Text version of affidavit provided by Cryptome.org

SEALED BY ORDER OF THE COURT

United States District Court

NORTHERN DISTRICT OF CALIFORNIA

I, the undersigned complainant being duly sworn state the following is true and correct to the best of my knowledge and belief. On or about June 26, 2001 in Santa Clara county, in the Northern District of California defendant(s) did, (Track Statutory Language of Offense)

import, offer to the public, provide, and otherwise traffic in a software product that is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof, and aid and abet such conduct.

in violation of Title 17 United States Code, Section(s) 1201(b)(1)(A) and 18 U.S.C. Sec.2

I further state that I am a(n) Special Agent, F.B.I. and that this complaint is based on the following facts:

see attached affidavit

Penalties:
5 years imprisonment
$500,000 fine
3 years supervised release
$100 penalty assessment

Bail request: no bail

Continued on the attached sheet and made a part hereof [X] [ ] No

Approved as to form: [Signature] AUSA Joseph E. Sullivan

Name/Signature of Complainant: [Signature] Daniel J. O'Connell

Sworn to before me and subscribed in my presence

Date: July 7, 2001 at San Jose, California

U.S. Magistrate Judge Patricia V. Trumbull

NORTHERN DISTRICT OF CALIFORNIA COUNTY OF SANTA CLARA

) ) )

SS: AFFIDAVIT FOR COMPLAINT

Daniel J. O'Connell, being duly sworn, deposes and states:

Introduction

1. I submit this affidavit in support of a criminal complaint and an arrest warrant for Dmitry Sklyarov, for violation of Title 17, United States Code, Section 1201(b)(1)(A) -- circumvention of copyright protections, and Title 18, United States Code, Section 2 -- aiding and abetting.

2. Title 17, United States Code, Section 1201(b) states in relevant part:

(1) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that -

(A) is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof;

. . .

(2) As used in this subsection -

(A) to "circumvent protection afforded by a technological measure" means avoiding, bypassing, removing, deactivating, or otherwise impairing a technological measure.

3. Title 17, United States Code, Section 1204, states in part:

(a) In general. -- Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain,

(1) shall be fined not more than $500,000 or imprisoned for not more than 5 years or both, for the first offense; and

(2) shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.

Background of Affiant

4. I have been employed as a Special Agent for the Federal Bureau of Investigation for over twenty-five years. I am currently assigned to the High Tech Squad at San Jose, California, which has responsibility for the theft of intellectual property, theft of trade secrets, and violations of U.S. copyright laws. I have participated in such intellectual property related investigations since passage of the Economic Espionage Act of 1996.

Basis of Charges

5. On june 26, 2001, I met with representatives of Adobe Systems, Incorporated (Adobe), located in San Jose, California. Kevin Nathanson, Group Products Manager, eBooks, Adobe, told me the following:

a. Adobe produces computer software, including a software product named Adobe eBook Reader.

b. eBook Reader works as follows: after users upload the program onto their personal computer systems, the users can contact a Internet Web based electronic bookseller such as Amazon.com or Barnes and Noble.com and purchase a book titles in an electronic format known as an eBook. As a result of a series of seamless transactions taking place between the electronic bookseller, an Adobe Server, and the customer's computer, users may only open and view the encrypted eBook on the specific computer that the user utilized to engage in the transaction. Because the process is taking place outside the view or control of the user, the user never sees the verification/decryption process taking place between the eBook file and the Adobe eBook Reader. Nevertheless, because the book sold in encrypted form and only accessible through the eBook Reader and is not duplicatable, the copyright holder's interest in the book is protected.

c. Adobe is being victimized by a Russian company named Elcomsoft. Elcomsoft is distributing a key over the Internet in the form of a software program that illegally unlocks copyright protections on the e-Book files. This unlocking key is available for purchase on the Internet at http://www.elcomsoft.com/aebpr.html. The commercial name given by Elcomsoft to this unlocking key program is Advanced eBook Processor (AEBPR).

6. Nathanson and Daryl Spano, a technical Investigator, Investigations/Anti-Piracy, Adobe, showed me Elcomsoft literature they observed on the Internet which describes a program to decrypt eBooks in Adobe Acrobat eBook Reader format (PDF files with EBX security handler) as well as Adobe Acrobat PDF files protected using a standard security method, WebBuy Technology, or any other Acrobat security plug-in (like FileOpen, SoftLock etc.). The decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions -- i.e. with edit, copy print, annotate functions enabled. All versions of Adobe Acrobat are supported. It can also decrypt e-Book Pro (*.EBJ) files, extracting all html pages and images from them.

7. Nathanson told me that the real damage done by the AEBPR program is that it creates a "naked file" that enables anyone to read the eBook on any computer without paying the feed to the bookseller. Only one legitimate copy of the encrypted eBook needs to be purchased originally and after the protections are stripped through the usage of the Elcomsoft program, there are no restrictions and the eBook can be duplicated freely and made available for usage on any computer.

8. Daryl Spano told me the following:

a. Adobe purchased a copy of the Elcomsoft unlocking software over the Internet, and an Adobe engineer told Spano that the unlocking key worked as Elcomsoft claimed.

b. Adobe purchased the program through Elcomsoft through a U.S. based company that Elcomsoft was using as a means of collection a $99 fee for purchase and usage of the unlocking key. Nathanson and Spano told me that this company was Register Now! (http://cryptome.org/www.regnow.com) Dept # 1170-75, PO Box 1816 Issaquah, Washington 98027, 1-877-353-7297. Register Now! collected the $99 fee that pays for the unlocking key. Thereafter, Elcomsoft, after receiving verification from Register Now!, electronically sent the unlocking key registration code from Elcomsoft to the purchaser (Adobe) in San Jose, California, in the Northern District of California. Spano provided documents to me reflecting the transaction and showing that the unlocking key was purchased by Adobe on June 26, 2001.

c. The Elcomsoft unlocking software was downloaded for free directly from the Elcomsoft site without purchasing the key. However, the software obtained without the unlocking key allowed on to view only approximately ten percent of an eBook in the Adobe format. In order to get the complete book, the person downloading the Elcomsoft software was required to pay Elcomsoft the $99 fee through the RegNow website to obtain the unlocking key.

d. A review of the opening screen on the Elcomsoft software purchased showed that a person named Dmitry Sklyarov is identified as being the copyright holder of the Elcomsoft program. Spano exhibited this opening screen to me and provided me with a copy of the screen. Spano also provided me a copy of the E-mail from Elcomsoft managing director Vladimir Katalov furnishing the unlocking key after the fee had been paid to Elcomsoft through the RegNow website.

e. Adobe learned that Dmitry Sklyarov is slated to speak on July 15, 1001 at a conference entitled Defcon-9 at Las Vegas Nevada. Spano told me that he learned that Sklyarov is scheduled to make a presentation related to the AEBPR software program.

9. Nathanson told me that thus far, Elcomsoft had defeated ADobe's Version 2.1 eBook Reader and has threatened in literature on its website to issue a "crack" for Acrobat eBook Reader Version 2.2 that has just been released.

10. Nathanson and Spano stated that Adobe has attempted to prevent Elcomsoft from providing the unlocking key to the public and has been resisted in this effort by Elcomsoft. Adobe has sent "cease and desist" letters to Elcomsoft, RegNow and the Internet Service Provider for Elcomsoft, Verio Inc.

Independent Investigation

11. On July 2, 2001, I viewed the Internet home page of RegNow, "www.regnow.com". The following products were listed for purchase through the website:

* Advanced PDF Password Recovery (Pro)

* Recover passwords to Adobe Acrobat PDF files

* ElcomSoft Co. Ltd.

* Advanced PDF Password Recovery

* Decrypt protected ADobe Acrobat PDF files.

* ElcomSoft Co. Ltd.

* Advanced eBook Processor (Discount)

* Decrypt protected Adobe Acrobat PDF files and eBooks

* ElcomSoft Co. Ltd.

When I used a computer mouse to select the above listed programs for purchase through RegNow website, I was directed to the home page of Elcomsoft.com

12. On July 2 and 3, 2001, I observed the following information on the ELCOMSOFT website in which Elcomsoft describes its business activity:

"ElcomSoft Co. Ltd. is a privately owned software development company headquartered in Moscow, Russia. Established in 1990, Elco specializes in producing Windows productivity and utility applications for businesses and individuals...." "ElcomSoft Co. Ltd. is a member of the Russian Cryptology Association (RCA) and a lifetime member of the Association of Shareware Professionals (ASP). ElcomSoft is also a Microsoft Independent Software Vendor (ISV) partner..."

13. I observed that the Elcomsoft website "home page" showed the following information among a listing of new products and their release dates:

"June 26, 2001 New versions of Advanced eBook Processor and Advanced NT Security Explorer now available" and "June 20, 1001 New product has been released: Advanced eBook Processor. Decrypt eBooks for Adobe Acrobat Reader and PDF's protected with all security plug-ins, including WebBuy!"

14. I observed that Elcomsoft described its product and made certain comments about its legality as follows:

Advanced eBook Processor ....

06/20/2001 We have released our new program and called it AEBPR (Advanced eBook Processor). The only thing the program does is: converting documents from Acrobat eBook format (compiled for Adobe Acrobat eBook Reader) to the plain Acrobat format (PDF). Again, that's all: from one Adobe format to another. But PDF is much wider used, because there are (free) PDF viewers for a lot of hardware platforms (from workstations to PDAs) and operating systems (Windows, Mac, Linux etc), while Acrobat eBook Reader is available for Windows and Mac only.

This program works only with eBooks you legally own, i.e. purchased from one of online stores like Amazon or Barnes & Noble. So we were absolutely sure that the owner of eBook has all rights to read the book he purchased where he wants and how he wants.

The demo version of AEBPR allowed to convert only first 10% of the book content. To protect unauthorized distribution of eBooks on the piracy market, we have set the "border" price for this program - $99, which is much more than an average eBook cost (most eBooks are being sold from $10 to $30, and there are a lot free ones).

You can download a demo version of AEBPR here, here or here (please not that current release of our program does not support the latest version of Adobe eBook Reader, 2.2; that is the result of unpredicted Adobe reaction to our release of this program - see below.

06/25/2001 We have received a notification from Adobe Anti-Piracy Enforcement Team team in which they claimed that our program is illegal and we need to remove it immediately from our site. They said they give us 5 days otherwise they will "pursue us aggressively"....

06/26/2001 We have received an email from our ISP, Verio Inc. They wrote that Adobe has contacted them to shut down our Web site (again, immediately). As Adobe wrote to Verio, the reason was: the site "offers downloads to their copyrighted software published by Adobe Systems." Obviously - this is not true, we never distributed any software copyrighted by Adobe Systems. But as you can see, Adobe is not even going to collect the correct information (what laws, copyrights and terms-of-use have been violated), but just started their aggressive actions before 5-day period (they set themselves) has expired. Really, they did not want to give us a time to consult with our attorneys! Verio gave us 6 hours to remove this page (the one you are reading now). So we moved the site to another ISP...

06/27/2001 (2:19:30 PM) Verio has contacted us again, this time not asking for something, but just with a notification: "Host blocked: www.elcomsoft.com/aebpr.html - 198.63.210.56 port 80 (www)" You can see, that since they were not able to close our web site completely, they simply disabled access to it on their routers. Moreover, they have blocked the whole IP address of our server, so not only this site, but also lots of other (not only ours) web sites became completely out of reach! But we already had a few mirrors ready, and after this unfriendly action from Verio, we have updated appropriate DNS records. In 6 hours, our web site was accessible again!

06/28/2001 (10:57 AM) Adobe has sent a complaint to RegNow , our billing service (5 days are still not expired!). This time they called it "unauthorized distribution of software"...

RegNow asked us for advice what they should do in this situation. We didn't want them to be involved in our problems, and so asked to stop sales of AEBPR....

07/03/2001 Now it's time for the brutal truth on Adobe eBook protection. We claim that ANY eBook protection, based on Acrobat PDF format (as Adobe eBook Reader is), is ABSOLUTELY insecure just due to the nature of this format and encryption system developed by Adobe. The general rule is: if one can open particular PDF file or eBook on his computer (does not matter with what kind of permissions/restrictions), he can remove that protection (by converting that file into "plain", unprotected PDF. Not very much experience needed. In brief: ANY security plugin (actually, eBooks are protected with security plug-in as well: EBX) does nothing but returns a decryption key to Adobe Acrobat Reader or Adobe Acrobat eBook Reader. Plug-in can make various hardware verifications, use parallel port dongles, connect to the publisher's web site and use asymmetric encryption, etc, but all ends up with a decryption key, because the Reader needs it to open the files. And when the key is there, we can use it to decrypt the document removing all permissions.

Below is the list (not complete) of Acrobat-based protections supported by Advanced eBook Processor:

* "standard" PDF encryption,
* BPTE_Rot13 (used by New Paradigm Resources Group, Inc.),
* FileOpen (by FileOpen Systems),
* SoftLock (by SoftLock Services, Inc.),
* InterTrust DocBox,
* Internet Standards Australia
* Adobe's Web Buy
* Adobe's eBook Reader (GlassBook Reader)

We claim that by aggressively pushing of standards, unapproved by professional cryptologists, to the fast growing electronic books market and with pursuing of independent researchers who tries to highlight the problems, Adobe Systems violates the rights of books authors and publishers, which may result the unauthorised distribution of their books in the Internet.

15. On July 2, 2001, I reviewed the website for the "Defcon-9" convention scheduled for July 13-15, 2001, in Las Vegas Nevada. I observed that an individual identified as Dmitry Sklyarov and an individual identified as Andy Malyshev are listed as speakers who are to discuss the Acrobat e-Book Reader.

16. The website of Defcon-9 conference described it as follows:

an annual computer underground party for hackers held in Las Vegas, Nevada. It has been held every summer for the past eight years. Over those years it has grown in size, and attracted people from all over the planet. People attend to meet others into hacking, hang out with old friends, listen to new speeches or just hack on the network. That's what it is all about in a nutshell. Meeting other people and learning something new. Last year over 4,200 people showed up. That makes us (Currently) the largest hacking convention on the planet.

17. The Defcon-9 website described Dmitry Sklyarov's speech topic as follows:

Dmitry Sklyarov
Andy Malyshev
eBooks security – theory and practice
Security aspects of electronic books and documents, and a demonstration of how weak they are: "standard" PDF encryption, Rot13 (used by New Paradigm Resources Group, Inc.), FileOpen (by FileOpen Systems), SoftLock (by SoftLock Services, Inc.), Adobe's Web Buy, Adobe's eBook Reader (GlassBook Reader) InterTrust DocBox plug-in.

Documents publishing in electronic form have a lot of advantages against traditional on-paper publishing. You could easily find list of such advantages on web server of any company, which provides eBook solutions. But nobody perfects, and there is one big problem that related with eBooks. Information in electronic form could be duplicated and transmitted, and there is no reliable way to take control over that processes. There are several solutions from different companies that were developed to prevent unauthorized distribution of the electronic documents.

18. The Defcon 9 website also included the following statement from "Dmitry Sklyarov:"

My name is Dmitry Sklyarov. I'm employee of the Elcomsoft Company. As we have demonstrated in our speech on Black Hat Win2K Security (february 2001), encryption in Microsoft Office documents is very weak and password protection may be removed without any problems in most cases. In this speech I'll try to cover password protection aspects of electronic books and documents. The most attention will be paid to documents in PDF format...

19. On July 5, 2001, I spoke via telephone with Tom Diaz, Senior Engineering Manager for the eBook Development Group of Adobe. In response to my question, Diaz affirmed that he believes the Elcomsoft Software program, coupled with the Elcomsoft unlocking key, circumvents protection afforded by a technological measure developed by Adobe for its Acrobat eBook Reader either by avoiding, bypassing, removing, deactiviating, or otherwise impairing the technological measure.

Conclusion

20. Based on the foregoing, I believe Dmitry Sklyarov, employee of Elcomsoft and the individual listed on the Elcomsoft software products as the copyright holder of the program sold and produced by Elcomsoft, known as the Advanced eBook Processor, has willfully and for financial gain imported, offered to the public, provided, and otherwise trafficked in a technology, product, service, and device that is primarily designed or produced for the purpose of circumvention a technological measure that effectively controls access to a work protected under Title 17, namely books distributed in a form readable by the Adobe eBook Reader, in violation of Title 17, United States Code, Section 1201(b)(1)(A) and Title 18, United States Code, Section 2.

[Signature]
Daniel J. O'Connell
Special Agent
Federal Bureau of Investigation

Sworn and subscribed before me
this 10 day of July, 2001

Patricia V. Trumbull
United States Magistrate Judge

Source: http://www.usaondca.com/press/assets
/applets/2001_07_17_sklyarov.pdf (368KB)

MORE INFO

• See article index