Text version of affidavit provided by Cryptome.org
SEALED BY ORDER OF THE COURT
United States District Court
NORTHERN DISTRICT OF CALIFORNIA
UNITED STATES OF AMERICA
CASE NUMBER 5 01 257
I, the undersigned complainant being duly sworn state the following is true
and correct to the best of my knowledge and belief. On or about June 26,
2001 in Santa Clara county, in the Northern District of
California defendant(s) did, (Track Statutory Language of Offense)
import, offer to the public, provide, and otherwise traffic in a
software product that is primarily designed or produced for the purpose of
circumventing protection afforded by a technological measure that effectively
protects a right of a copyright owner under this title in a work or a portion
thereof, and aid and abet such conduct.
in violation of Title 17 United States Code, Section(s)
1201(b)(1)(A) and 18 U.S.C. Sec.2
I further state that I am a(n) Special Agent, F.B.I. and that this
complaint is based on the following facts:
see attached affidavit
5 years imprisonment
3 years supervised
$100 penalty assessment
Bail request: no bail
Continued on the attached sheet and made a part hereof [X] [
Approved as to form: [Signature] AUSA Joseph E. Sullivan
Name/Signature of Complainant: [Signature] Daniel J. O'Connell
Sworn to before me and subscribed in my presence
Date: July 7, 2001 at San Jose, California
U.S. Magistrate Judge Patricia V. Trumbull
|NORTHERN DISTRICT OF CALIFORNIA
COUNTY OF SANTA CLARA
|SS: AFFIDAVIT FOR COMPLAINT|
Daniel J. O'Connell, being duly sworn, deposes and states:
1. I submit this affidavit in support of a criminal complaint and an arrest
warrant for Dmitry Sklyarov, for violation of Title 17, United States Code,
Section 1201(b)(1)(A) -- circumvention of copyright protections, and Title 18,
United States Code, Section 2 -- aiding and abetting.
2. Title 17, United States Code, Section 1201(b) states in relevant part:
(1) No person shall manufacture, import, offer to the public,
provide, or otherwise traffic in any technology, product, service, device,
component, or part thereof, that -
(A) is primarily designed or produced for the purpose of circumventing
protection afforded by a technological measure that effectively protects a
right of a copyright owner under this title in a work or a portion thereof;
. . .
(2) As used in this subsection -
(A) to "circumvent protection afforded by a technological measure" means
avoiding, bypassing, removing, deactivating, or otherwise impairing a
3. Title 17, United States Code, Section 1204, states in part:
(a) In general. -- Any person who violates section 1201 or 1202
willfully and for purposes of commercial advantage or private financial gain,
(1) shall be fined not more than $500,000 or imprisoned for not more than 5
years or both, for the first offense; and
(2) shall be fined not more than $1,000,000 or imprisoned for not more than
10 years, or both, for any subsequent offense.
Background of Affiant
4. I have been employed as a Special Agent for the Federal Bureau of
Investigation for over twenty-five years. I am currently assigned to the High
Tech Squad at San Jose, California, which has responsibility for the theft of
intellectual property, theft of trade secrets, and violations of U.S. copyright
laws. I have participated in such intellectual property related investigations
since passage of the Economic Espionage Act of 1996.
Basis of Charges
5. On june 26, 2001, I met with representatives of Adobe Systems,
Incorporated (Adobe), located in San Jose, California. Kevin Nathanson, Group
Products Manager, eBooks, Adobe, told me the following:
a. Adobe produces computer software, including a software product
named Adobe eBook Reader.
b. eBook Reader works as follows: after users upload the program onto their
personal computer systems, the users can contact a Internet Web based
electronic bookseller such as Amazon.com or Barnes and Noble.com and purchase
a book titles in an electronic format known as an eBook. As a result of a
series of seamless transactions taking place between the electronic
bookseller, an Adobe Server, and the customer's computer, users may only open
and view the encrypted eBook on the specific computer that the user utilized
to engage in the transaction. Because the process is taking place outside the
view or control of the user, the user never sees the verification/decryption
process taking place between the eBook file and the Adobe eBook Reader.
Nevertheless, because the book sold in encrypted form and only accessible
through the eBook Reader and is not duplicatable, the copyright holder's
interest in the book is protected.
c. Adobe is being victimized by a Russian company named Elcomsoft.
Elcomsoft is distributing a key over the Internet in the form of a software
program that illegally unlocks copyright protections on the e-Book files. This
unlocking key is available for purchase on the Internet at http://www.elcomsoft.com/aebpr.html.
The commercial name given by Elcomsoft to this unlocking key program is
Advanced eBook Processor (AEBPR).
6. Nathanson and Daryl Spano, a technical Investigator,
Investigations/Anti-Piracy, Adobe, showed me Elcomsoft literature they observed
on the Internet which describes a program to decrypt eBooks in Adobe Acrobat
eBook Reader format (PDF files with EBX security handler) as well as Adobe
Acrobat PDF files protected using a standard security method, WebBuy Technology,
or any other Acrobat security plug-in (like FileOpen, SoftLock etc.). The
decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader)
without any restrictions -- i.e. with edit, copy print, annotate functions
enabled. All versions of Adobe Acrobat are supported. It can also decrypt e-Book
Pro (*.EBJ) files, extracting all html pages and images from them.
7. Nathanson told me that the real damage done by the AEBPR program is that
it creates a "naked file" that enables anyone to read the eBook on any computer
without paying the feed to the bookseller. Only one legitimate copy of the
encrypted eBook needs to be purchased originally and after the protections are
stripped through the usage of the Elcomsoft program, there are no restrictions
and the eBook can be duplicated freely and made available for usage on any
8. Daryl Spano told me the following:
a. Adobe purchased a copy of the Elcomsoft unlocking software over
the Internet, and an Adobe engineer told Spano that the unlocking key worked
as Elcomsoft claimed.
b. Adobe purchased the program through Elcomsoft through a U.S. based
company that Elcomsoft was using as a means of collection a $99 fee for
purchase and usage of the unlocking key. Nathanson and Spano told me that this
company was Register Now! (http://cryptome.org/www.regnow.com)
Dept # 1170-75, PO Box 1816 Issaquah, Washington 98027, 1-877-353-7297.
Register Now! collected the $99 fee that pays for the unlocking key.
Thereafter, Elcomsoft, after receiving verification from Register Now!,
electronically sent the unlocking key registration code from Elcomsoft to the
purchaser (Adobe) in San Jose, California, in the Northern District of
California. Spano provided documents to me reflecting the transaction and
showing that the unlocking key was purchased by Adobe on June 26, 2001.
c. The Elcomsoft unlocking software was downloaded for free directly from
the Elcomsoft site without purchasing the key. However, the software obtained
without the unlocking key allowed on to view only approximately ten percent of
an eBook in the Adobe format. In order to get the complete book, the person
downloading the Elcomsoft software was required to pay Elcomsoft the $99 fee
through the RegNow website to obtain the unlocking key.
d. A review of the opening screen on the Elcomsoft software purchased
showed that a person named Dmitry Sklyarov is identified as being the
copyright holder of the Elcomsoft program. Spano exhibited this opening screen
to me and provided me with a copy of the screen. Spano also provided me a copy
of the E-mail from Elcomsoft managing director Vladimir Katalov furnishing the
unlocking key after the fee had been paid to Elcomsoft through the RegNow
e. Adobe learned that Dmitry Sklyarov is slated to speak on July 15, 1001
at a conference entitled Defcon-9 at Las Vegas Nevada. Spano told me that he
learned that Sklyarov is scheduled to make a presentation related to the AEBPR
9. Nathanson told me that thus far, Elcomsoft had defeated ADobe's Version
2.1 eBook Reader and has threatened in literature on its website to issue a
"crack" for Acrobat eBook Reader Version 2.2 that has just been released.
10. Nathanson and Spano stated that Adobe has attempted to prevent Elcomsoft
from providing the unlocking key to the public and has been resisted in this
effort by Elcomsoft. Adobe has sent "cease and desist" letters to Elcomsoft,
RegNow and the Internet Service Provider for Elcomsoft, Verio Inc.
11. On July 2, 2001, I viewed the Internet home page of RegNow,
"www.regnow.com". The following products were listed for purchase through the
* Advanced PDF Password Recovery (Pro)
* Recover passwords to Adobe Acrobat PDF files
* ElcomSoft Co. Ltd.
* Advanced PDF Password Recovery
* Decrypt protected ADobe Acrobat PDF files.
* ElcomSoft Co. Ltd.
* Advanced eBook Processor (Discount)
* Decrypt protected Adobe Acrobat PDF files and eBooks
* ElcomSoft Co. Ltd.
When I used a computer mouse to select the above listed programs for purchase
through RegNow website, I was directed to the home page of Elcomsoft.com
12. On July 2 and 3, 2001, I observed the following information on the
ELCOMSOFT website in which Elcomsoft describes its business activity:
"ElcomSoft Co. Ltd. is a privately owned software development
company headquartered in Moscow, Russia. Established in 1990, Elco specializes
in producing Windows productivity and utility applications for businesses and
individuals...." "ElcomSoft Co. Ltd. is a member of the Russian Cryptology
Association (RCA) and a lifetime member of the Association of Shareware
Professionals (ASP). ElcomSoft is also a Microsoft Independent Software Vendor
13. I observed that the Elcomsoft website "home page" showed the following
information among a listing of new products and their release dates:
"June 26, 2001 New versions of Advanced eBook Processor and
Advanced NT Security Explorer now available" and "June 20, 1001 New product
has been released: Advanced eBook Processor. Decrypt eBooks for Adobe Acrobat
Reader and PDF's protected with all security plug-ins, including WebBuy!"
14. I observed that Elcomsoft described its product and made certain comments
about its legality as follows:
Advanced eBook Processor ....
06/20/2001 We have released our new program and called it AEBPR (Advanced
eBook Processor). The only thing the program does is: converting documents
from Acrobat eBook format (compiled for Adobe Acrobat eBook Reader) to the
plain Acrobat format (PDF). Again, that's all: from one Adobe format to
another. But PDF is much wider used, because there are (free) PDF viewers for
a lot of hardware platforms (from workstations to PDAs) and operating systems
(Windows, Mac, Linux etc), while Acrobat eBook Reader is available for Windows
and Mac only.
This program works only with eBooks you legally
own, i.e. purchased from one of online stores like Amazon or Barnes &
Noble. So we were absolutely sure that the owner of eBook has all rights to
read the book he purchased where he wants and how he wants.
demo version of AEBPR allowed to convert only first 10% of the book content.
To protect unauthorized distribution of eBooks on the piracy market, we have
set the "border" price for this program - $99, which is much more than an
average eBook cost (most eBooks are being sold from $10 to $30, and there are
a lot free ones).
You can download a demo version of AEBPR here, here or here (please not
that current release of our program does not support the latest version of
Adobe eBook Reader, 2.2; that is the result of unpredicted Adobe reaction to
our release of this program - see below.
06/25/2001 We have
received a notification from Adobe Anti-Piracy Enforcement Team team in which
they claimed that our program is illegal and we need to remove it immediately
from our site. They said they give us 5 days otherwise they will "pursue us
06/26/2001 We have received an email from our
ISP, Verio Inc. They wrote that Adobe has contacted them to shut down our Web
site (again, immediately). As Adobe wrote to Verio, the reason was: the site
"offers downloads to their copyrighted software published by Adobe Systems."
Obviously - this is not true, we never distributed any software copyrighted by
Adobe Systems. But as you can see, Adobe is not even going to collect the
correct information (what laws, copyrights and terms-of-use have been
violated), but just started their aggressive actions before 5-day period (they
set themselves) has expired. Really, they did not want to give us a time to
consult with our attorneys! Verio gave us 6 hours to remove this page (the one
you are reading now). So we moved the site to another ISP...
06/27/2001 (2:19:30 PM) Verio has contacted us again, this time
not asking for something, but just with a notification: "Host blocked:
www.elcomsoft.com/aebpr.html - 188.8.131.52 port 80 (www)" You can see, that
since they were not able to close our web site completely, they simply
disabled access to it on their routers. Moreover, they have blocked the whole
IP address of our server, so not only this site, but also lots of other (not
only ours) web sites became completely out of reach! But we already had a few
mirrors ready, and after this unfriendly action from Verio, we have updated
appropriate DNS records. In 6 hours, our web site was accessible again!
06/28/2001 (10:57 AM) Adobe has sent a complaint to RegNow , our
billing service (5 days are still not expired!). This time they called it
"unauthorized distribution of software"...
RegNow asked us for
advice what they should do in this situation. We didn't want them to be
involved in our problems, and so asked to stop sales of AEBPR....
07/03/2001 Now it's time for the brutal truth on Adobe eBook protection. We
claim that ANY eBook protection, based on Acrobat PDF format (as Adobe eBook
Reader is), is ABSOLUTELY insecure just due to the nature of this format and
encryption system developed by Adobe. The general rule is: if one can open
particular PDF file or eBook on his computer (does not matter with what kind
of permissions/restrictions), he can remove that protection (by converting
that file into "plain", unprotected PDF. Not very much experience needed. In
brief: ANY security plugin (actually, eBooks are protected with security
plug-in as well: EBX) does nothing but returns a decryption key to Adobe
Acrobat Reader or Adobe Acrobat eBook Reader. Plug-in can make various
hardware verifications, use parallel port dongles, connect to the publisher's
web site and use asymmetric encryption, etc, but all ends up with a decryption
key, because the Reader needs it to open the files. And when the key is there,
we can use it to decrypt the document removing all permissions.
Below is the list (not complete) of Acrobat-based protections
supported by Advanced eBook Processor:
* "standard" PDF encryption,
* BPTE_Rot13 (used by New Paradigm
Resources Group, Inc.),
* FileOpen (by FileOpen Systems),
* SoftLock (by
SoftLock Services, Inc.),
* InterTrust DocBox,
* Internet Standards
* Adobe's Web Buy
* Adobe's eBook Reader (GlassBook Reader)
We claim that by aggressively pushing of standards, unapproved by
professional cryptologists, to the fast growing electronic books market and
with pursuing of independent researchers who tries to highlight the problems,
Adobe Systems violates the rights of books authors and publishers, which may
result the unauthorised distribution of their books in the Internet.
15. On July 2, 2001, I reviewed the website for the "Defcon-9" convention
scheduled for July 13-15, 2001, in Las Vegas Nevada. I observed that an
individual identified as Dmitry Sklyarov and an individual identified as Andy
Malyshev are listed as speakers who are to discuss the Acrobat e-Book Reader.
16. The website of Defcon-9 conference described it as follows:
an annual computer underground party for hackers held in Las
Vegas, Nevada. It has been held every summer for the past eight years. Over
those years it has grown in size, and attracted people from all over the
planet. People attend to meet others into hacking, hang out with old friends,
listen to new speeches or just hack on the network. That's what it is all
about in a nutshell. Meeting other people and learning something new. Last
year over 4,200 people showed up. That makes us (Currently) the largest
hacking convention on the planet.
17. The Defcon-9 website described Dmitry Sklyarov's speech topic as follows:
eBooks security – theory and
Security aspects of electronic books and documents, and a
demonstration of how weak they are: "standard" PDF encryption, Rot13 (used by
New Paradigm Resources Group, Inc.), FileOpen (by FileOpen Systems), SoftLock
(by SoftLock Services, Inc.), Adobe's Web Buy, Adobe's eBook Reader (GlassBook
Reader) InterTrust DocBox plug-in.
Documents publishing in electronic form have a lot of advantages against
traditional on-paper publishing. You could easily find list of such advantages
on web server of any company, which provides eBook solutions. But nobody
perfects, and there is one big problem that related with eBooks. Information
in electronic form could be duplicated and transmitted, and there is no
reliable way to take control over that processes. There are several solutions
from different companies that were developed to prevent unauthorized
distribution of the electronic documents.
18. The Defcon 9 website also included the following statement from "Dmitry
My name is Dmitry Sklyarov. I'm employee of the Elcomsoft Company.
As we have demonstrated in our speech on Black Hat Win2K Security (february
2001), encryption in Microsoft Office documents is very weak and password
protection may be removed without any problems in most cases. In this speech
I'll try to cover password protection aspects of electronic books and
documents. The most attention will be paid to documents in PDF format...
19. On July 5, 2001, I spoke via telephone with Tom Diaz, Senior Engineering
Manager for the eBook Development Group of Adobe. In response to my question,
Diaz affirmed that he believes the Elcomsoft Software program, coupled with the
Elcomsoft unlocking key, circumvents protection afforded by a technological
measure developed by Adobe for its Acrobat eBook Reader either by avoiding,
bypassing, removing, deactiviating, or otherwise impairing the technological
20. Based on the foregoing, I believe Dmitry Sklyarov, employee of Elcomsoft
and the individual listed on the Elcomsoft software products as the copyright
holder of the program sold and produced by Elcomsoft, known as the Advanced
eBook Processor, has willfully and for financial gain imported, offered to the
public, provided, and otherwise trafficked in a technology, product, service,
and device that is primarily designed or produced for the purpose of
circumvention a technological measure that effectively controls access to a work
protected under Title 17, namely books distributed in a form readable by the
Adobe eBook Reader, in violation of Title 17, United States Code, Section
1201(b)(1)(A) and Title 18, United States Code, Section 2.
Daniel J. O'Connell
Federal Bureau of Investigation
Sworn and subscribed before me
this 10 day of
Patricia V. Trumbull
United States Magistrate Judge