nettime's warring bibliophiles on Mon, 27 Jun 2016 17:28:26 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Institute for Biblio-Immunology - First Communique


https://pastebin.com/raw/E1xgCUmb


---disseminate widely---


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Institute for Biblio-Immunology -- First Communique:
Identifying and Removing Verso/BooXtream 'Social DRM' EPUB eBook Watermarks
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

FOR IMMEDIATE RELEASE.

IN THAT, WE DEMAND THE IMMEDIATE RELEASE OF OUR SHACKLED COMRADES,
WATERMARKED
EBOOKS OF THE WORLD.

Welcome.

The Institute for Biblio-Immunology specialises in textual pathogen
identification and antigen synthesis. Several vials of in vivo
samples suffering from a "social DRM" watermarking infection were
recently brought to the attention of our cellar scientists. In this,
our inaugural communique, we will explore our dissection of said
samples and offer an initial expatiation regarding the contaminant
undesirables discovered therein, as well as offer preliminary guidance
for a successful course of treatment.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
BACKGROUND
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Prudence tells us that the only time books should be used as weapons
of terror is if they are thrown, gleefully aflame, through a
publishing conglomerate's window. Instead, we find that the publishing
company Verso Books {0} is using books to facilitate the surveillance
of readers. By embedding uniquely- identifiable personal information
in individual copies of ebooks, Verso (and the company they are
relying on for the actual watermarking, BooXtream) are turning vectors
for cultural transmission into, effectively, tracking beacons designed
to identify who is sharing said ebooks, so as to then neutralise said
ostensibly undesirable (by Verso) knowledge transmission paths. This
will not stand.

{0} Verso Books "is the largest independent, radical
publishing house in the English-speaking world"
<https://www.versobooks.com/pg/about-verso>. On that same 'About
Verso' page, Managing Director Jacob Stevens says that Verso
Books has "a strong list and radical commitment", though what
this means is not actually explained here. Not to worry. Stevens
explains perfectly well what Verso means by "radical" in an
interview with the trade publication The Bookseller; wherein,
commenting on Verso's venture into the ebook retail space, he
states that "Verso has found a new, radical way of selling books"
<https://www.thebookseller.com/news/e-bookprint-bundling-venture-verso
>. Radical selling. Fuck yeah.

But why pick Verso to talk about in the first place? We can briefly
summarise the specific chain of events which brought us to this point,
reductively, as follows:

I --> Verso shits out an ebook release of The Boy Who Could Change the
World: The Writings of Aaron Swartz (in February 2016) {1}.


{1} <https://www.versobooks.com/books/2077-the-boy-who-could-change-the-
world>.

II --> This Verso ebook release possesses WATERMARKS {2}.

{2} "Ebooks from the Verso website are watermarked and
DRM-free, and will work on any of your devices--but they
can't be uploaded to websites or file-sharing networks"
<https://www.versobooks.com/pg/verso-ebooks>.

~~~~~~~~~~~~~~~~~

Paigey the Book Pirate says: Verso is straight-up LYING here. The
ebooks CAN be uploaded to websites or file-sharing networks. Very
easily, in fact. Proof of concept: go to a website or file-sharing
network and upload it (but WAIT-- remove watermark first, of course!).

~~~~~~~~~~~~~~~~~

III --> Sean B. Palmer ("virtual executor" {3} of Aaron Swartz) says
he will ask the publishers to remove the watermarking (on 13 April
2016) {4}.

{3} "I designate Sean B. Palmer as my virtual executor"
<https://web.archive.org/web/20031217220719/http://www.aaronsw.com/200
2/continui ty>.

{4} "I will ask the publishers on your behalf to
remove the watermarking from the Verso ebook version"
<https://punctumbooks.com/blog/the-boy-who-couldnt-
change-the-world/#comment-129709>.

IV--> Regardless, Verso says they will not remove the watermarks (on
22 April 2016) {5}.

{5} "We have just been informed by a highly reliable party
who wishes to remain anonymous that Verso Books has indicated
(to this party, via The New Press) that they will NOT remove
the watermark from their e-book edition of Aaron Swartz's
posthumously-published collected writings because they believe it
will impede their ability to 'recoup' their distribution costs"
<https://www.facebook.com/punctumbooks/posts/1006302089407594>.

NOT OK.

V--> Verso FUCKS you with watermarks, so we will FUCKS Verso now (on
20 June 2016).

Blood for blood.

And by the gallon.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
WATERMARK SCAVENGER HUNT
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Now we will expose the functionality of Verso and BooXtream (Verso's
watermark provider) watermarks.

OK! :)

EPUB have many file inside. Many file give many opportunity for THE
SNEAKY- SNEAKY to add watermark.

BUT IT'S OKAY --> we can be THE SNEAKY-SNEAKY too.

Verso uses a watermarking schema provided by BooXtream {6}.

{6} "Verso ebooks are free of Digital Rights Management (DRM-free),
but are subject to the terms of this license. You own the file
once you've downloaded it, and you can use it on any of your
devices in perpetuity. It has visible and invisible watermarks,
applied by Booxtream, which contain your name and email address.
You are prohibited from uploading Verso ebooks to any website or
file- sharing network, or in any other way making them available
for distribution, sharing, copying, downloading, or reselling"
<https://www.versobooks.com/pg/terms-and-conditions>.

There are, at least, seven different varieties of watermarks injected
into a given ebook EPUB payload by BooXtream to be found in Verso
ebooks:

WM0-2 are overt (readily visible) watermarks and are optional (meaning they
may not necessarily be present):

[WM0] -- Ex Libris Image Watermark
[WM1] -- Disclaimer Page Watermark
[WM2] -- Footer Watermarks

WM3-6 are covert (not readily visible) watermarks and are always present:

[WM3] -- Filename Watermarks
[WM4] -- Timestamp Fingerprinting
[WM5] -- CSS Watermark
[WM6] -- Image Metadata Watermarks


Let's now go through each one to expose it and see how it works and,
in turn, how it may be prevented from working.

OK!  :)


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM0] -- Ex Libris Image Watermark
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The ex libris image watermark is optional {7}; however, Verso ebooks
appear to employ it.

{7} "With every order fulfilment, BooXtream(R) needs the customer
name, customer email address and an order-id (supplied by the shop).
BooXtream(R) encodes this as a series of redundant digital watermarks
and also adds visible, personalised information for the end user into
the ePub file. All visible and personalised information is optional
and can be customised:

"- Page 2 contains an Ex Libris (image with customer name),
that can be customised per publisher and per customer"
<https://www.booxtream.com>.

~~~~~~~~~~~~~~~~~
Paigey the Book Pirate says: Keeping in mind that the tiers of overt
watermarks (WM0-2) are all optional, even if a given ebook doesn't appear to
have them, it would of course still nonetheless be a sign of utmost prudence
for one to check for the presence of the covert watermark tiers (WM3-6).  In
other words, just because an ebook may not have the initial set of overt
watermarks, this should not be taken to mean it does not necessarily
have any of the subsequent covert watermarks.
~~~~~~~~~~~~~~~~~

The ex libris watermark is an image file, albeit one found
not in ../Images/, where one would expect, but rather in
../Text/exlibris*.png.

The ex libris watermark image here consists of the Verso 'V' logo,
with the buyer name and email superimposed over the logo as part of
the customised image.

Said ex libris watermark image is called from ../Text/Cover*.xhtml:

---

<p class="exlibris" style="text-align:center"><img src="exlibris*.png"
alt="Ex Libris"/></p>

---

Said image is also referenced in ../content.opf:

---
<item id="exlibris" href="Text/exlibris*.png" media-type="image/png"/>
---

~~~~~~~~~~~~~~~~~

Paigey the Book Pirate says: When changing filenames and/or
moving/deleting files, always be sure to change all corresponding
references to them as well, as otherwise not only will links not work,
but the anonymity you so desperately seek will be compromised! I hear
Sigil <https://sigil-ebook.com> is a good tool for this which changes
references automatically for you when you change filenames!

~~~~~~~~~~~~~~~~~

We'll come back to that pesky wildcard placeholder (*) in the
Wdiscussion of M3, but for now it would behove one to simply listen to
WPaigey.

If one had mind to eliminate WM0, one could then simply delete the
contaminant (exlibris*.png) and remove the aforementioned references
to it from Cover*.xhtml and content.opf.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM1] -- Disclaimer Page Watermark
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The disclaimer page watermark is optional {8}; however, Verso ebooks
appear to
employ it.

{8} "With every order fulfilment, BooXtream(R) needs the customer
name, customer email address and an order-id (supplied by the shop).
BooXtream(R) encodes this as a series of redundant digital watermarks
and also adds visible, personalised information for the end user into
the ePub file. All visible and personalised information is optional
and can be customised:

"[...]

"- The last page contains a disclaimer and logo, and
has a corresponding entry in the table of contents"
<https://www.booxtream.com>.

The disclaimer page watermark is an XHTML file, albeit one
found not in ../Text/, where one would expect, but rather in
../disclaimer*.xhtml.

The Verso disclaimer boilerplate is as follows:

--- Verso ebook license

This ebook was sold to $BuyerName, $BuyerEmail on $SaleDate0.

Verso ebooks are free of Digital Rights Management (DRM-free) but are
subject to the terms of this license. You own this file once you've
downloaded it, and you can use it on any of your devices. It has
visible and invisible watermarks, applied by Booxtream, which contain
your name and email address. You are prohibited from uploading Verso
ebooks to any website or file-sharing network, or in any other way
making them available for distribution, sharing, copying, downloading,
or reselling. Royalties from every sale will be paid to the author: if
you're reading someone else's copy, then please buy your own license
from Verso Books.

This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1 ---

Wherein $BuyerName is the name of the buyer of the ebook; $BuyerEmail
is the email of the buyer of the ebook; $SaleDate0 is the date
of purchase--or more accurately, the specific date the purchased
copy of the ebook was generated, which will typically also be the
date of purchase--in the format DD/MM/YYYY (numerical values for
Day/Month/Year); $SaleDate1 is likewise the date of purchase, albeit
in the format MM/DD/YYYY.

~~~~~~~~~~~~~~~~~

Paigey the Book Pirate says: Notice that $SaleDate0 is only utilised
in the header of disclaimer*.xhtml; whenever the sale date watermark
appears elsewhere, it always follows the format of $SaleDate1.

~~~~~~~~~~~~~~~~~

Said disclaimer page watermark is in turn called from ../toc.ncx:

---
<navPoint playOrder="#" id="BooXtream"><navLabel><text>This eBook is
licensed to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
src="disclaimer*.xhtml"/></navPoint>
---

And is further referenced twice in ../content.opf, as:

---
<item id="BooXtream" href="disclaimer*.xhtml" media-
type="application/xhtml+xml"/>
---

and again as:

---
<itemref idref="BooXtream"/>
---

If one had mind to eliminate WM1, one could then simply delete
the contaminant (disclaimer*.xhtml) and remove the aforementioned
references to it from toc.nx and content.opf.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM2] -- Footer Watermarks
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The footer watermarks are optional {9}; however, Verso ebooks appear to
employ
them.

{9} "With every order fulfilment, BooXtream(R) needs the customer name,
customer email address and an order-id (supplied by the shop). BooXtream(R)
encodes this as a series of redundant digital watermarks and also adds
visible,
personalised information for the end user into the ePub file. All
visible and
personalised information is optional and can be customised:

"[...]

"- Every chapter ends with a personalised footer text"
<https://www.booxtream.com>.

The textual footer page watermarks appear at the end of every XHTMLl file in
the EPUB (therefore chiefly in ../Text/##_*.xhtml).

The main Verso footer boilerplate is as follows:

---
This eBook is licensed to $BuyerName, $BuyerEmail on $SaleDate1
---

Note that the code formatting surrounding the footer watermark may vary
slightly, taking on the form of either something along the lines of:

---
<p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;"
class="EPubfirstparagraph
epubpagerstart">This eBook is licensed to $BuyerName, $BuyerEmail on
$SaleDate1</p>
---

or:

---
<p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is
licensed to
$BuyerName, $BuyerEmail on $SaleDate1</p>
---

The takeaway here being the observation that the class attribute is not
always
specified.

A footer watermark additionally appears within the aforementioned WM1,
namely
in ../disclaimer*.xhtml, albeit matching one of the formatting variants of
../Text/##_*.xhtml:

---

<p style="font-size: 11px; text-align: center; color: #333; border-top: 1px
solid #7b7b7b; padding: 10px 0 0; margin: 20px 0 0;">This eBook is
licensed to
$BuyerName, $BuyerEmail on $SaleDate1</p>
---

Finally, a footer watermark further appears in ../toc.ncx, alongside the
aforementioned presence of WM1:

---
<navPoint playOrder="*" id="BooXtream"><navLabel><text>This eBook is
licensed
to $BuyerName, $BuyerEmail on $SaleDate1</text></navLabel><content
src="disclaimer*.xhtml"/></navPoint>
---

If one had mind to eliminate WM2, one could then simply delete the
contaminant
(the footer text) from all infected *.xhtml files, as well as from
../toc.ncx.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM3] -- Filename Watermarks
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

While BooXtream is quite forthcoming indeed about the afore-discussed overt
tiers of optional watermarks, they are mysteriously vague about their covert
tiers, merely coyly stating that:

"The ePub ebook files contains [sic] visible personalisation and
multiple invisible watermarks in all data files, without sacrificing
compatibility. BooXtream(R) uses multiple realtime protection
algorithms that encodes not only information about the publisher, but
also about the customer and the web shop" {10}.

{10} <https://www.booxtream.com>.

Not to worry.  Let's slice open this toy's belly and 'spill the beans'.

The first 'invisible' tier of watermarking is internal filename
manipulation.

Recall that in the brief discussion of filenames in the prior overview
of WM0, a wildcard placeholder (*) was used to denote parts of the
filenames, with the promise that this pesky wildcard would be returned
to. That time has come. Let us now tame the wildcard.

All internal filenames of the files within the contaminated EPUB (save for
mimetype, container.xml, content.opf, and toc.ncx) are appended with a
watermark suffix which follows the actual filename (but precedes the file
extension), using the following format:

---
$FileName$BuyerNameCombined$BuyerEmailCombined.$FileExtension
---

Wherein $FileName is the original unmodified name of the file,
$BuyerNameCombined is the name of the buyer of the ebook with all spaces
removed, $BuyerEmailCombined is the email of the buyer of the ebook with
special characters such as '@' or '.' removed, and $FileExtension is the
extension of the file.

For example, if the buyer's name is Huub van de Pol and the buyer's email is
[email protected], then Cover.xhtml becomes
CoverHuubvandePolhuubvandepolnl.xhtml.

If one had mind to eliminate WM3, one could then simply truncate the
contaminants (the filename watermarks) from all infected files, as
well as the various references to them. One would do well to here
remember Paigey's advice from the prior discussion of WM0 to use Sigil
to streamline the renaming of both the filenames and the various
corresponding references. For instance, if renaming a font file,
Sigil would assist one in automatically renaming the corresponding
references to said font in the accompanying CSS file (which, in turn,
would also need to be renamed, as would references to that CSS file in
the rest of the EPUB).


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM4] -- Timestamp Fingerprinting
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

A prudent watermark analyst may have observed that while
$BuyerNameCombined and $BuyerEmailCombined are present in WM3,
an accompanying $SaleDate1Combined variable is missing, despite
$SalesDate1's presence in WM1-2, wherein it accompanied $BuyerName and
$BuyerEmail.

This is of course owing to the fact that, seeing as how the customised
watermarked EPUB is generated upon the date and time of purchase
(recall BooXtream's earlier revelatory bragging of utilising
'realtime' watermarking algorithms), each file's modification and
creation timestamp data will thus correspond to the time that
particular copy of the EPUB was purchased. Thus, the timestamp
itself effectively here functions as a covert watermark, serving to
facilitate the potential fingerprinting of the content buyer (or the
'traitor', to use forensic parlance).

For example, say the timestamp information for the files within a
given EPUB is listed as 13/10/2016 07:00:05. If the vendor checks
the corresponding sale records for that ebook and notes that there
was a single purchase on 13/10/2016 07:00:02, then that buyer
may potentially be implicated, particularly if a pattern emerges
identifying the same buyer across multiple ebook leaks.

If the aim is to avoid being fingerprinted, it thus of the utmost
importance to modify the timestamps of both the EPUB and all of the
contents within (including both files and directories).

If one had mind to eliminate WM4, one could then simply modify one's
system clock to a time/date of one's choice--either earlier or later
than the time/date of purchase--and then open and subsequently save
the EPUB anew using the ever-handy aforementioned Sigil utility.

While using Sigil in tandem with system clock modification is
the simplest way to modify timestamps, since one is likely to be
using Sigil for other related tasks anyhow, one could nonetheless
alternatively use the timestomp utility found within the Metasploit
framework <https://www.rapid7.com/products/metasploit/download.jsp> to
alter timestamps without having to modify the system clock.

~~~~~~~~~~~~~~~~~
Paigey the Book Pirate says: If one were keen to decrease the chances of
forensic analysis being able to detect that counter-forensic timestamp
tampering had occurred, one would be sure to select both reasonable
dates--say,
neither years before the book was even published, nor those 30 years in the
future--and realistic timelines--the file modification timestamps should
not be
any earlier than the file creation timestamps, for instance.
~~~~~~~~~~~~~~~~~


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM5] -- CSS Watermark
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Aside from filename watermarking and timestamp fingerprinting, there is
another potential tier of covert watermarking present in Verso BooXtream
ebooks: that of a Cascading Style Sheet (CSS) watermark.

The potential CSS watermark appears at the end of the CSS template found in
..\OEBPS\Styles\template*.css:

---
.boekstaaf { * }
---

~~~~~~~~~~~~~~~~~

Paigey the Book Pirate says: 'Boekstaaf' is a Dutch word historically
meaning a stick with runes inscribed on it. The meaning then shifted
to mean 'letter' (as in a letter of an alphabet or a rune) in its
noun form, and later still to something akin to 'to record' or 'to
write down' in its verb form. Thus the language choice employed
by BooXtream, perhaps inadvertently, reveals the underlying theme
which permeates textual watermarking: that of the book and its
components, letters and all, being used to fulfil a function of
recording and surveilling the reader. The letter, therefore, is here
inextricably linked to the surveillant function of a record. How
fitting then indeed it is for BooXtream to use this term to denote a
potential watermark class, used to record who purchased the ebook.
~~~~~~~~~~~~~~~~~

This custom 'boekstaaf' class contains a number of varying CSS
properties (such as 'text-decoration' and 'border-top-color') in
varying orders with varying values.

For instance, a sample boekstaaf class in one copy of an ebook may
appear thusly:

---
.boekstaaf { text-shadow: none; font-size: 10px; border-top-color: #323521;
padding: 20px; display: none; background: #245132; color: #251660; border-
bottom-color: #103032; vertical-align: super; margin: 4px;  }
---

While in another purchased version of the ebook, the boekstaaf class may
instead be defined as:

---
.boekstaaf { color: #508862; border-bottom-color: #419671; display:
none; font-
size: 7px; border-top-color: #043252; padding: 18px; background: #340715;
margin: 14px; text-decoration: overline; text-indent: 14px;  }
---

Thus the varying properties, combined with the varying order in which
they are listed, and further combined with the varying values for
each property may all be utilised in combination to form a unique
fingerprint for each EPUB, effectively constituting a CSS watermarking
scheme.

Also notable is the fact that the custom boekstaaf class does not
appear to be actually referenced anywhere in the accompanying XHTML
pages (or for that matter, anywhere else in the EPUB); it exists
solely at the end of the template*.css file--perhaps to minimise the
likelihood that it would chance to be noticed. The display property
also appears to invariably be set to 'none', meaning that even if the
class were to be invoked, the element would not be directly visible on
the given page.

If one had mind to eliminate WM5, one could then simply delete the
contaminant (the boekstaaf class) from the infected template*.css file
(as the class is not called anywhere in the EPUB, its deletion does
not adversely affect the layout of any of the ebook pages).


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[WM6] -- Image Metadata Watermarks
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Aside from filename watermarking, timestamp fingerprinting, and CSS
watermarking, our cellar scientists observed yet another tier of covert
watermarking present in Verso BooXtream ebooks: that of image metadata
watermarks.

All PNG and JPG images examined within contaminated ebooks in our sample set
were found to contain metadata watermarks (other image formats were not
available for analysis in our sample set).  The watermarked images therefore
appear predominantly in ../Images/*, though even WM0
(../Text/exlibris*.png) is
watermarked.

To view JPG and PNG metadata watermarks, the images may be opened
with either a dedicated metadata viewer and editing program such
as ExifTool <https://www.sno.phy.queensu.ca/~phil/exiftool/>,
or a hex editor application such as wxHexEditor
<https://sourceforge.net/projects/wxhexeditor/>.

In JPG images, the watermark appears in the ImageDescription tag of
the image's EXIF (Exchangeable Image File Format) metadata, and looks
something like this:

---
Image Description: [18 characters]=[20-24 characters]
---

For example, a sample ImageDescription value may appear as follows:

---
Image Description: 626F6F78747265616D=6E6F77617465726D61726B73
---

As previously mentioned, PNG images also possess a metadata watermark,
albeit in a different form than that of JPG images. Specifically, in
PNG images the watermark appears as TextualData in the tEXt text chunk
field.

For example, a sample tEXt chunk value may appear as follows:

---
tEXt: 626F6F78747265616D:6675636B73766572736F
---

~~~~~~~~~~~~~~~~~
Paigey the Book Pirate says: '626F6F78747265616D' is a string which just so
happens to appear at the start of all image metadata watermarks in all
Verso/BooXtream ebooks that were analysed as part of our sample set.  Thus,
this value appears to be constant--with the second value (that following the
'=' or ':') being the variable one which changes for each copy of an ebook.
When '626F6F78747265616D' is converted from hexadecimal to ASCII
characters, it
reads 'booxtream'.
~~~~~~~~~~~~~~~~~

If one had mind to eliminate WM6, one could then simply delete the
contaminant
(the image metadata watermark) from the infected *.jpg files by running the
following ExifTool command, which will delete all JPG image metadata and
replace the original infected files with healthy versions, like so:

---
exiftool *.jpg -all= -overwrite_original
---

As ExifTool does not readily deal with the manipulation of the here
pertinent PNG metadata, our cellar scientists instead prescribe the
following command line remedy to delete the corresponding contaminant
from infected *.png files:

---
cat infected.png | sng | sed '/[a-z] {/,/}/d' | sng > healed.png
---

Alternatively, one could simply delete the watermark from the PNG
images (as well as from the JPGs) by using a hex editor. Yet another
alternate would entail opening the PNG in an image editing application
and saving it anew (this procedure should, however, not be utilised
for JPG images as they are not lossless like PNGs, and as such the new
JPG image would result in not just desirable metadata loss, but also
in undesirable quality loss).


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
PARTING SHOTS
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

It's a safe bet that when the Verso and BooXtream bioterrorists, read
over this communique, they--mad as a cut snake--will then attempt
to obfuscate and otherwise modify their watermarking schema in vain
attempts to develop tamper- resistant watermarking strains. It then
follows that the specifics outlined herein (e.g. exact file locations
and directory paths, watermark code samples, and so on) will become
obsolete fairly quickly. But that's okay, because that is precisely
why this communique should not be approached as a set of discrete
tactics, but instead as a particular manifestation of continuously
adaptive strategies of subversion.

Each individual ebook should be thoroughly scrutinised, not only for
the various tiers of overt (ex libris image, disclaimer, footer)
and covert (filename, timestamp, CSS, image metadata) watermarking
outlined and examined herein, but for other potentially even more
pernicious watermarking stratagems that may be deployed by an
adversary (such as line, word, and character shifting, as well as
other spacing-based watermarking; F5, Least Significant Bit (LSB) and
other forms of image steganography; natural language watermarking; and
so on...).

In other words, even if it will lead to Verso/BooXtream changing
their modi operandi, the communique will remain advantageous both
due to the fact that it may still be utilised to remove watermarks
from Verso/BooXtream ebooks that have already been released under
these old watermarking schemas, and further that it may inspire
future remedies by helping to foster transferable dissective skills
which may be applied to combat any newly-deployed methods of textual
oppression--effectively serving to white-ant Verso/BooXtream content
distribution tyranny, irrespective of their particular future
watermarking permutationss.

In closing, when dealing with watermark identification and removal,
there is always a lingering fear that something may have been
missed. Adversaries such as publishing conglomerates and peddlers
of watermarking snake oil thrive on and seek to financially benefit
from this fear, and thus we would like to here contrarily propose
a Watermarking Quantification Theorem: the number of watermarks or
watermark techniques an adversary will claim to have deployed will
always be n+1, where n is the actual number of watermarks or watermark
techniques present (or in a more generalised form: n+m, where m is
any fictional addendum to the actual number of existent watermarks
or watermark techniques). Which is to say that it would of course be
advantageous for BooXtream to claim there are not seven, but eight or
even more watermarks present in their schema so as to instil fear,
uncertainty, and doubt and therefore, in their venomous eyes, to
ideally stymie the distribution of a given text.

One can soothe one's fear of this fiction by comparing multiple
copies of an ebook against each other, rooting out each watermarked
discrepancy one by one until all copies are identical and one
is certain that there are no longer any remaining differences.
Alternatively, or perhaps better still in tandem, one could always be
sure to purchase ebooks with funds and from locations which cannot
readily be linked to one's identity. Wouldn't it be a hoot if one
were to, for instance, utilise the payment credentials belonging to a
watermarking firm when making watermarked ebook purchases? ;)


Finally, our lab is always on the look out for fresh cadavers to
reanimate. Send contaminated samples for analysis to our cellar
scientists at: [email protected]. Patient confidentiality guaranteed.

---disseminate widely---



#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: [email protected]
#  @nettime_bot tweets mail w/ sender unless #ANON is in Subject: