Recently, hundreds of highly sensitive documents belonging to Twitter were leaked out (see http://www.techcrunch.com/2009/07/14/in-our-inbox-hundreds-of-confidential-twitter-documents/). It seems someone hacked into Google Docs, where these documents had been stored, by conducting some sort of a simple dictionary attack on the Google account password.
A few obvious conclusions:
1. Use STRONG passwords, and definitely not a word or combination of words you can find in the dictionary.
2. Use a service that is more secure than Google Docs when storing highly sensitive information in the cloud (or don't store anything in the cloud at all...).
3. Consider using additional encryption (such as PDF protection or WinZip encryption) or use document control tools. A single password used for your account is not sufficient.
Monday, July 20, 2009
Tuesday, July 7, 2009
How to prevent copying of a PDF file
Preventing the ability to copy a PDF file is a question I've seen often. I guess it can get a little confusing due to the security mechanisms embedded in a PDF document. The short answer is you CANNOT prevent a PDF file from being copied. You can password protect it so anyone without a password is not able to open it, but if you had given a PDF file with a password to someone, it can now be freely copied.
You will need DRM or document control solutions in place to do any more than that.
You will need DRM or document control solutions in place to do any more than that.
Monday, June 22, 2009
Use Gmail to crack PDF passwords?
It seems Gmail's 'View as HTML' functionality completely ignores the password for permissions set for the original PDF document. So, if you would like to copy-paste or print a PDF document, all you need to do is to send the PDF document to Gmail, click 'View as HTML' and the online version displayed will have none of these restrictions!
Sunday, June 21, 2009
Cracking Adobe PDF document passwords
Sometimes you've got legitimate reason to crack a password protected PDF document. For example, you may legally have a right to open the encrypted or password-protected PDF document but had forgotten the password.
There are two types of PDF protection: the first prevents opening or viewing the PDF document, and the other restricts others from editing, printing or using copy-paste.
When it comes to the copying and printing restrictions:
A simple workaround is to open the document and capture the PDF page as an image using any free screen capture software. For multiple pages you may try SnagIt which has auto-scroll capabilities to for capturing the entire document automatically.
You can also purchase solutions such as Advanced PDF Password Recovery or PDF Password Remover. These will remove the restriction but will not recover the original password.
When there are document viewing restrictions:
There are applications, such as Advanced PDF Password Recovery Professionsl, that will use decryption methods such as dictionary attacks or brute force. They will try all character combinations to recover the password. This may take hours or even days, depending on the password length and your computer's speed.
There are two types of PDF protection: the first prevents opening or viewing the PDF document, and the other restricts others from editing, printing or using copy-paste.
When it comes to the copying and printing restrictions:
A simple workaround is to open the document and capture the PDF page as an image using any free screen capture software. For multiple pages you may try SnagIt which has auto-scroll capabilities to for capturing the entire document automatically.
You can also purchase solutions such as Advanced PDF Password Recovery or PDF Password Remover. These will remove the restriction but will not recover the original password.
When there are document viewing restrictions:
There are applications, such as Advanced PDF Password Recovery Professionsl, that will use decryption methods such as dictionary attacks or brute force. They will try all character combinations to recover the password. This may take hours or even days, depending on the password length and your computer's speed.
LockLizard PDF Document Security
Lizard Safeguard PDF document security software is for publishers of high value or confidential information published in PDF format, whether for sale to the public or internal control and protection.
It protects PDF documents from unauthorized viewing, copying, sharing, modifying, printing (including how many times), and saving in unprotected form, with US Government strength encryption and DRM Digital Rights Management controls.
Lizard Safeguard PDF security can be fully customized with your own company information. A simple to use web-based administration system lets you control customer access to your protected PDF documents and you can revoke access in real-time even after distribution. The administration system ma be hosted on your own server or on LockLizard's.
Friday, June 19, 2009
Understanding PDF Encryption and Password Protection
By default, Adobe PDF documents are saved in plaintext with no password and can be accessed and viewed by anyone for any purpose.You may, however, want a little more control over your PDF document and the information it contains and only allow certain people to view it, and possibly even prevent it from being copied or printed.
Typically, PDF documents are encrypted by 40-bit keys (low security) and 128-bit keys (for high security). 40-bit encryption is not considered very safe these days as powerful computers can crack them in a matter of hours. 128-bit encryption is much more secure (it would take 2^88 times longer to crack them) so the same brute force cracking methods could take thousands of years. In other words, the longer key increases the number of possible encryption keys by 309,485,009,821,345,068,724,781,056. So if a 40-bit encrypted PDF took 1 day to crack, it would take up to 309,485,009,821,345,068,724,781,056 days to crack a 128-bit encrypted document. 128-bit is thefore highly recommended and is safe for this forseeable future.
You can set two passwords to any PDF document: an "owner" password and a "user" password. Either of these passwords on their own allow the PDF to be decrypted. When the owner password is used the document can be read, copy-paste may be used and it may be printed out. When the user password is used, the PDF creator can apply various restrictions on the PDF document. Implementing these latter restrictions is up to the PDF viewer application, so a different viewer may ignore these restrictions provided the document had already been decrypted. The restrictions can restrict a user from doingfrom printing the document, from selecting content, performing copy-paste operations, etc.
This comes in handy id you wish to allow only certain people to be able to read your information when it contains confidetial information such as financial information, health information, legal information and more.
PDF control and protection requires a password which is used for the PDF encryption key. Without this password the content of the PDF file is unintelligible. This is because the encryption algorithm scrambles the data using a complicated mathematical algorithm that is dependent on the key or password you had selected, and that data may be un-scrambled using the same key.
Typically, PDF documents are encrypted by 40-bit keys (low security) and 128-bit keys (for high security). 40-bit encryption is not considered very safe these days as powerful computers can crack them in a matter of hours. 128-bit encryption is much more secure (it would take 2^88 times longer to crack them) so the same brute force cracking methods could take thousands of years. In other words, the longer key increases the number of possible encryption keys by 309,485,009,821,345,068,724,781,056. So if a 40-bit encrypted PDF took 1 day to crack, it would take up to 309,485,009,821,345,068,724,781,056 days to crack a 128-bit encrypted document. 128-bit is thefore highly recommended and is safe for this forseeable future.
You can set two passwords to any PDF document: an "owner" password and a "user" password. Either of these passwords on their own allow the PDF to be decrypted. When the owner password is used the document can be read, copy-paste may be used and it may be printed out. When the user password is used, the PDF creator can apply various restrictions on the PDF document. Implementing these latter restrictions is up to the PDF viewer application, so a different viewer may ignore these restrictions provided the document had already been decrypted. The restrictions can restrict a user from doingfrom printing the document, from selecting content, performing copy-paste operations, etc.
Subscribe to:
Posts (Atom)