Chasing Your Tale14 July 2003 In the beginning, there was Microsoft Reader 1.51. This version of Microsoft Reader was the first for PCs, and it supported several levels of security. Freely available tools allowed the public to create their own DRM2 files, also called "sealed" .lit files. These were encrypted and compressed, but not encrypted to any particular key. Any copy of Microsoft Reader could read them. Some commercial publishers used DRM3, or "inscribed" .lit files. These worked similarly to Palm Digital Media's DRM in that any copy of Microsoft Reader could read them, but they'd be identified with the purchaser's name. "From the library of Jeff Kirvin," for example. While there were no measures in place to actually prevent anyone from uploading these to the net, there was tremendous social pressures not to do so. Why pirate something if the publisher can prove you're the pirate? Alas, DRM3 wasn't enough for most commercial publishers. Nearly all the Microsoft Reader format books sold were encrypted with DRM52. This is "reader specific" DRM, where the book is encrypted not to a particular user, but to a Microsoft Passport account that can only be activated on a limited number of devices. In order to read a DRM5 book, you had to buy the book, get a Passport account (if you didn't already have one) and then "activate" your computer or Pocket PC. This process was usually painless, but over time it became a severe hassle for folks that reformat their hard drives (to clear out all the junk Windows inevitably accumlulates) or switched PDAs (because, well, we're geeks). And of course, as is the case with all Microsoft Reader ebooks, the books could not be read without Microsoft Reader. No reading on Palms, Macs or Linux systems. Windows only, please. This somewhat reduced the incentive to buy books in Microsoft Reader format. Bad enough you can only read them on Windows systems, but the idea that in essence you had to get Microsoft's permission to read books you'd purchased with your own money... This was a serious issue. In a real sense books purchased in Microsoft Reader format weren't purchased at all, they were leased, and leased with unspecific terms, at that. Then a programmer out there somewhere3 created a program -- an open-source program, natch -- called Convert LIT. This is a text-mode, command line driven program that decompiles .lit ebooks into the component HTML files and graphics that actually make them up. It works wonderfully on DRM2 ebooks, and can even add the inscriptions to them, making them DRM3 ebooks. But what really got the ebook world hopping was that it could even decompile DRM5 ebooks if a copy of Microsoft Reader properly activated to read the ebooks resided on the same machine. Convert LIT version 1.2 made Microsoft's ebook encryption obsolete. Of course, here in the US of Type A, Convert LIT is blatantly illegal. It's about as in-your-face a violation of the Digital Millennium Copyright Act (DMCA) as you can have. But because the website that hosts it is not in the United States, there's little Microsoft can do about it. Well, directly, anyway. What Microsoft did was release a new version of Microsoft Reader for both PCs and Pocket PCs that patched the holes Convert LIT exploited. Users of the new version of Microsoft Reader would be unable to decompile .lit ebooks. Unfortunately, that was pretty much the only new feature in the new version, and no one really fell over themselves getting to Microsoft's web site to download the upgrade. When in doubt, bribe. Microsoft recently unveiled a new initiative to get people back into the DRM5 fold. All summer long, you can go to Microsoft's website and download current bestsellers in Microsoft Reader format absolutely free. Well, free with one catch. To read them, you have to upgrade to the new version of Microsoft Reader. At first, this seemed like a good idea on Microsoft's part. Get people to upgrade by offering them something of value, and in return, the publishers are assured the Microsoft's format is safe. And it worked, for most people. I refused to upgrade since the ability to read ebooks I've purchased on my Palm4 is more important to me than getting some free ebooks. That all changed recently with the release of something that throws into the harsh light of day exactly how stupid this whole thing is. Convert LIT 1.4, a new version -- still open source -- that decompiles the new encryption. Just like that, less than a week after Microsoft started their "free ebooks if you upgrade" program, the whole dumb thing is moot. DRM5 is just as breakable now as it was six months ago. I should note at this point that Convert LIT isn't meant to enable ebook cracking. In order for it to work, you have to have a legitimately purchased copy of the .lit file activated on your computer. Convert LIT is useless for books you didn't pay for. It is meant to allow you to "format shift" books you've bought so you don't have to read them in Microsoft Reader. Let's face it, even Microsoft isn't going to last forever, and thus when you buy a book in Microsoft Reader format, you should be able to archive it as HTML, which has a much better chance of being readable in twenty years than encrypted .lit. So where do we go from here? Does this digital arms race continue or will publishers finally admit that DRM in general is a bad idea and quit demanding that Microsoft use it? It's worth noting that the publishers that are pirated the least (Palm Digital Media, Fictionwise and Baen) are also those that tend towards the least restrictive DRM. Many books on Baen and Fictionwise aren't encrypted at all, and they still sell just fine. Representatives at Microsoft have told me several times that DRM5 isn't their call, it's the call of the publishers. Microsoft makes the tools, the publishers decide how to use them and how restrictive they want to be. Basically, if the publishers weren't paranoid about piracy, Convert LIT wouldn't be an issue and upgrading Microsoft Reader wouldn't have been necessary. I'd also like to point out that the fifth Harry Potter book appeared online mere hours after being released in hardcover. This scanned and proofed digital edition was the result of hundreds of Potter fans scanning a few pages each and putting them together into one file. To me, this speaks to a great demand for Harry Potter ebooks. But the biggest reason given for why the Potter books haven't been available in ebook editions: piracy5. If you don't make a legitimate ebook edition available, don't whine when the pirate community does it for you. "Pirates" have even taken it upon themselves to translate the fifth Potter book into other languages, rather than wait for local publishers with the rights to the book to do it sometime next year. In the end, what you can do with a book should be the same whether you purchased the electronic or paper versions. Given that most books are manipulated electronically during the publishing process anyway, there's no reason why every book published couldn't also be made available as an ebook. Publishers need to accept that chasing perfect digitial security is a fool's errand and get on with the business of selling books. Jeff Kirvin
Jeff Kirvin is available for consulting on mobile technology. Email me today! 1Well, there was 1.0 on the early Pocket PCs, but it didn't support DRM, so we'll just pretend it didn't exist. 2DRM4 was never actually released. It was password protected and ultimately deemed too insecure and just downright lame for actual use. 3I've heard he's British, but no one seems to know for sure. 4Or in Linux, should I decide to take the Penguin Plunge. 5Well, that and the mammoth advance Rowling wanted for ebook publication. For future reference, it goes horse, then cart... |