ElcomSoft files second vulnerability report on Adobe eBook Reader and Content Server
One month before criminal trial on DMCA charges begins for Russian company

22 July 2002

By Kurt Foss, Planet PDF Editor

For the second time in slightly more than a week, ElcomSoft Co. Ltd. has filed a public vulnerability report citing alleged flaws in the Acrobat eBook Reader and Content Server from Adobe Systems. Its July 12 report, which was distributed by several popular mailing lists that chronicle product flaws, cited alleged vulnerabilities in Adobe's eBook Library. The report posted today by Security Focus Online on its BugTraq service, was also submitted by Vladimir Katalov, Managing Director of the Russian software company.

Unlike its July 12 vulnerability report, ElcomSoft states in today's accounting that it had previously communicated these new allegations to Adobe, but says it received no response from the San Jose-based company.

ElcomSoft reports it has identified these additional vulnerabilities:

  • "Print/copy: If printing and/or copying [of Adobe PDF-based eBooks from its Content Server] is allowed, but limited (the typical limitation is: you can print 10 pages in 10 days, or copy 10 portions of the text to the Clipboard in 10 days), these limitations can be defeated."

  • "Lend/give: if these operations are allowed by the publisher, you can backup the above mentioned files, perform Lend/Give, and restore the files. The book(s) will remain in your library, while the recipient (you gave the book to) will also have a copy."

When asked to comment today, Adobe Systems repeated the same official statement it offered following ElcomSoft's first public report:

"Adobe will evaluate this report, as we do any report we receive. For security reasons, Adobe can't discuss the measures we take as a result. Security is an ongoing effort. We are committed to strengthening the security of our products by using sophisticated, industry-standard levels of software encryption and working with the software community, including 'White Hat' security experts, to incorporate features to advance the quality of our products. However, no software is 100 percent secure from determined hackers."

In its July 19 article "ElcomSoft rubbishes eBook security ahead of Sklyarov case," The Register speculated that ElcomSoft's initial action was "best seen as a preamble to their upcoming legal fight." The UK-based newspaper suggests ElcomSoft may in part be retaliating for Adobe's role a year ago that led to the Russian company facing criminal charges of violating the Digital Millennium Copyright Act (DMCA) in the US next month. Based on information provided by Adobe, Dmitry Sklyarov, an ElcomSoft programmer, was arrested by the FBI in Las Vegas on July 16, 2001 for developing and selling a software program that could decrypt PDF-based eBooks. The US v. ElcomSoft trial -- Adobe is not directly involved -- is scheduled to begin August 26 in a California District Court.

Asked by Planet PDF today about the company's motivation for publicizing these vulnerability allegations on the eve of the trial involving these same technologies, ElcomSoft executives declined comment.


PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link...

Download free demo

Debenu PDF Tools Pro

It's simple to use and will let you preview and edit PDF files, it's a Windows application that makes...

Download free demo

Five visions of a PDF Day

In the world of PDFs or as we like to say Planet (of) PDF, a year isn't a real PDF year without an intense few days of industry knowledge sharing.

May 15, 2018
Platinum Sponsor

Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.


Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.