Verso/BooXtream content
  654. distribution tyranny, irrespective of their particular future watermarking
  655. permutationss.  
  656.  
  657. In closing, when dealing with watermark identification and removal, there is
  658. always a lingering fear that something may have been missed.  Adversaries such
  659. as publishing conglomerates and peddlers of watermarking snake oil thrive on
  660. and seek to financially benefit from this fear, and thus we would like to here
  661. contrarily propose a Watermarking Quantification Theorem: the number of
  662. watermarks or watermark techniques an adversary will claim to have deployed
  663. will always be n+1, where n is the actual number of watermarks or watermark
  664. techniques present (or in a more generalised form: n+m, where m is any
  665. fictional addendum to the actual number of existent watermarks or watermark
  666. techniques).  Which is to say that it would of course be advantageous for
  667. BooXtream to claim there are not seven, but eight or even more watermarks
  668. present in their schema so as to instil fear, uncertainty, and doubt and
  669. therefore, in their venomous eyes, to ideally stymie the distribution of a
  670. given text.  
  671.  
  672. One can soothe one's fear of this fiction by comparing multiple copies of an
  673. ebook against each other, rooting out each watermarked discrepancy one by one
  674. until all copies are identical and one is certain that there are no longer any
  675. remaining differences.  Alternatively, or perhaps better still in tandem, one
  676. could always be sure to purchase ebooks with funds and from locations which
  677. cannot readily be linked to one's identity.  Wouldn't it be a hoot if one were
  678. to, for instance, utilise the payment credentials belonging to a watermarking
  679. firm when making watermarked ebook purchases?  ;)
  680.  
  681.  
  682. Finally, our lab is always on the look out for fresh cadavers to reanimate.
  683. Send contaminated samples for analysis to our cellar scientists at:
  684. ibi@sigaint.org.  Patient confidentiality guaranteed.  
  685.  
  686. ---disseminate widely---
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top