Removing DRM From Aaron Swartz’s eBook

After his death, Aaron Swartz became one of the Internet’s most famous defenders of the free exchange of information, one of the most polarizing figures on the topic of intellectual property, and the most famous person that still held on to the ideals the Internet was founded on. Aaron was against DRM, fought for the users, and encouraged open access to information.

Early this year, Verso Books published the collected writings of Aaron Swartz. This eBook, according to Verso, contains ‘social DRM’, a watermarking technology that Verso estimates will, “contribute £200,000 to the publisher’s revenue in its first year.” This watermarking technology embeds uniquely identifiable personal information into individual copies of eBooks.

With a heavy sigh, you realize you do not live in the best of all possible worlds.

The Institute for Biblio-Immunology had a similar reaction to Verso Books’ watermarking technology applied to the collected writings of Aaron Swartz. In a communique released late last weekend, they cracked this watermarking scheme and released the code to remove this ‘social DRM’ from ePub files.

The watermarking technology in Aaron Swartz’s eBook comes courtesy of BooXtream, a security solution where every eBook sold is unique using advanced watermarking and personalization features. “A publication that has been BooXtreamed can be traced back to the shop and even the individual customer,” the BooXtream website claims, and stands in complete opposition to all of Aaron Swartz’s beliefs.

After analyzing several digital copies of Aaron Swartz’s eBook, the Institute for Biblio-Immunology is confident they have a tool that removes BooXtrem’s watermarks in EPUB eBooks. Several watermarks were found, including the very visible – Ex Libris images, disclaimer page watermarks, and footer watermarks – and the very hidden, including image metadata, filename watermarks, and timestamp fingerprints.

While the Institute believes this tool can be used to de-BooXtream all currently available ‘social DRM’ed’ eBooks, they do expect the watermarking techniques will be quickly modified. This communique from the Institute of Biblio-Immunology merely provides the background of what BooXtream does, not the prescription for the disease of ‘social DRM’. These techniques can be applied to further social DRM’ed eBooks, which, we think, is what Aaron would have done.

Turning A Page With Your Voice

[Justin]’s friend [Steve] injured his spine a while ago, and after asking what would make [Steve]’s life simpler, the answer was easy. [Steve] missed reading books. Sure, e-readers exist, but you still need to turn the page. Now [Steve] can do that with his voice thanks to some microcontrollers, Bluetooth modules, and a voice recognition module.

A voice-activated page turner wasn’t the first attempt at giving [Steve] the ability to turn a page on a Kindle. The first prototype was a big blue button that sent a keyboard code for ‘right arrow’ over Bluetooth, turning a book one page at a time. This worked well until multiple pages turned, and with no back button it was a major nuisance.

After playing with the voice recognition in an Amazon Echo, [Steve] and [Justin] wondered if the same voice recognition technology could be applied to page turns on a Kindle. With a voice recognition Arduino shield from SparkFun it was easy to detect a ‘page down’ command. A Bluetooth module sends HID commands to a Kindle, allowing [Steve] to read a book with only his voice.

[Justin] put all the design files for this build up on Github.

Unlock Your Demo Kindle Paperwhite

If you’ve been holding off on upgrading your kindle, this project might inspire you to finally bite the bullet. [WarriorRocker] recently saved quite a few dollars on his Kindle upgrade by using a demo unit. Of course, it’s not as simple as just finding a demo unit and booting it up. There’s some hacking involved.

[WarriorRocker] found his Kindle Paperwhite demo unit on an online auction site for just $20. Kindles are great for reading but also make popular displays for your own projects. This used display model was much less expensive than a new unit, which makes sense considering it had probably received its share of abuse from the consumers of some retail store. The problem with a demo unit is that the firmware that comes with it is very limited, and can’t be used to sync up with your Amazon account. That’s where the hacking comes in.

pwdu-01The first step was to crack open the case and locate the serial port. [WarriorRocker] soldered a small three pin header to the pads to make it easier to work on his device as needed. He then connected the Kindle to his PC using a small serial to USB adapter. Pulling up the command prompt was as simple as running Putty and connecting to the correct COM port. If the wires are hooked up correctly, then it just takes a press of the enter key to pull up the login prompt.

The next step requires root access. The root password for each unit is related to the unit’s serial number. [WarriorRocker] obtained the serial number by rebooting the Kindle while the Serial connection was still open. The boot sequence will spit out the number. This number can then be entered in to an online tool to generate possible root passwords. The tool is available on [WarriorRocker’s] project page linked above.

Next, the Kindle needs to be rebooted into diagnostic mode. This is because root logins are not allowed while the device is booted to the system partition. To enter diagnostic mode, [WarriorRocker] had to press enter over and over during the boot sequence in order to kill the automatic boot process. Then he checked some environment variables to locate the memory address where the diagnostic mode is stored. One more command tells the system to boot to that address and into diagnostic mode.

The last step of the process begins by mounting the Kindle as a USB storage device and copying over the stock Kindle firmware image. Next [WarriorRocker] had to exit the diagnostic menu and return to a root command prompt. Finally, he used the dd command to copy the image to the Kindle’s partition bit by bit. Fifteen minutes and one reboot later and the Kindle was working just as it should. [WarriorRocker] even notes that the 3G connection still works. Not bad for $20 and an hour or two of work.

“Hacking the Xbox” Released for Free in Honor of [Aaron Swartz]

Hacking the Xbox Cover

[Bunnie], the hardware hacker who first hacked into the original Xbox while at MIT, is releasing his book on the subject for free. The book was originally released in 2003, and delves into both the technical and legal aspects of hacking into the console.

The book is being released along with an open letter from [Bunnie]. He discusses the issues he faced with MIT legal and copyright law when working on the project, and explains that the book is being released to honor [Aaron Swartz]. [Swartz] committed suicide in January following aggressive prosecution by the US government.

The book is a great read on practical applications of hardware hacking. It starts off with simple hacks: installing a blue LED, building a USB adapter for the device’s controller ports, and replacing the power supply. The rest of the book goes over how the security on the device was compromised, and the legal implications of pulling off the hack.

[Bunnie]’s open letter is worth a read, it explains the legal bullying that hackers deal with from a first hand prospective. The book itself is a fantastic primer on hardware hacking, and with this release anyone who hasn’t read it should grab the free PDF.

Rooting Sony PRS-T1 lets you get at the Android goodies

Cries of “I am root!” abound once again with the rooting of Sony’s PRS-T1 eBook reader. The eBook Reader Blog took the original rooting directions and then looked at some of the things you can do with root access.

This hardware is based around an ePaper display, but we must say that the performance seems to be fantastic. There may be a few missing features from the original user interface (like how pages are turned) that can be fixed with root access, but we think it’s the added Android access that makes this worth it. In the video after the break you’ll see that you can drop through to the Android 2.2 desktop and install any application you’re interested in using. This is a multi-touch display so it’s well suited for navigation although applications don’t work well yet because of excessive screen refreshing. But we’re sure that will improve with time. Of note is the ability to play music through apps like Pandora, and the ability to load content from other providers like Amazon books via the Kindle app.

Every time we write one of these rooted features we can’t help but think back to this I’m a Mac spoof video…. you’ll see why in the last few seconds.

Continue reading “Rooting Sony PRS-T1 lets you get at the Android goodies”

Full-color eBook reader needs only 8-bits of muscle

[Rossum’s] still coming up with great ways to use his microtouch hardware. This time, he’s taken his inspiration from Amazon’s announcement that a full-color eBook reader (and movie player) is on the way. Judging from the video after the break, his fully functional reader is a big win for the device.

You’re probably familiar with the hardware, an ATmega644-based board connected to a touch sensitive LCD screen. You can make your own or buy one pre-assembled (but currently out-of-stock). The board has a microSD card slot making it quite easy to add books to the device. At the start of the project [Rossum] thought he might be able to read ePub files directly, but the embedded images, and unzip function needed to open the package file is a bit too much for the 8-bit processor’s restrictions. One simple step does the trick. A helper script can be used to format the files before transferring them to the device. This does the unzipping, scales the images, and repaginates the text into a format friendly for the display size.

Now if we only had a nice little case to house the hardware we’d be in business.

Continue reading “Full-color eBook reader needs only 8-bits of muscle”

Stripping DRM from OverDrive Media Console eBooks

stripping_drm_from_overdrive_media_center_ebooks

[Armin Tamzarian’s] local library recently started lending eBooks via the OverDrive Media Console system. He checked out a couple of books, which got him thinking about how the copy protection scheme was implemented. He wondered what recourse users had if they wanted to view a book they have already checked out on a different, or unsupported piece of hardware.

His research centers around Adobe’s ADEPT digital rights management scheme, which is used to protect the books offered on loan by OverDrive. The topic is broken down into three parts, starting with an introduction to the EPUB file structure, the OverDrive Media Console, as well as the aforementioned ADEPT DRM scheme.

The second part takes a close look at the OverDrive Media Console itself, where he uses the ineptkey and ineptepub utilities written by [I♥CABBAGES] to pull the RSA cipher keys from the EPUB data he uncovered. When he then tries to strip the ADEPT DRM layer from his books however, he discovers that OverDrive is using a non-compliant version of the ADEPT standard, which renders existing tools useless.

The final part of [Armin’s] discussion digs even deeper into the OverDrive Console’s inner workings, where he finds that the OverDrive Media Console stores quite a bit of information in an SQLite database. After a bit of digging, he finds all the data he needs to strip the DRM from his books. [Armin] also took the time to wrap all of his findings up into a neat little tool called OMCStrip, which as you may have guessed, strips the DRM from ADEPT-protected eBooks with ease.