Activist pens pirate's map to 'liberating' academic journals
See? Information really does want to be free
The cause of those who feel that information wants to be free, and that academic research should always be, have a new tool: a guide to defeating tracking traps that could identify document leakers.
An activist using the alias Storm Harding (@StormHarding) told the Chaos Communications Camp in Zehdenick, Germany, his "purely-imaginative framework" showcases the tactics publishers take to identify possible leakers.
"We are at war," Harding says.
"Remember this is serious business; people are getting arrested for sharing information.
"Elsevier has filed a John Doe lawsuit against (academic file sharing network) SciHub and Libgen is also under attack with the High Court blocking access in the United Kingdom."
Harding says authors should be contacted before publishing, and asked for permission to broadly distribute their work, but argues the literature should be published with or without approval.
Activists, notably the late Aaron Swartz, have argued that academic works should be freely and widely accessible online so that disadvantaged people can access the literature and not just those privileged enough to have access to libraries.
Swartz was arrested in 2011 after he siphoned 4.8 million academic works from the JSTOR repository. He was caught when he returned to a server cabinet where his laptop was connected.
Harding goes to some length defending the position of obtaining copyright scientific works, dubbing his methods "extra- and non- legal" means to obtain unethically-restricted works.
However, the debate ultimately centres on whether the targeted information should be free and the latest work is an arrow in the quiver of activists prepared to break laws to steal academic work.
Harding's popular lecture detailed the watermarking and metadata techniques used to identify works and listed tools that can identify and circumvent both mechanisms.
He said copyright works contain digital protection mechanisms including various metadata that will identify leakers and prevent printing or editing. Adobe's LifeLock for example requires a connection to a defined server in order for its protected documents to be read.
Harding recommends pirates research existing "document liberation" guides to mitigate the protections; these may include using brute-force PDF password guessing and manipulation tools, and tricks such as spoofing LifeLock's required server to localhost to gain document reading access.
Some documents for example contain IP address watermarking that can only be removed by re-printing margins such that the watermarks are permanently cropped out.
Much more clandestine watermarks which exist but have not been yet deployed include Natural Language Watermarking which modifies a document's text.
This advanced tactic means any single phrase in a document can be restructured so that a unique document is served to readers. This forces pirates to make document comparison checks using online services to detection manipulation.
Publishers may also serve documents with manipulated spacing between characters, lines, and paragraphs, however Harding says this is mitigated by dumping to plain text.
Harding warns against using Adobe's built-in metadata scrubbing tool which he calls "a lie" on account of it not scrubbing the UUID parameters that identify sources.
Those "dangerous" UUIDs lead to the 1999 arrest of the Melissa virus author who was busted after the field was plucked from a compromised Word document.
Many more potential forensic tricks not discussed exist including steganography in which watermarks could be hidden in images.
Operating security is king, Harding added. This means pirates should avoid renting books from physical libraries they plan to scan and upload because they risk being tied to the crime through their library card.
Open computer library terminals are preferred if libraries must be accessed and documents cannot be obtained from online assets.
Harding warns pirates to exercise avoid Swartz's mistake and "never return to the same feeding hole". If restricted areas require access, pirates should use social engineering to access restricted areas, taping up swipe card slot for example, so that they do not leave records.
He recommends they avoid uploading pinched documents from their home or academic networks, and should wind back document timestamps and wait some days before uploading in order to foil time-based correlation attacks. ®
Sponsored: Becoming a Pragmatic Security Leader