FileOpen Systems: Fileopen RightsManager / RightsServer & Client plugin overview
What is FileOpen
FileOpen is a secure document DRM system that uses a a plugin to Adobe Acrobat to control access and use of PDF documents.
For a list of issues with Adobe plugins see Adobe Security Plugins.
Protected documents can also be viewed using a Web Viewer but this provides less protection – see is FileOpen safe?
FileOpen Rights Manager
FileOpen RightsManager (previously known as Fileopen Publisher & Fileopen WebPublisher) is a the system used to protect PDF and office documents and control document access.
FileOpen Rights Server
FileOpen RightsServer is the same product as FileOpen Rights Manager but hosted by the customer on their own server.
FileOpen DRM Viewers, Client & FileOpen Plugins
- FileOpen DRM Viewers or clients are a plugin in to Adobe Acrobat that can be installed on a device. Just like an EXE file, you need Windows Administrator rights to install a plugin.
- An EXE file has to start every time users login to their computer in order to view Fileopen protected documents.
- The FileOpen plugin accesses the FileOpen Rights Server so users need to allow access to this URL in their Firewall.
- Users have to turn off security in Adobe Reader for the Fileopen client plugin to work.
- Users can also use a web browser (Chrome is not supported) to access protected PDF files. This decrypts content on a server and is then streamed to client viewers.
- Users must connect to the Internet (to the FileOpen Rights Manager server) at least once to view protected documents.
- Limited iOS support up to version 11.
FileOpen RightsServer & RightsManager costs
- With FileOpen document security you pay for the number of users viewing your documents so costs can quickly add up.
- With both FileOpen RightsManager and FileOpen RightsServer you are locked into paying yearly subscription fees so even if you host the system on your own server you have to pay every year for use of FileOpen Rights Server.
Is FileOpen Safe? – FileOpen Security Issues
- Uses a plugin to Adobe Acrobat and plugins are just not safe – see PDF plugin security issues
- Users must turn off security in Adobe Reader for the Fileopen plugin (Fileopen client) to work:
- You have to turn off Adobe’s certified mode (use only certified plugins) to view a protected Fileopen document.
- You have to turn off Adobe Reader’s Protected Mode to view Fileopen protected PDF files offline. This is Acrobat’s built-in defence against malicious PDF attacks which Adobe say should be enabled to protect user’s systems and data.
- The Web Viewer does not stop screen grabbing or prevent printing to unprotected PDF files.
- Elcomsoft CEO Vladimir Katalov said of FileOpen Publisher – “The code can be broken instantly or in a matter of a few hours – without Adobe Reader, FileOpen plug-in itself or whatever. FileOpen software, puts key information in the encrypted document, which is sort of like leaving your car with the keys in the ignition. FileOpen was chosen as an Adobe “security partner”, which leads me to wonder how closely Adobe examines the cryptography used by its partners.”. I’d call it “snake-oil” because of multiple vulnerabilities. Their main protection is DMCA – Digital Millennium Copyright Act.)”. FileOpen Rights Manager was previously called FileOpen Publisher and FileOpen WebPublisher.