> We were planning to now focus on new accessibility features on our open-source Thorium Reader, better access to annotations for blind users and an advanced reading mode for dyslexic people. Too bad; disturbances around LCP will force us to focus on a new round of security measures
This is so funny to me. "We might have gotten around to making our software accessible, if it weren't for you meddling kids!"
I glance and skim the plain text because it is popular, but prefer to go back to the original and read the incomprehensible gobblegook the author intended me to have, and that I paid for.
> KOReader never contacted us: I don't think they know how low the certification fee would be
It's between 350USD (per platform) and 1,700USD per year. So the possible range is between 1700USD, and 3k USD... Yeah, that's totally reasonable for a FOSS project where the lower yearly cost is 110% of the amount they make in donations every year.
Do book drms even make sens? i can understand games, but how do you encrypt words that are meant to be read. People used to record music on the radio. It seems easier to ocr a book and generate text that way.
A big place where this gets used is to make Kindle ebooks only able to be read on a kindle.
Any time they update and change the DRM there’s a brief period where newly-released amazon kindle books essentially cannot be read anywhere except kindle hardware and official kindle apps. People have pretty consistently found ways around the DRM (for now). But amazon is always trying to crack down on this.
DRM on media almost never makes sense from an anti-piracy perspective. Any reasonably popular book, movie, or TV show is on The Pirate Bay within a single-digit number of hours of its release.
It makes a lot of sense from a lock-in perspective, though I'm not certain why that leads to publishers insisting on it.
You can always do OCR on the paper book, so if the easiest way to circumvent some ebook DRM were OCR, the vendor would probably consider that a resounding success.
Which is dumb because that still takes very little time and effort. You can pirate any paper book in like 10 minutes with a decent sheet fed scanner if you don't care about keeping it bound. What a hurdle.
But hey, Grandma Martha can't read her Kindle version on the new Kobo her grandson got her without buying a new copy. Fantastic.
> But hey, Grandma Martha can't read her Kindle version on the new Kobo her grandson got her without buying a new copy. Fantastic.
To the business-people making the kind of decisions we hate, that sounds to them like:
"So you're telling me grandma Martha is not rich, has no big team of lawyers, and they're taking down the agency advocating for consumers rights so no one can stop us if we fck her over and 200 million people more? Seems like it's her problem."*
Very curious (and nervous, as I can imagine more bad outcomes than good ones) as somebody that frequently lends ebooks from libraries supporting LCP. (The only thing worse than "controlled" digital lending would be no digital lending at all.)
LCP is as close to the platonic ideal of DRM as it gets: Essentially no obfuscation; cryptography largely something to point at when filing DMCA takedown requests. For better or worse, I suspect we're about to get some new case law for what constitutes an effective technical measure.
> You can, for sure, publish information relative to your discoveries to the extent UK laws allow. After study, we'll do our best to make the technology more robust. If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.
Disgusting behaviour, as expected from the publishing industry I suppose. This "EDRLab" outfit appears to be little more than a non-profit front for Hachette.
The author’s response was just perfect though in both tone and substance.
“As you have raised the possibility of legal action, I think it is best that we terminate this conversation.”
Once someone shoots off about getting the lawyers involved, there’s really nothing more than can productively be said (unless, of course, you are prepared to get your own lawyers involved).
> Disgusting behaviour, as expected from the publishing industry I suppose. This "EDRLab" outfit appears to be little more than a non-profit front for Hachette.
The quoted block is indeed disgusting, but it gets even weirder in the context of the full discussion, where the correspondent seems to be trying some sort of intellectual blackmail on the author of this article, saying that, as long as nobody talks about its deficiencies, DRM can be kept weak and inefficient—and so trying to blame increasingly cumbersome DRM on the people who want to access their material, rather than on the publishers. For example, with a nice and patronizing start:
> You've found a way to hack LCP using Thorium. Bravo! We certainly didn't sufficiently protect the system, we are already working on that. … If the DRM does not succeed, harder DRMs (for users) will be tested. I let you think about that aspect
They make a software to help libraries lend ebooks for free. Without their DRM you either wouldn’t be able to borrow ebooks because publishers would never agree to it, or would be limited to kindle/libby to read them. They’re not perfect but how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished? I don’t really understand why they’re being treated as the enemy here?
> They’re not perfect but how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished?
That's not what they said. This is how you should have read their reply:
> If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.
If you say something we don't like, if we think we can make the argument that the information about methodology and implementation you share for free, is circumvention of our DRM, we'll follow our existing strategy to abuse the legal system silence you and prevent you from sharing information.
> I don’t really understand why they’re being treated as the enemy here?
Because they are the bad guy, they're actively working to make the world worse. They're pretending like if it wasn't for their kindness, access to these ebooks would be impossible. But in reality they only care about controlling other people by force. The legal threats, insane arguments about how it's better if how their DRM works is a secret, the intent of the software they're defending, and the messages they sent; are just ways or attempts to exert control what other people are allowed to do, or are allowed to know
I'd also like to discourage this argument generally
> Without their DRM you either wouldn’t be able to borrow ebooks because publishers would never agree to it, or would be limited to kindle/libby to read them
The (unfair) translation of this is: If it wasn't me abusing you, it would be so much worse! You should be saying thank you that it's me abusing you! Not complaining about how you don't like how you're being treated!
Everything can always be worse, the point is to make it better, not accept something harmful.
What do you suggest as a better solution to
a. give people the possibility to buy electronic books, while avoiding that the publishers and authors risk losing their intellectual property
b. give libraries the possibility to lend ebooks fairly?
This is a genuine question. Are there better solutions than DRMs? Is Apple, Adobe or Amazon dealing with this better?
Intellectual property, as a property, is such a fundamentally busted idea to the point of absurdity. One of the symptoms of it presents itself in your very question.
The better option comes from the question
> how do we allow people to pay for it.
If you haven't lately, watch someone stream on twitch, people enjoy paying for stuff they like. Go look at any of the artists who release their albums for donations. Same outcome, when people don't feel taken advantage of, or abused they want to contribute fairly.
Will there be people who abuse it, yes, but how's DRM working? Torrents still exist. There's not a single thing I haven't been able to download without permission. DRM doesn't stop motivated people. It only motivates people like me who consider it toxic, to break it.
If I wanted to read a book, and could download it from a library, but I had to promise to delete it when I was done. Or I had to click a button to return it. I would. I would follow those rules because I agree with them. But if I wanted to read a book, that I wasn't willing to pay for, and my library couldn't give it to me in a format that works on my remarkable. Well I know how torrents work.
Are there better solutions than DRM. Yes trusting people. Even trusting those who you know you cant trust.
And then trusting people like me, with more than enough money, who will pay more than I think you could force the average individual to pay, because I want to support people creating art I enjoy. And I want people who can't afford it, people like past me, to enjoy it too.
It's a funny thing that, the only people I'm willing to give money to, already give away their content for free...
DRM for lending is one thing. I don't think I've seen a good argument against it.
DRM for sales is another. The world didn't end when Apple forced music publishers to drop DRM, and a number of smaller publishers have seen success selling DRM-free ebooks. I don't see why that couldn't happen with the wider ebook market.
>I don’t really understand why they’re being treated as the enemy here?
The gross manipulation attempt is what did it for me.
"We were planning to now focus on new accessibility features on our open-source Thorium Reader, better access to annotations for blind users and an advanced reading mode for dyslexic people. Too bad"
The legal threat at the end wasn't very cool, either.
> how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished?
Which copyrighted material is TFA republishing?
And where's the takedown notice? So far, there only seems to be an attempt of emotional blackmail ("take this down or we'll have to deprioritize our accessibility efforts").
> They make a software to help libraries lend ebooks for free.
Free to the library (?), but not free to the reader. (Readers indirectly pay for it via certification fees paid by the ereader vendor.)
It might well be the lesser evil compared to Kindle (closed ecosystem) and Adobe Digital Editions (words cannot describe the pain), but it's still a DRM scheme and as such restricts reading hardware/software choice, so I can see how its mere existence upsets people.
The effect, very often, is to force anybody with specific reading habits to buy Amazon or be unable to read their books. This is especially bad if you don't just buy books, but read through the library or especially if you get ARCs (advance reader copies, for pre-release reviews). Advance readers who don't have Kindle are jerked around constantly by DRM and especially changes in DRM schemes. It's really hard to not see this as collusion, as it suspiciously always works for the benefit of Amazon and the detriment of every single other person and company involved.
> how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished
It's not. That's not what happened here, though.
It is bad behavior when you threaten legal action against somebody working within their rights to legally allow people to read things that they paid for on devices that they've paid for. The DMCA has specific carve-outs for interoperability. Threatening legal action there is bully behavior. I'd argue that the ethics are pretty clear-cut here too. A ton of copyright law is incredibly badly balanced against the consumer and even against small artists in favor of the biggest players. If this was illegal, it would be the law that is unethical.
LCP markets itself as an open standard, but has made multiple platforms unusable for me as a kobo user. Aggressively seeking out content like this and trying to bully away fixes for the tiny portion of the market it is helping is reprehensible
A more straightforward way to do it, IMHO, is to use Thorium in conjunction with a Python script called lcpdedrm. If I remember well, that script isn't available directly any longer, but it is easy to look around and find copies of it. Then use Thorium for locally saving the file and use the Python script for removing the DRM.
If the files are just AES-encrypted and the links are there, as the linked article suggest, it seems that it would be easy to create a standalone script to download and decrypt these.
Granted, Readium LCP[0] may be one of the less odious DRM solutions out there for eBook contents, however it's still DRM. Handcuffs are still handcuffs regardless of how comfortably they fit.
DRM is in my view is too often used as a cudgel to mandate hardware and software level restrictions that take away the control of our own computing devices and environments. I personally hold that intellectual property isn't property, and is increasingly becoming a net negative to humanity as a whole. In the case of this article, there is an ominous threat of legal action against the disclosure of the author's work, potentially stifling the speech of a fellow hacker.
While I'm not unsympathetic to the plight of creatives, and their need to eat, I feel like the pendulum has swung so far to the interests of the copyright holders and away from the needs of the public that the bargain is no longer one I support.
Because of this stance, I find myself uncomfortably on the side of AI bros like Sam Altman who argue for the expansion of the fair use doctrine. I see AI as an accelerant in the erosion of IP's relevance and enforceability. With AI being able to crank out derivative works at scale, it blurs the lines between infringement and transformation. My hope is that the flood of such content makes enforcement impractical, and that it will further demonstrate that the IP emperor is naked.
Exactly. OpenAI and altman would be very happy to say that intelectual property does not apply to them but then enforce that law when they talk about their own intelectual property being used without their consent.
> I find myself uncomfortably on the side of AI bros like Sam Altman who argue for the expansion of the fair use doctrine
Why? Are you training LLMs?
I highly doubt they'll fight a pro-consumer fight completely incidental to their objectives (if not detracting: don't need to buy the source textbook if you can ask ChatGPT about its contents as soon as it's released).
The enemy of my enemy is my friend. Anything done to strengthen fair use is in my opinion a positive outcome. Happy to see copyright holders go toe-to-toe against a bully their own size. If both OpenAI and entrenched IP interests get bloodied in this fight, it's a win-win.
Contrary to this popular saying, real world friendship/enmity is not an anti-transitive relation.
I would expect most AI companies to be more than happy to throw consumers under the bus if it affords them a carve-out serving their own narrow interests.
"So, yeronner, I think you will agree that I was well within my rights to share a torrent of the new Batman movie, not for people to watch but so they could train their LLMS on it."
Definitely a cool post and I certainly think people should be able to de-DRM things they own for their own use, but I do have some sympathy for the defense of LCP.
Digital books are a good thing. I can hear about a book I'd like to read and start reading it minutes later. It also drastically lowers the barriers to publication for new or controversial authors. I want authors and publishers to be able to make money, so I think it's fair that they take some precautions to ensure that the book is not redistributed for free.
I would love if someone could come up with a truly friendly DRM for ebooks that would be supported by all major reading hardware/software and accepted by the publishers. Then we'd have a functioning ecosystem not dominated by one or two mega players. Curious what people here think might work?
The vast majority of authors hardly make any money, and DRM will not change that.
And given books are so easy to duplicate from the form that needs to be available to users to read, there is no world where DRM will ever stop duplication of books.
No DRM would really work. There's always the analog hole, and OCR is more effective than ever.
I want to read the books I buy on the device I paid for, regardless of what device it is or software it's running, and without having to ask an arbitrary middleman for permission. Nothing less is acceptable for me.
I was hoping to link to this from somewhere technically relevant but having scoped out the Copyright, Designs and Patents Act 1988 S296 it actually seems unwise to do so as a British person. Meanwhile Starmer is proud of Britain's "freedom of speech" (yes, I know freedom of speech sensibly has limits, but the statute is overly broad in this case).
Well, it does have the advantage of being actively maintained. If not necessarily very well. Recently, I had the fun of noting that their app was no longer behaving correctly with endnote links, and they suggested that my links were coded wrong. I pointed out that they were not, were standards-compliant and worked fine in every other epub reader I had. Even ADE! So I don't know what they were trying to do.
I had to script an install of ADE recently and apparently the only way to successfully silent install it is to create a registry key that pretends Norton 360 is installed, because their installer has a Norton Security Scan thing injected in which their silent flag doesn't handle.
The only time to directly threaten legal action is when you don't think legal action will achieve your goal, and you've got nothing else. Otherwise, there is no benefit to threatening legal action. Sure, you can imply it, but you gain nothing by showing those cards.
But the goals that these people pursue are difficult to understand or anticipate. You assume that because these people are employed by some business entity that their goals are "make more money" and such. That's rarely the case, even if we allow for the unenlightened version of "make more money".
Instead, assume that many, possibly even most, are more interested in being punitive out of some warped sense of justice. Though it might cost them a million in legal fees to discourage efforts to fix their DRM which in turn might only preserve a few tens of thousands in sales or other earning potential, they still doggedly chase these "goals". Sometimes, I think, the lawyers even point this out, only to be overruled by top management. This means that legal action can almost always achieve the goal, being that the goal is nothing more than to make their targets miserable.
That's a pretty impressive way to imagine people's motivations.
The likelihood of a non-profit outfit building open source software being driven by a warped sense of justice and the goal of making people miserable rather than, say, trying to make sure they can continue their stated mission and ensure publishers keep agreeing to digital book lending is pretty bold. But sure, why not.
>The likelihood of a non-profit outfit building open source software being driven by a warped sense of justice
Because those people are, after all, inhuman robots with no connection to humanity? In fact, I'd say that with any group of humans, each additional human makes this more likely, simply because this sort of attitude easily overrides the less-aggressive attitudes of those who don't agree with it.
You seem to disagree because it would be uncomfortable if I were correct, and you'd much rather it be true that I'm wrong.
>trying to make sure they can continue their stated mission
What person over the age of about 5 thinks that because an organization starts with a particular mission that, even a few years in, still strongly pursue it?
Legal action costs lots of money, no matter who you are, and it's slow. Threatening legal action is usually the most successful mechanism to make things happen, even if you have a one hundred percent chance of winning your case.
If this were true, i.e. in an ideal legal system, frivolous lawsuits wouldn't be a problem at all.
In many actual US jurisdictions (and presumably beyond), it's such a pervasive problem that there are now explicit "anti-SLAPP" laws on the book against just that.
Yeah, I wouldn’t share this so openly. Instead – like they said – build a one-click downloader, then go fill the shadow libraries with a bunch of trusted accomplices. (This is slightly less legal, though.)
Ebook vendors like eBooks.com (my company) face a real challenge with regard to DRM. On one hand we want frictionless freedom of use for our customers, but on the other hand the vast majority of our authors and publishers require that we secure their ebooks with DRM.
eBooks.com provides the ability for our customers to filter out DRM-ebooks from our catalog. There's a link to DRM-free titles on every page of eBooks.com. https://www.ebooks.com/en-au/drm-free/ But that's a very limited subset of our collection.
Opponents of DRM make important, legitimate points: "Ownership" of an ebook is very contingent. Even the slickest DRM system imposes unwelcome additional steps for the user, and limitations on what can be done with the ebook. And there is very little interoperability between vendors - silos as far as the eye can see.
But authors and publishers have a point too. There's a chart at the bottom of this article (our blog) that says it all, as far as publishers are concerned. It compares the gross revenue of music labels from 1993 to 2016 with that of book publishers during the same period. https://about.ebooks.com/should-we-sell-your-ebooks-without-...
We launched eBooks.com in 2000 and have continued to argue for DRM-free in every available forum. But we face understandable anxiety from authors and publishers. We can, and should, all argue the merits (or otherwise) of DRM but it remains a fact of life and will be with us for some time to come. So it falls to vendors and capable tech partners like EDRlab to try and make the best of it.
I know the guys at EDRlab and they are not conspiring with Big Tech, not motivated by profit but by good will. It's a rare thing. They are working on many fronts to build a system that gives authors and publishers the security they desire while at the same time minimizing complexity and maximizing interoperability for end users.
And interoperability is really important. It can unlock innovation.
The commercial ebook market is dominated by a single, ruthless almost-monopoly that sees authors as irksome, hates independent bookstores and strikes fear in the hearts of publishers large and small. It gets its way with everything and at the same time does not innovate. Why should it bother with R&D when it owns the market? In present circumstances, if a small team in Bhutan comes up with some genius idea (ebooks that sing in the bath?) they can't reach a market of any meaningful size. I mean, if a user is excited about this new app that can sing your books in the bath they might install the app but they won't be able to read any of the ebooks that they already bought from Kindle - or eBooks.com for that matter; because we're all using different, proprietary DRM protocols.
If enough vendors adopt it, EDRlab's DRM system holds out the prospect that users around the globe will be able switch from our platform to a better, competing platform, and take their collection of ebooks with them. That's beginning to look like a healthy, competitive market that can foster innovation.
In summary, yes we all hate DRM, but it's not going away. So let's give some credit to guys who are trying to make the best of this situation to the benefit of readers everywhere.
> We were planning to now focus on new accessibility features on our open-source Thorium Reader, better access to annotations for blind users and an advanced reading mode for dyslexic people. Too bad; disturbances around LCP will force us to focus on a new round of security measures
This is so funny to me. "We might have gotten around to making our software accessible, if it weren't for you meddling kids!"
Accessibility? Like with plain text? What a crazy world that would be.
I glance and skim the plain text because it is popular, but prefer to go back to the original and read the incomprehensible gobblegook the author intended me to have, and that I paid for.
Plain text is the best archival format.
Readium was also responsible for the takedown on the noDRM repo, a few years ago: https://news.ycombinator.com/item?id=29870151
The repo came back, but without the readium DRM code: https://github.com/noDRM/DeDRM_tools/blob/master/DeDRM_plugi...
To further Streisand this, I think the restored repo is here:
It works. Though I've found it only works for LCP epubs, not pdf's.
It doesn't work for the newest encryption scheme for epubs. Current epubs downloaded from NetGalley won't decrypt with it, unfortunately.
> KOReader never contacted us: I don't think they know how low the certification fee would be
It's between 350USD (per platform) and 1,700USD per year. So the possible range is between 1700USD, and 3k USD... Yeah, that's totally reasonable for a FOSS project where the lower yearly cost is 110% of the amount they make in donations every year.
Even if it's free I doubt they would have wanted it. Supporting DRM is the opposite of what KOreader is for.
Do book drms even make sens? i can understand games, but how do you encrypt words that are meant to be read. People used to record music on the radio. It seems easier to ocr a book and generate text that way.
A big place where this gets used is to make Kindle ebooks only able to be read on a kindle.
Any time they update and change the DRM there’s a brief period where newly-released amazon kindle books essentially cannot be read anywhere except kindle hardware and official kindle apps. People have pretty consistently found ways around the DRM (for now). But amazon is always trying to crack down on this.
It's also employed by digital libraries to enable lending of books.
DRM on media almost never makes sense from an anti-piracy perspective. Any reasonably popular book, movie, or TV show is on The Pirate Bay within a single-digit number of hours of its release.
It makes a lot of sense from a lock-in perspective, though I'm not certain why that leads to publishers insisting on it.
You can always do OCR on the paper book, so if the easiest way to circumvent some ebook DRM were OCR, the vendor would probably consider that a resounding success.
Which is dumb because that still takes very little time and effort. You can pirate any paper book in like 10 minutes with a decent sheet fed scanner if you don't care about keeping it bound. What a hurdle.
But hey, Grandma Martha can't read her Kindle version on the new Kobo her grandson got her without buying a new copy. Fantastic.
> But hey, Grandma Martha can't read her Kindle version on the new Kobo her grandson got her without buying a new copy. Fantastic.
To the business-people making the kind of decisions we hate, that sounds to them like:
"So you're telling me grandma Martha is not rich, has no big team of lawyers, and they're taking down the agency advocating for consumers rights so no one can stop us if we fck her over and 200 million people more? Seems like it's her problem."*
Very curious (and nervous, as I can imagine more bad outcomes than good ones) as somebody that frequently lends ebooks from libraries supporting LCP. (The only thing worse than "controlled" digital lending would be no digital lending at all.)
LCP is as close to the platonic ideal of DRM as it gets: Essentially no obfuscation; cryptography largely something to point at when filing DMCA takedown requests. For better or worse, I suspect we're about to get some new case law for what constitutes an effective technical measure.
.mobi as a TLD for a book blog on the removal of DRM is especially appropriate.
> You can, for sure, publish information relative to your discoveries to the extent UK laws allow. After study, we'll do our best to make the technology more robust. If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.
Disgusting behaviour, as expected from the publishing industry I suppose. This "EDRLab" outfit appears to be little more than a non-profit front for Hachette.
The author’s response was just perfect though in both tone and substance.
“As you have raised the possibility of legal action, I think it is best that we terminate this conversation.”
Once someone shoots off about getting the lawyers involved, there’s really nothing more than can productively be said (unless, of course, you are prepared to get your own lawyers involved).
> Disgusting behaviour, as expected from the publishing industry I suppose. This "EDRLab" outfit appears to be little more than a non-profit front for Hachette.
The quoted block is indeed disgusting, but it gets even weirder in the context of the full discussion, where the correspondent seems to be trying some sort of intellectual blackmail on the author of this article, saying that, as long as nobody talks about its deficiencies, DRM can be kept weak and inefficient—and so trying to blame increasingly cumbersome DRM on the people who want to access their material, rather than on the publishers. For example, with a nice and patronizing start:
> You've found a way to hack LCP using Thorium. Bravo! We certainly didn't sufficiently protect the system, we are already working on that. … If the DRM does not succeed, harder DRMs (for users) will be tested. I let you think about that aspect
> we are already working on that
so they worked on making harder to crack DRM before being informed of the weak DRM...
They make a software to help libraries lend ebooks for free. Without their DRM you either wouldn’t be able to borrow ebooks because publishers would never agree to it, or would be limited to kindle/libby to read them. They’re not perfect but how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished? I don’t really understand why they’re being treated as the enemy here?
> They’re not perfect but how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished?
That's not what they said. This is how you should have read their reply:
> If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.
If you say something we don't like, if we think we can make the argument that the information about methodology and implementation you share for free, is circumvention of our DRM, we'll follow our existing strategy to abuse the legal system silence you and prevent you from sharing information.
> I don’t really understand why they’re being treated as the enemy here?
Because they are the bad guy, they're actively working to make the world worse. They're pretending like if it wasn't for their kindness, access to these ebooks would be impossible. But in reality they only care about controlling other people by force. The legal threats, insane arguments about how it's better if how their DRM works is a secret, the intent of the software they're defending, and the messages they sent; are just ways or attempts to exert control what other people are allowed to do, or are allowed to know
I'd also like to discourage this argument generally
> Without their DRM you either wouldn’t be able to borrow ebooks because publishers would never agree to it, or would be limited to kindle/libby to read them
The (unfair) translation of this is: If it wasn't me abusing you, it would be so much worse! You should be saying thank you that it's me abusing you! Not complaining about how you don't like how you're being treated!
Everything can always be worse, the point is to make it better, not accept something harmful.
What do you suggest as a better solution to a. give people the possibility to buy electronic books, while avoiding that the publishers and authors risk losing their intellectual property b. give libraries the possibility to lend ebooks fairly? This is a genuine question. Are there better solutions than DRMs? Is Apple, Adobe or Amazon dealing with this better?
this question reeks of
> have you stopped beating your wife?
or, more fairly
> how do we force people to pay for content?
Intellectual property, as a property, is such a fundamentally busted idea to the point of absurdity. One of the symptoms of it presents itself in your very question.
The better option comes from the question
> how do we allow people to pay for it.
If you haven't lately, watch someone stream on twitch, people enjoy paying for stuff they like. Go look at any of the artists who release their albums for donations. Same outcome, when people don't feel taken advantage of, or abused they want to contribute fairly.
Will there be people who abuse it, yes, but how's DRM working? Torrents still exist. There's not a single thing I haven't been able to download without permission. DRM doesn't stop motivated people. It only motivates people like me who consider it toxic, to break it.
If I wanted to read a book, and could download it from a library, but I had to promise to delete it when I was done. Or I had to click a button to return it. I would. I would follow those rules because I agree with them. But if I wanted to read a book, that I wasn't willing to pay for, and my library couldn't give it to me in a format that works on my remarkable. Well I know how torrents work.
Are there better solutions than DRM. Yes trusting people. Even trusting those who you know you cant trust.
And then trusting people like me, with more than enough money, who will pay more than I think you could force the average individual to pay, because I want to support people creating art I enjoy. And I want people who can't afford it, people like past me, to enjoy it too.
It's a funny thing that, the only people I'm willing to give money to, already give away their content for free...
DRM for lending is one thing. I don't think I've seen a good argument against it.
DRM for sales is another. The world didn't end when Apple forced music publishers to drop DRM, and a number of smaller publishers have seen success selling DRM-free ebooks. I don't see why that couldn't happen with the wider ebook market.
>I don’t really understand why they’re being treated as the enemy here?
The gross manipulation attempt is what did it for me.
"We were planning to now focus on new accessibility features on our open-source Thorium Reader, better access to annotations for blind users and an advanced reading mode for dyslexic people. Too bad"
The legal threat at the end wasn't very cool, either.
> how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished?
Which copyrighted material is TFA republishing?
And where's the takedown notice? So far, there only seems to be an attempt of emotional blackmail ("take this down or we'll have to deprioritize our accessibility efforts").
> They make a software to help libraries lend ebooks for free.
Free to the library (?), but not free to the reader. (Readers indirectly pay for it via certification fees paid by the ereader vendor.)
It might well be the lesser evil compared to Kindle (closed ecosystem) and Adobe Digital Editions (words cannot describe the pain), but it's still a DRM scheme and as such restricts reading hardware/software choice, so I can see how its mere existence upsets people.
The effect, very often, is to force anybody with specific reading habits to buy Amazon or be unable to read their books. This is especially bad if you don't just buy books, but read through the library or especially if you get ARCs (advance reader copies, for pre-release reviews). Advance readers who don't have Kindle are jerked around constantly by DRM and especially changes in DRM schemes. It's really hard to not see this as collusion, as it suspiciously always works for the benefit of Amazon and the detriment of every single other person and company involved.
> how is it bad behavior to say you’ll issue a takedown notice if your copyright material is republished
It's not. That's not what happened here, though.
It is bad behavior when you threaten legal action against somebody working within their rights to legally allow people to read things that they paid for on devices that they've paid for. The DMCA has specific carve-outs for interoperability. Threatening legal action there is bully behavior. I'd argue that the ethics are pretty clear-cut here too. A ton of copyright law is incredibly badly balanced against the consumer and even against small artists in favor of the biggest players. If this was illegal, it would be the law that is unethical.
> They’re not perfect
Oh wow. Better make an exception in this one specific case then.
LCP markets itself as an open standard, but has made multiple platforms unusable for me as a kobo user. Aggressively seeking out content like this and trying to bully away fixes for the tiny portion of the market it is helping is reprehensible
A more straightforward way to do it, IMHO, is to use Thorium in conjunction with a Python script called lcpdedrm. If I remember well, that script isn't available directly any longer, but it is easy to look around and find copies of it. Then use Thorium for locally saving the file and use the Python script for removing the DRM.
The lcpdedrm script is, if I remember correctly, only suitable for Profile 1.0, which has since been replaced with the newer 2.0 version.
Why do you even need Thorium for this?
If the files are just AES-encrypted and the links are there, as the linked article suggest, it seems that it would be easy to create a standalone script to download and decrypt these.
(OP here) I discussed how the DRM works in an earlier blog post - https://shkspr.mobi/blog/2025/03/some-thoughts-on-lcp-ebook-...
Essentially, the key for decrypting the files is made up of the book owner's passphrase and the super-secret key embedded in the closed-source binary.
I wasn't able to reverse engineer the binary or extract that key.
The key is b3a07c4d42880e69398e05392405050efeea0664c0b638b7c986556fa9b58d77b31a40eb6a4fdba1e4537229d9f779daad1cc41ee968153cb71f27dc9696d40f
No, it isn't. That's the key for LCP Profile 1.0 - which was deprecated some time ago - https://readium.org/lcp-specs/notes/lcp-profile-upgrade.html
Granted, Readium LCP[0] may be one of the less odious DRM solutions out there for eBook contents, however it's still DRM. Handcuffs are still handcuffs regardless of how comfortably they fit.
DRM is in my view is too often used as a cudgel to mandate hardware and software level restrictions that take away the control of our own computing devices and environments. I personally hold that intellectual property isn't property, and is increasingly becoming a net negative to humanity as a whole. In the case of this article, there is an ominous threat of legal action against the disclosure of the author's work, potentially stifling the speech of a fellow hacker.
While I'm not unsympathetic to the plight of creatives, and their need to eat, I feel like the pendulum has swung so far to the interests of the copyright holders and away from the needs of the public that the bargain is no longer one I support.
Because of this stance, I find myself uncomfortably on the side of AI bros like Sam Altman who argue for the expansion of the fair use doctrine. I see AI as an accelerant in the erosion of IP's relevance and enforceability. With AI being able to crank out derivative works at scale, it blurs the lines between infringement and transformation. My hope is that the flood of such content makes enforcement impractical, and that it will further demonstrate that the IP emperor is naked.
[0]: https://www.edrlab.org/projects/readium-lcp/
Altman isn't on your side, or any side except his own. OpenAI insists both that they should be allowed to train models on any text they can gain access to, regardless of copyright or licensing (https://openai.com/index/openai-and-journalism/) and that you should not be allowed to train models on any text produced by their models (https://archive.is/20250130132153/https://www.nytimes.com/20...).
His ability to speak out of both sides of his mouth is why no one trusts him, and why I find it so uncomfortable to agree with anything he says.
Exactly. OpenAI and altman would be very happy to say that intelectual property does not apply to them but then enforce that law when they talk about their own intelectual property being used without their consent.
> I find myself uncomfortably on the side of AI bros like Sam Altman who argue for the expansion of the fair use doctrine
Why? Are you training LLMs?
I highly doubt they'll fight a pro-consumer fight completely incidental to their objectives (if not detracting: don't need to buy the source textbook if you can ask ChatGPT about its contents as soon as it's released).
The enemy of my enemy is my friend. Anything done to strengthen fair use is in my opinion a positive outcome. Happy to see copyright holders go toe-to-toe against a bully their own size. If both OpenAI and entrenched IP interests get bloodied in this fight, it's a win-win.
Contrary to this popular saying, real world friendship/enmity is not an anti-transitive relation.
I would expect most AI companies to be more than happy to throw consumers under the bus if it affords them a carve-out serving their own narrow interests.
Agree completely.
In a courthouse in the near future:
"So, yeronner, I think you will agree that I was well within my rights to share a torrent of the new Batman movie, not for people to watch but so they could train their LLMS on it."
Technically, you've got a point: https://xkcd.com/2173/ ("We trained a neural network to enjoy the latest Hollywood movies...")
Definitely a cool post and I certainly think people should be able to de-DRM things they own for their own use, but I do have some sympathy for the defense of LCP.
Digital books are a good thing. I can hear about a book I'd like to read and start reading it minutes later. It also drastically lowers the barriers to publication for new or controversial authors. I want authors and publishers to be able to make money, so I think it's fair that they take some precautions to ensure that the book is not redistributed for free.
I would love if someone could come up with a truly friendly DRM for ebooks that would be supported by all major reading hardware/software and accepted by the publishers. Then we'd have a functioning ecosystem not dominated by one or two mega players. Curious what people here think might work?
The vast majority of authors hardly make any money, and DRM will not change that.
And given books are so easy to duplicate from the form that needs to be available to users to read, there is no world where DRM will ever stop duplication of books.
No DRM would really work. There's always the analog hole, and OCR is more effective than ever.
I want to read the books I buy on the device I paid for, regardless of what device it is or software it's running, and without having to ask an arbitrary middleman for permission. Nothing less is acceptable for me.
I was hoping to link to this from somewhere technically relevant but having scoped out the Copyright, Designs and Patents Act 1988 S296 it actually seems unwise to do so as a British person. Meanwhile Starmer is proud of Britain's "freedom of speech" (yes, I know freedom of speech sensibly has limits, but the statute is overly broad in this case).
One should also note that Thorium is a remarkably crappy app to read Epubs on.
I've never used it myself, but I'd be really surprised if it somehow managed to be worse than Adobe Digital Editions.
Well, it does have the advantage of being actively maintained. If not necessarily very well. Recently, I had the fun of noting that their app was no longer behaving correctly with endnote links, and they suggested that my links were coded wrong. I pointed out that they were not, were standards-compliant and worked fine in every other epub reader I had. Even ADE! So I don't know what they were trying to do.
I had to script an install of ADE recently and apparently the only way to successfully silent install it is to create a registry key that pretends Norton 360 is installed, because their installer has a Norton Security Scan thing injected in which their silent flag doesn't handle.
I lol'ed.
Indeed, the bar is low.
The only time to directly threaten legal action is when you don't think legal action will achieve your goal, and you've got nothing else. Otherwise, there is no benefit to threatening legal action. Sure, you can imply it, but you gain nothing by showing those cards.
But the goals that these people pursue are difficult to understand or anticipate. You assume that because these people are employed by some business entity that their goals are "make more money" and such. That's rarely the case, even if we allow for the unenlightened version of "make more money".
Instead, assume that many, possibly even most, are more interested in being punitive out of some warped sense of justice. Though it might cost them a million in legal fees to discourage efforts to fix their DRM which in turn might only preserve a few tens of thousands in sales or other earning potential, they still doggedly chase these "goals". Sometimes, I think, the lawyers even point this out, only to be overruled by top management. This means that legal action can almost always achieve the goal, being that the goal is nothing more than to make their targets miserable.
That's a pretty impressive way to imagine people's motivations.
The likelihood of a non-profit outfit building open source software being driven by a warped sense of justice and the goal of making people miserable rather than, say, trying to make sure they can continue their stated mission and ensure publishers keep agreeing to digital book lending is pretty bold. But sure, why not.
>The likelihood of a non-profit outfit building open source software being driven by a warped sense of justice
Because those people are, after all, inhuman robots with no connection to humanity? In fact, I'd say that with any group of humans, each additional human makes this more likely, simply because this sort of attitude easily overrides the less-aggressive attitudes of those who don't agree with it.
You seem to disagree because it would be uncomfortable if I were correct, and you'd much rather it be true that I'm wrong.
>trying to make sure they can continue their stated mission
What person over the age of about 5 thinks that because an organization starts with a particular mission that, even a few years in, still strongly pursue it?
This isn't true at all.
Legal action costs lots of money, no matter who you are, and it's slow. Threatening legal action is usually the most successful mechanism to make things happen, even if you have a one hundred percent chance of winning your case.
If this were true, i.e. in an ideal legal system, frivolous lawsuits wouldn't be a problem at all.
In many actual US jurisdictions (and presumably beyond), it's such a pervasive problem that there are now explicit "anti-SLAPP" laws on the book against just that.
Yeah, I wouldn’t share this so openly. Instead – like they said – build a one-click downloader, then go fill the shadow libraries with a bunch of trusted accomplices. (This is slightly less legal, though.)
Ebook vendors like eBooks.com (my company) face a real challenge with regard to DRM. On one hand we want frictionless freedom of use for our customers, but on the other hand the vast majority of our authors and publishers require that we secure their ebooks with DRM.
eBooks.com provides the ability for our customers to filter out DRM-ebooks from our catalog. There's a link to DRM-free titles on every page of eBooks.com. https://www.ebooks.com/en-au/drm-free/ But that's a very limited subset of our collection.
Opponents of DRM make important, legitimate points: "Ownership" of an ebook is very contingent. Even the slickest DRM system imposes unwelcome additional steps for the user, and limitations on what can be done with the ebook. And there is very little interoperability between vendors - silos as far as the eye can see.
But authors and publishers have a point too. There's a chart at the bottom of this article (our blog) that says it all, as far as publishers are concerned. It compares the gross revenue of music labels from 1993 to 2016 with that of book publishers during the same period. https://about.ebooks.com/should-we-sell-your-ebooks-without-...
We launched eBooks.com in 2000 and have continued to argue for DRM-free in every available forum. But we face understandable anxiety from authors and publishers. We can, and should, all argue the merits (or otherwise) of DRM but it remains a fact of life and will be with us for some time to come. So it falls to vendors and capable tech partners like EDRlab to try and make the best of it.
I know the guys at EDRlab and they are not conspiring with Big Tech, not motivated by profit but by good will. It's a rare thing. They are working on many fronts to build a system that gives authors and publishers the security they desire while at the same time minimizing complexity and maximizing interoperability for end users.
And interoperability is really important. It can unlock innovation.
The commercial ebook market is dominated by a single, ruthless almost-monopoly that sees authors as irksome, hates independent bookstores and strikes fear in the hearts of publishers large and small. It gets its way with everything and at the same time does not innovate. Why should it bother with R&D when it owns the market? In present circumstances, if a small team in Bhutan comes up with some genius idea (ebooks that sing in the bath?) they can't reach a market of any meaningful size. I mean, if a user is excited about this new app that can sing your books in the bath they might install the app but they won't be able to read any of the ebooks that they already bought from Kindle - or eBooks.com for that matter; because we're all using different, proprietary DRM protocols.
If enough vendors adopt it, EDRlab's DRM system holds out the prospect that users around the globe will be able switch from our platform to a better, competing platform, and take their collection of ebooks with them. That's beginning to look like a healthy, competitive market that can foster innovation.
In summary, yes we all hate DRM, but it's not going away. So let's give some credit to guys who are trying to make the best of this situation to the benefit of readers everywhere.