Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---disseminate widely---
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Institute for Biblio-Immunology -- First Communique:
- Identifying and Removing Verso/BooXtream 'Social DRM' EPUB eBook Watermarks
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- FOR IMMEDIATE RELEASE.
- IN THAT, WE DEMAND THE IMMEDIATE RELEASE OF OUR SHACKLED COMRADES, WATERMARKED
- EBOOKS OF THE WORLD.
- Welcome.
- The Institute for Biblio-Immunology specialises in textual pathogen
- identification and antigen synthesis. Several vials of in vivo samples
- suffering from a "social DRM" watermarking infection were recently brought to
- the attention of our cellar scientists. In this, our inaugural communique, we
- will explore our dissection of said samples and offer an initial expatiation
- regarding the contaminant undesirables discovered therein, as well as offer
- preliminary guidance for a successful course of treatment.
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- BACKGROUND
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Prudence tells us that the only time books should be used as weapons of terror
- is if they are thrown, gleefully aflame, through a publishing conglomerate's
- window. Instead, we find that the publishing company Verso Books {0} is using
- books to facilitate the surveillance of readers. By embedding uniquely-
- identifiable personal information in individual copies of ebooks, Verso (and
- the company they are relying on for the actual watermarking, BooXtream) are
- turning vectors for cultural transmission into, effectively, tracking beacons
- designed to identify who is sharing said ebooks, so as to then neutralise said
- ostensibly undesirable (by Verso) knowledge transmission paths. This will not
- stand.
- {0} Verso Books "is the largest independent, radical publishing house in the
- English-speaking world" <https://www.versobooks.com/pg/about-verso>. On that
- same 'About Verso' page, Managing Director Jacob Stevens says that Verso Books
- has "a strong list and radical commitment", though what this means is not
- actually explained here. Not to worry. Stevens explains perfectly well what
- Verso means by "radical" in an interview with the trade publication The
- Bookseller; wherein, commenting on Verso's venture into the ebook retail space,
- he states that "Verso has found a new, radical way of selling books"
- <https://www.thebookseller.com/news/e-bookprint-bundling-venture-verso>.
- Radical selling. Fuck yeah.
- But why pick Verso to talk about in the first place? We can briefly summarise
- the specific chain of events which brought us to this point, reductively, as
- follows:
- I --> Verso shits out an ebook release of The Boy Who Could Change the World:
- The Writings of Aaron Swartz (in February 2016) {1}.
- {1} <https://www.versobooks.com/books/2077-the-boy-who-could-change-the-
- world>.
- II --> This Verso ebook release possesses WATERMARKS {2}.
- {2} "Ebooks from the Verso website are watermarked and DRM-free, and will work
- on any of your devices--but they can't be uploaded to websites or file-sharing
- networks" <https://www.versobooks.com/pg/verso-ebooks>.
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: Verso is straight-up LYING here. The ebooks CAN
- be uploaded to websites or file-sharing networks. Very easily, in fact. Proof
- of concept: go to a website or file-sharing network and upload it (but WAIT--
- remove watermark first, of course!).
- ~~~~~~~~~~~~~~~~~
- III --> Sean B. Palmer ("virtual executor" {3} of Aaron Swartz) says he will
- ask the publishers to remove the watermarking (on 13 April 2016) {4}.
- {3} "I designate Sean B. Palmer as my virtual executor"
- <https://web.archive.org/web/20031217220719/http://www.aaronsw.com/2002/continui
- ty>.
- {4} "I will ask the publishers on your behalf to remove the watermarking from
- the Verso ebook version" <https://punctumbooks.com/blog/the-boy-who-couldnt-
- change-the-world/#comment-129709>.
- IV--> Regardless, Verso says they will not remove the watermarks (on 22 April
- 2016) {5}.
- {5} "We have just been informed by a highly reliable party who wishes to
- remain anonymous that Verso Books has indicated (to this party, via The New
- Press) that they will NOT remove the watermark from their e-book edition of
- Aaron Swartz's posthumously-published collected writings because they believe
- it will impede their ability to 'recoup' their distribution costs"
- <https://www.facebook.com/punctumbooks/posts/1006302089407594>.
- NOT OK.
- V--> Verso FUCKS you with watermarks, so we will FUCKS Verso now (on 20 June
- 2016).
- Blood for blood.
- And by the gallon.
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- WATERMARK SCAVENGER HUNT
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Now we will expose the functionality of Verso and BooXtream (Verso's watermark
- provider) watermarks.
- OK! :)
- EPUB have many file inside. Many file give many opportunity for THE SNEAKY-
- SNEAKY to add watermark.
- BUT IT'S OKAY --> we can be THE SNEAKY-SNEAKY too.
- Verso uses a watermarking schema provided by BooXtream {6}.
- {6} "Verso ebooks are free of Digital Rights Management (DRM-free), but are
- subject to the terms of this license. You own the file once you've downloaded
- it, and you can use it on any of your devices in perpetuity. It has visible and
- invisible watermarks, applied by Booxtream, which contain your name and email
- address. You are prohibited from uploading Verso ebooks to any website or file-
- sharing network, or in any other way making them available for distribution,
- sharing, copying, downloading, or reselling"
- <https://www.versobooks.com/pg/terms-and-conditions>.
- There are, at least, seven different varieties of watermarks injected into a
- given ebook EPUB payload by BooXtream to be found in Verso ebooks:
- WM0-2 are overt (readily visible) watermarks and are optional (meaning they
- may not necessarily be present):
- [WM0] -- Ex Libris Image Watermark
- [WM1] -- Disclaimer Page Watermark
- [WM2] -- Footer Watermarks
- WM3-6 are covert (not readily visible) watermarks and are always present:
- [WM3] -- Filename Watermarks
- [WM4] -- Timestamp Fingerprinting
- [WM5] -- CSS Watermark
- [WM6] -- Image Metadata Watermarks
- Let's now go through each one to expose it and see how it works and, in turn,
- how it may be prevented from working.
- OK! :)
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM0] -- Ex Libris Image Watermark
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- The ex libris image watermark is optional {7}; however, Verso ebooks appear to
- employ it.
- {7} "With every order fulfilment, BooXtream(R) needs the customer name,
- customer email address and an order-id (supplied by the shop). BooXtream(R)
- encodes this as a series of redundant digital watermarks and also adds visible,
- personalised information for the end user into the ePub file. All visible and
- personalised information is optional and can be customised:
- "- Page 2 contains an Ex Libris (image with customer name), that can be
- customised per publisher and per customer" <https://www.booxtream.com>.
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: Keeping in mind that the tiers of overt
- watermarks (WM0-2) are all optional, even if a given ebook doesn't appear to
- have them, it would of course still nonetheless be a sign of utmost prudence
- for one to check for the presence of the covert watermark tiers (WM3-6). In
- other words, just because an ebook may not have the initial set of overt
- watermarks, this should not be taken to mean it does not necessarily have any
- of the subsequent covert watermarks.
- ~~~~~~~~~~~~~~~~~
- The ex libris watermark is an image file, albeit one found not in ../Images/,
- where one would expect, but rather in ../Text/exlibris*.png.
- The ex libris watermark image here consists of the Verso 'V' logo, with the
- buyer name and email superimposed over the logo as part of the customised
- image.
- Said ex libris watermark image is called from ../Text/Cover*.xhtml:
- ---
- <p class="exlibris" style="text-align:center"><img src="exlibris*.png" alt="Ex
- Libris"/></p>
- ---
- Said image is also referenced in ../content.opf:
- ---
- <item id="exlibris" href="Text/exlibris*.png" media-type="image/png"/>
- ---
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: When changing filenames and/or moving/deleting
- files, always be sure to change all corresponding references to them as well,
- as otherwise not only will links not work, but the anonymity you so desperately
- seek will be compromised! I hear Sigil <https://sigil-ebook.com> is a good
- tool for this which changes references automatically for you when you change
- filenames!
- ~~~~~~~~~~~~~~~~~
- We'll come back to that pesky wildcard placeholder (*) in the discussion of
- WM3, but for now it would behove one to simply listen to Paigey.
- If one had mind to eliminate WM0, one could then simply delete the contaminant
- (exlibris*.png) and remove the aforementioned references to it from
- Cover*.xhtml and content.opf.
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM1] -- Disclaimer Page Watermark
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- The disclaimer page watermark is optional {8}; however, Verso ebooks appear to
- employ it.
- {8} "With every order fulfilment, BooXtream(R) needs the customer name,
- customer email address and an order-id (supplied by the shop). BooXtream(R)
- encodes this as a series of redundant digital watermarks and also adds visible,
- personalised information for the end user into the ePub file. All visible and
- personalised information is optional and can be customised:
- "[...]
- "- The last page contains a disclaimer and logo, and has a corresponding entry
- in the table of contents" <https://www.booxtream.com>.
- The disclaimer page watermark is an XHTML file, albeit one found not in
- ../Text/, where one would expect, but rather in ../disclaimer*.xhtml.
- The Verso disclaimer boilerplate is as follows:
- ---
- Verso ebook license
- This ebook was sold to $BuyerName, $BuyerEmail on $SaleDate0.
- Verso ebooks are free of Digital Rights Management (DRM-free) but are subject
- to the terms of this license. You own this file once you've downloaded it, and
- you can use it on any of your devices. It has visible and invisible
- watermarks, applied by Booxtream, which contain your name and email address.
- You are prohibited from uploading Verso ebooks to any website or file-sharing
- network, or in any other way making them available for distribution, sharing,
- copying, downloading, or reselling. Royalties from every sale will be paid to
- the author: if you're reading someone else's copy, then please buy your own
- license from Verso Books.
- This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1
- ---
- Wherein $BuyerName is the name of the buyer of the ebook; $BuyerEmail is the
- email of the buyer of the ebook; $SaleDate0 is the date of purchase--or more
- accurately, the specific date the purchased copy of the ebook was generated,
- which will typically also be the date of purchase--in the format DD/MM/YYYY
- (numerical values for Day/Month/Year); $SaleDate1 is likewise the date of
- purchase, albeit in the format MM/DD/YYYY.
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: Notice that $SaleDate0 is only utilised in the
- header of disclaimer*.xhtml; whenever the sale date watermark appears
- elsewhere, it always follows the format of $SaleDate1.
- ~~~~~~~~~~~~~~~~~
- Said disclaimer page watermark is in turn called from ../toc.ncx:
- ---
- <navPoint playOrder="#" id="BooXtream"><navLabel><text>This eBook is licensed
- to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
- src="disclaimer*.xhtml"/></navPoint>
- ---
- And is further referenced twice in ../content.opf, as:
- ---
- <item id="BooXtream" href="disclaimer*.xhtml" media-
- type="application/xhtml+xml"/>
- ---
- and again as:
- ---
- <itemref idref="BooXtream"/>
- ---
- If one had mind to eliminate WM1, one could then simply delete the contaminant
- (disclaimer*.xhtml) and remove the aforementioned references to it from toc.nx
- and content.opf.
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM2] -- Footer Watermarks
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- The footer watermarks are optional {9}; however, Verso ebooks appear to employ
- them.
- {9} "With every order fulfilment, BooXtream(R) needs the customer name,
- customer email address and an order-id (supplied by the shop). BooXtream(R)
- encodes this as a series of redundant digital watermarks and also adds visible,
- personalised information for the end user into the ePub file. All visible and
- personalised information is optional and can be customised:
- "[...]
- "- Every chapter ends with a personalised footer text"
- <https://www.booxtream.com>.
- The textual footer page watermarks appear at the end of every XHTMLl file in
- the EPUB (therefore chiefly in ../Text/##_*.xhtml).
- The main Verso footer boilerplate is as follows:
- ---
- This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1
- ---
- Note that the code formatting surrounding the footer watermark may vary
- slightly, taking on the form of either something along the lines of:
- ---
- <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
- solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;" class="EPubfirstparagraph
- epubpagerstart">This eBook is licensed to $BuyerName, $BuyerEmail on
- $SaleDate1</p>
- ---
- or:
- ---
- <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
- solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is licensed to
- $BuyerName, $BuyerEmail on $SaleDate1</p>
- ---
- The takeaway here being the observation that the class attribute is not always
- specified.
- A footer watermark additionally appears within the aforementioned WM1, namely
- in ../disclaimer*.xhtml, albeit matching one of the formatting variants of
- ../Text/##_*.xhtml:
- ---
- <p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
- solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is licensed to
- $BuyerName, $BuyerEmail on $SaleDate1</p>
- ---
- Finally, a footer watermark further appears in ../toc.ncx, alongside the
- aforementioned presence of WM1:
- ---
- <navPoint playOrder="*" id="BooXtream"><navLabel><text>This eBook is licensed
- to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
- src="disclaimer*.xhtml"/></navPoint>
- ---
- If one had mind to eliminate WM2, one could then simply delete the contaminant
- (the footer text) from all infected *.xhtml files, as well as from ../toc.ncx.
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM3] -- Filename Watermarks
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- While BooXtream is quite forthcoming indeed about the afore-discussed overt
- tiers of optional watermarks, they are mysteriously vague about their covert
- tiers, merely coyly stating that:
- "The ePub ebook files contains [sic] visible personalisation and multiple
- invisible watermarks in all data files, without sacrificing compatibility.
- BooXtream(R) uses multiple realtime protection algorithms that encodes not only
- information about the publisher, but also about the customer and the web shop"
- {10}.
- {10} <https://www.booxtream.com>.
- Not to worry. Let's slice open this toy's belly and 'spill the beans'.
- The first 'invisible' tier of watermarking is internal filename manipulation.
- Recall that in the brief discussion of filenames in the prior overview of WM0,
- a wildcard placeholder (*) was used to denote parts of the filenames, with the
- promise that this pesky wildcard would be returned to. That time has come.
- Let us now tame the wildcard.
- All internal filenames of the files within the contaminated EPUB (save for
- mimetype, container.xml, content.opf, and toc.ncx) are appended with a
- watermark suffix which follows the actual filename (but precedes the file
- extension), using the following format:
- ---
- $FileName$BuyerNameCombined$BuyerEmailCombined.$FileExtension
- ---
- Wherein $FileName is the original unmodified name of the file,
- $BuyerNameCombined is the name of the buyer of the ebook with all spaces
- removed, $BuyerEmailCombined is the email of the buyer of the ebook with
- special characters such as '@' or '.' removed, and $FileExtension is the
- extension of the file.
- For example, if the buyer's name is xxx yyy zzz and the buyer's email is
- aaa@bbb-ccc.nl, then Cover.xhtml becomes
- Coverxxxyyyzzzaaabbbccc.xhtml.
- If one had mind to eliminate WM3, one could then simply truncate the
- contaminants (the filename watermarks) from all infected files, as well as the
- various references to them. One would do well to here remember Paigey's advice
- from the prior discussion of WM0 to use Sigil to streamline the renaming of
- both the filenames and the various corresponding references. For instance, if
- renaming a font file, Sigil would assist one in automatically renaming the
- corresponding references to said font in the accompanying CSS file (which, in
- turn, would also need to be renamed, as would references to that CSS file in
- the rest of the EPUB).
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM4] -- Timestamp Fingerprinting
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- A prudent watermark analyst may have observed that while $BuyerNameCombined
- and $BuyerEmailCombined are present in WM3, an accompanying $SaleDate1Combined
- variable is missing, despite $SalesDate1's presence in WM1-2, wherein it
- accompanied $BuyerName and $BuyerEmail.
- This is of course owing to the fact that, seeing as how the customised
- watermarked EPUB is generated upon the date and time of purchase (recall
- BooXtream's earlier revelatory bragging of utilising 'realtime' watermarking
- algorithms), each file's modification and creation timestamp data will thus
- correspond to the time that particular copy of the EPUB was purchased. Thus,
- the timestamp itself effectively here functions as a covert watermark, serving
- to facilitate the potential fingerprinting of the content buyer (or the
- 'traitor', to use forensic parlance).
- For example, say the timestamp information for the files within a given EPUB
- is listed as 13/10/2016 07:00:05. If the vendor checks the corresponding sale
- records for that ebook and notes that there was a single purchase on 13/10/2016
- 07:00:02, then that buyer may potentially be implicated, particularly if a
- pattern emerges identifying the same buyer across multiple ebook leaks.
- If the aim is to avoid being fingerprinted, it thus of the utmost importance
- to modify the timestamps of both the EPUB and all of the contents within
- (including both files and directories).
- If one had mind to eliminate WM4, one could then simply modify one's system
- clock to a time/date of one's choice--either earlier or later than the
- time/date of purchase--and then open and subsequently save the EPUB anew using
- the ever-handy aforementioned Sigil utility.
- While using Sigil in tandem with system clock modification is the simplest way
- to modify timestamps, since one is likely to be using Sigil for other related
- tasks anyhow, one could nonetheless alternatively use the timestomp utility
- found within the Metasploit framework
- <https://www.rapid7.com/products/metasploit/download.jsp> to alter timestamps
- without having to modify the system clock.
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: If one were keen to decrease the chances of
- forensic analysis being able to detect that counter-forensic timestamp
- tampering had occurred, one would be sure to select both reasonable dates--say,
- neither years before the book was even published, nor those 30 years in the
- future--and realistic timelines--the file modification timestamps should not be
- any earlier than the file creation timestamps, for instance.
- ~~~~~~~~~~~~~~~~~
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM5] -- CSS Watermark
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Aside from filename watermarking and timestamp fingerprinting, there is
- another potential tier of covert watermarking present in Verso BooXtream
- ebooks: that of a Cascading Style Sheet (CSS) watermark.
- The potential CSS watermark appears at the end of the CSS template found in
- ..\OEBPS\Styles\template*.css:
- ---
- .boekstaaf { * }
- ---
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: 'Boekstaaf' is a Dutch word historically meaning
- a stick with runes inscribed on it. The meaning then shifted to mean 'letter'
- (as in a letter of an alphabet or a rune) in its noun form, and later still to
- something akin to 'to record' or 'to write down' in its verb form. Thus the
- language choice employed by BooXtream, perhaps inadvertently, reveals the
- underlying theme which permeates textual watermarking: that of the book and its
- components, letters and all, being used to fulfil a function of recording and
- surveilling the reader. The letter, therefore, is here inextricably linked to
- the surveillant function of a record. How fitting then indeed it is for
- BooXtream to use this term to denote a potential watermark class, used to
- record who purchased the ebook.
- ~~~~~~~~~~~~~~~~~
- This custom 'boekstaaf' class contains a number of varying CSS properties
- (such as 'text-decoration' and 'border-top-color') in varying orders with
- varying values.
- For instance, a sample boekstaaf class in one copy of an ebook may appear
- thusly:
- ---
- .boekstaaf { text-shadow: none; font-size: 10px; border-top-color: #323521;
- padding: 20px; display: none; background: #245132; color: #251660; border-
- bottom-color: #103032; vertical-align: super; margin: 4px; }
- ---
- While in another purchased version of the ebook, the boekstaaf class may
- instead be defined as:
- ---
- .boekstaaf { color: #508862; border-bottom-color: #419671; display: none; font-
- size: 7px; border-top-color: #043252; padding: 18px; background: #340715;
- margin: 14px; text-decoration: overline; text-indent: 14px; }
- ---
- Thus the varying properties, combined with the varying order in which they are
- listed, and further combined with the varying values for each property may all
- be utilised in combination to form a unique fingerprint for each EPUB,
- effectively constituting a CSS watermarking scheme.
- Also notable is the fact that the custom boekstaaf class does not appear to be
- actually referenced anywhere in the accompanying XHTML pages (or for that
- matter, anywhere else in the EPUB); it exists solely at the end of the
- template*.css file--perhaps to minimise the likelihood that it would chance to
- be noticed. The display property also appears to invariably be set to 'none',
- meaning that even if the class were to be invoked, the element would not be
- directly visible on the given page.
- If one had mind to eliminate WM5, one could then simply delete the contaminant
- (the boekstaaf class) from the infected template*.css file (as the class is not
- called anywhere in the EPUB, its deletion does not adversely affect the layout
- of any of the ebook pages).
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- [WM6] -- Image Metadata Watermarks
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Aside from filename watermarking, timestamp fingerprinting, and CSS
- watermarking, our cellar scientists observed yet another tier of covert
- watermarking present in Verso BooXtream ebooks: that of image metadata
- watermarks.
- All PNG and JPG images examined within contaminated ebooks in our sample set
- were found to contain metadata watermarks (other image formats were not
- available for analysis in our sample set). The watermarked images therefore
- appear predominantly in ../Images/*, though even WM0 (../Text/exlibris*.png) is
- watermarked.
- To view JPG and PNG metadata watermarks, the images may be opened with either
- a dedicated metadata viewer and editing program such as ExifTool
- <https://www.sno.phy.queensu.ca/~phil/exiftool/>, or a hex editor application
- such as wxHexEditor <https://sourceforge.net/projects/wxhexeditor/>.
- In JPG images, the watermark appears in the ImageDescription tag of the
- image's EXIF (Exchangeable Image File Format) metadata, and looks something
- like this:
- ---
- Image Description: [18 characters]=[20-24 characters]
- ---
- For example, a sample ImageDescription value may appear as follows:
- ---
- Image Description: 626F6F78747265616D=6E6F77617465726D61726B73
- ---
- As previously mentioned, PNG images also possess a metadata watermark, albeit
- in a different form than that of JPG images. Specifically, in PNG images the
- watermark appears as TextualData in the tEXt text chunk field.
- For example, a sample tEXt chunk value may appear as follows:
- ---
- tEXt: 626F6F78747265616D:6675636B73766572736F
- ---
- ~~~~~~~~~~~~~~~~~
- Paigey the Book Pirate says: '626F6F78747265616D' is a string which just so
- happens to appear at the start of all image metadata watermarks in all
- Verso/BooXtream ebooks that were analysed as part of our sample set. Thus,
- this value appears to be constant--with the second value (that following the
- '=' or ':') being the variable one which changes for each copy of an ebook.
- When '626F6F78747265616D' is converted from hexadecimal to ASCII characters, it
- reads 'booxtream'.
- ~~~~~~~~~~~~~~~~~
- If one had mind to eliminate WM6, one could then simply delete the contaminant
- (the image metadata watermark) from the infected *.jpg files by running the
- following ExifTool command, which will delete all JPG image metadata and
- replace the original infected files with healthy versions, like so:
- ---
- exiftool *.jpg -all= -overwrite_original
- ---
- As ExifTool does not readily deal with the manipulation of the here pertinent
- PNG metadata, our cellar scientists instead prescribe the following command
- line remedy to delete the corresponding contaminant from infected *.png files:
- ---
- cat infected.png | sng | sed '/[a-z] {/,/}/d' | sng > healed.png
- ---
- Alternatively, one could simply delete the watermark from the PNG images (as
- well as from the JPGs) by using a hex editor. Yet another alternate would
- entail opening the PNG in an image editing application and saving it anew (this
- procedure should, however, not be utilised for JPG images as they are not
- lossless like PNGs, and as such the new JPG image would result in not just
- desirable metadata loss, but also in undesirable quality loss).
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- PARTING SHOTS
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- It's a safe bet that when the Verso and BooXtream bioterrorists, read over
- this communique, they--mad as a cut snake--will then attempt to obfuscate and
- otherwise modify their watermarking schema in vain attempts to develop tamper-
- resistant watermarking strains. It then follows that the specifics outlined
- herein (e.g. exact file locations and directory paths, watermark code samples,
- and so on) will become obsolete fairly quickly. But that's okay, because that
- is precisely why this communique should not be approached as a set of discrete
- tactics, but instead as a particular manifestation of continuously adaptive
- strategies of subversion.
- Each individual ebook should be thoroughly scrutinised, not only for the
- various tiers of overt (ex libris image, disclaimer, footer) and covert
- (filename, timestamp, CSS, image metadata) watermarking outlined and examined
- herein, but for other potentially even more pernicious watermarking stratagems
- that may be deployed by an adversary (such as line, word, and character
- shifting, as well as other spacing-based watermarking; F5, Least Significant
- Bit (LSB) and other forms of image steganography; natural language
- watermarking; and so on...).
- In other words, even if it will lead to Verso/BooXtream changing their modi
- operandi, the communique will remain advantageous both due to the fact that it
- may still be utilised to remove watermarks from Verso/BooXtream ebooks that
- have already been released under these old watermarking schemas, and further
- that it may inspire future remedies by helping to foster transferable
- dissective skills which may be applied to combat any newly-deployed methods of
- textual oppression--effectively serving to white-ant Verso/BooXtream content
- distribution tyranny, irrespective of their particular future watermarking
- permutationss.
- In closing, when dealing with watermark identification and removal, there is
- always a lingering fear that something may have been missed. Adversaries such
- as publishing conglomerates and peddlers of watermarking snake oil thrive on
- and seek to financially benefit from this fear, and thus we would like to here
- contrarily propose a Watermarking Quantification Theorem: the number of
- watermarks or watermark techniques an adversary will claim to have deployed
- will always be n+1, where n is the actual number of watermarks or watermark
- techniques present (or in a more generalised form: n+m, where m is any
- fictional addendum to the actual number of existent watermarks or watermark
- techniques). Which is to say that it would of course be advantageous for
- BooXtream to claim there are not seven, but eight or even more watermarks
- present in their schema so as to instil fear, uncertainty, and doubt and
- therefore, in their venomous eyes, to ideally stymie the distribution of a
- given text.
- One can soothe one's fear of this fiction by comparing multiple copies of an
- ebook against each other, rooting out each watermarked discrepancy one by one
- until all copies are identical and one is certain that there are no longer any
- remaining differences. Alternatively, or perhaps better still in tandem, one
- could always be sure to purchase ebooks with funds and from locations which
- cannot readily be linked to one's identity. Wouldn't it be a hoot if one were
- to, for instance, utilise the payment credentials belonging to a watermarking
- firm when making watermarked ebook purchases? ;)
- Finally, our lab is always on the look out for fresh cadavers to reanimate.
- Send contaminated samples for analysis to our cellar scientists at:
- ibi@sigaint.org. Patient confidentiality guaranteed.
- ---disseminate widely---
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement