followup on eMatter screen-capture security
after being forwarded my earlier SI missive publicizing how encryption is not the weak link for ematter security:
Message 11680675
fatbrain did kindly reply to exposure of the gaffe
with (paraphrasing) "we're working on it".
further research reveals that there is a company (Archimedia, formerly cSafe) proffering a product (Clever Content, nee PixSafe) dedicated to defeating screen-capture. aimed largely at the stock photo industry, the PR at website www.csafe.com, discusses its founding in israel by an attorney/engineer duo, how the technology is patent-protected, etc.
they offer a demo (for win95/98/NT) which appears to
disable printing and saving images from a browser.
indeed the plug-in undermines the SnagIt shareware used to
show the eMatter weakness, replacing captured .jpg/.gif with choice flotsam overwritten in screen memory.
alas, this venture-capital backed technology is also
flawed! with just a few more keystrokes and use of common software, its raison-d'etre is rendered useless. methinks that one should be very wary of content rights management code which isn't solidly integrated into the operating system proper.
this is not to say that fatbrain doesn't have a viable business model as a great watering hole for content distribution. they are upfront about security caveats, at least, with a healthy attitude toward misguided security-by-obscurity.
as seen with the DVD CSS snafu, simple techniques can subvert powerful-seeming systems. it seems that no matter what the encryption, if imagery can get to a screen it can get to a file. |
