Thursday, September 15, 2011

Information security and digital rights management

Information security is a triangle: availability, confidentiality, integrity.

Digital Rights Management damages the security of your information. You lose control over availability and integrity in order to deliver confidentiality to the vendor of your files. You have to trust that the DRM-ified files you paid for can be accessed again. If you lose access to the email account the files tie back to, this can be very hard. (I recently lost access without notice to an address that had been stable for >10 years.)

Other examples of availability issues are in the context of the Nook devices. Barnes and Noble promised and failed to deliver a landscape reading mode on the nook color for more than a year. For most of us, this is simply an annoyance. For some folks with chronic pain conditions, however, the lack of a landscape mode on the NC substantially impacts the availability of their BN library on the device. If they are able to use a reader that does support landscape, availability is restored.  More recently, buyers of the Nook Touch products found that their devices could not access their libraries of paid content for more than two weeks, while mysterious demons were exorcised from the BN servers. 

There is a great set of people studying just how much confidentiality the vendors and publishers actually get by imposing DRM on us; the answer is 'not so much, really.' Apprentice Alf's blog is a great starting point.

The tools discussed there let you manage the availability and integrity of your data for yourself. You owe it to your ebook vendors to maintain confidentiality -- but you owed them that to start with, and it was in the agreement as you purchased the books.

With that said, then, I want to give readers a look at using Calibre and various DRM management tools to regain control of their security.

Start by downloading the Nook app for your computer.

Sync it with your library.

It creates a folder in your Documents folder:

C:\Users\your-user-name\Documents\My Barnes & Noble eBooks\your-email-address

All of your BN books live there.

If you have an Amazon account, install the Kindle app on your PC.

Sync it.

It creates a folder, too:

C:\Users\your-user-name\Documents\My Kindle Content

Now, install a free program called Calibre on your PC. You can use it to manage ebooks on many devices, and it knows a lot about Nooks (both the color and monochrome models.)

Download it from here: http://calibre-ebook.com (it's free.)

Download a file called "tools_5.3.1.zip" 

Only download the file - I see that the site offering the file now offers it directly or via  'download manager,' so untick the 'download manager' tickbox.  At best download managers are a hindrance.  

The file changes its name and URL as it is updated;  if the link is out of date, by all means let me know but also take a look at Apprentice Alf's blog, which ordinarily has the current information.  

To read more of the details on this file, and think more about security, access, and digital rights management generally, take a look at

http://apprenticealf.wordpress.com/2010/02/11/hello-world/

Unzip tools_4.7 , and remember where you put it. Don't unzip the files inside it, though.

Launch Calibre. The first time you launch it, tell it what kind of e-reader you have.



Now, from inside Calibre, you need to add the DRM plugins to the mix. There are quite a few, but the process is basically the same: rowse to the folder you unzipped tools to, and find the Calibre Plugins folder. Add the ones you want; read the readme files to see if there are additional notes.



Hit Preferences



Hit plugins. The "Miscellaneous" button is helpful at a different stage.



Hit load plugin from file - you need to browse to the files that were inside the tools you downloaded. The zipped files need to remain zipped for Calibre to reconize them.





If there are no visible files here, it means the internal zips accidentally got unzipped.

Once you click on "open" you'll get a couple of dialogs.



You'll have to decide for yourself if you trust the files. The files I've linked to contain complete source code, and I think people would be singing out if they were risky.

If and when you choose to install these plugins, returning back to the main plugins screen, you'll see the new items in Formats:



Once you have loaded the k4mobi plugin and installed the Kindle app on your system, you are ready to begin reading and managing books you can read in the Kindle app in Calibre as well. Just drop the book files (azw, at least) onto the library pane in Calibre and give it a few moments to import them. If you have an e-reader that prefers epub over azw or mobi, when you connect it and use Calibre to push a file onto it, Calibre will offer to convert it automatically.

Nook content

To manage content from BN, there is manual configuration needed, and you have a decision to make. The simplest way to unlock content from BN is by storing your name and your credit card number on your computer. The alternative is to read Apprentice Alf carefully, install Python and the Python crypto system, and use the "ignoblekeygen.py" tool to create a fake token that your computer can use to open your books.

Many people, especially their first few times looking at this stuff, simply don't want to install more programs. And that's fine - you can set up the plugin with your name,yourcc# -- no spaces, and the spelling and capitalization of your name have to be exactly what BN has on file.



If you do that, it might not be a bad idea to de-configure the plugin after you've secured your library, and re-configure when you are ready to add new books.

Or, later on, download the additional tools to avoid storing this info in Calbre.

With the plugin configured, quit and restart Calibre.

Drop books from your BN folder onto Calibre's window, and it will make it so Aldiko can just read them - you won't need to fiddle with your billing info again! Start with just one book. Confirm you can read it by clicking on the word epub in the "Formats: EPUB" line. It'll pop open a little window that will let you read your epub right there, if you like. Once you can read the epub in Calibre, you can read it on any device which can read epubs.

This display means you need to remove the book from Calibre, reconfigure the plugin, and try to reimport, though: