pdf plugin drm security

PDF Plugins

PDF Plugins for document DRM security & PDF protection

  Free Trial & Demo

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

The issues of PDF plug-ins – conflicts, updates, and malware

Why use Plugins for PDF DRM Security?

At first sight, plugins (software components that add features to existing applications – most typically browsers) offer a superior way of delivering Digital Rights Management (DRM) functionality into PDF documents on an end user device (desktop, laptop, tablet and so on).

The attractions are that plugins may be delivered ‘seamlessly’ through the browser, that they inherit all the authority of the browser, and act transparently so the end user need not be aware that they are there.  Users would be amazed to find out just how many plugins (or add-ons) are already installed in their browsers and they never noticed.  Good bets you will find Flash, Quicktime, Java, WordPress, Moodle, IrfanView and so on.

So a well-designed plugin can offer good PDF security because it can be delivered reasonably easily, has direct access into the browser functionality and a connection to the Internet already provided so it can download documents as required and do any user authentication required.

However, in practice there are some problems when it comes to the implementation.

Plugins and conflicts, admin rights, malware and updates

Current security controls often require an Administrator to allow them to be installed, just the same as an executable does, so that makes them the same as installing application software.  However, unlike application software they can create a gateway for other applications or malware to enter, decreasing the overall security of the application they are plugged in to.

Browsers can run many plugins at the same time, and the plugins are not ‘aware’ of each other, and therefore of any conflict over the resources they are using.  So it is possible for them to be in conflict with each other when using the same data (they are using the browser’s data so there is no sand box control) and it can be a complex thing for the plugin supplier to test out their plugin with all the commonest suppliers to make sure everything works.  There is no formal testing process by the browser providers.

By studying a plugin it is possible to see where it acts on data and design another plugin to take advantage by grabbing the data being processed.  It is also possible to manipulate plugins to allow malware to be uploaded into a user machine.

Browsers are always in a state of update.  And there is no coordinated schedule of when they are changing or what is changing.  So you can certainly participate in the browser beta schedules – the manufacturers helpfully make their expected release candidates available to extend their own testing capabilities – but changes to other plugins cannot be easily coped with.  So, if Adobe change their links for handling PDF files in Acrobat, separate plugins to process the PDF files may be affected and stop working.

This is compounded by the presence of different versions of browsers on different platforms.  So when updates roll through things can stop working for a while. And some corporations only allow versions of the browser that they have locked down, and this may not be compatible with updated plugins either.  So whilst the automatic plugins of the big software suppliers for PDF, Flash and Quicktime mainly work OK for corporates other plugins have no guarantee.

There are also a lot of differences between the corporate world and the consumer.  Corporates move slowly, preferring to be behind the curve on the systems they are running – not on the bleeding edge. Consumers often look for the latest and greatest and frequently change their environments.  This diversity gives the plugin provider serious operational problems.

   Plugins and document security

Increasingly plugins are a part of life.  You only have to look at WordPress to see how extensively plugins are required for normal processing, but they may not be too useful where security is required, as in PDF DRM.  Here you have to rely on the PDF security plugin working as expected (not conflicting or being circumvented by other plugins) and not failing to operate when Acrobat is frequently updated.  If you cannot achieve that then the plugin is effectively useless.

To read more about Adobe Security Plugins see:

  • Adobe Plug-ins and Security issues – explains why even ‘Adobe certified mode protection’ is not all it seems and that certified plugins are not guaranteed to be fit for purpose.
  • Plug-ins – a source of insecurity – examines and questions the claims often made by plug-in suppliers that they are secure, giving published examples of where they are not.  It demonstrates why you should not purchase a document security solution that relies on plugins.
  • PDF security flaws – covers common security flaws and vulnerabilities in Adobe Acrobat (the application that is plugged into).

Adobe Acrobat Plugins and certified mode

There are many Adobe Acrobat and Adobe Reader plug-ins that can load (by design) only in certified mode.  One example is all documents protected with “Adobe DRM” security handler (so-called eBooks).  Certified mode assures that all other plug-ins, loaded with those ones, have been also certified by Adobe.  However, with this vulnerability – Adobe Plug-ins compromised – the plug-in with forged signature can perform virtually everything, including but not limited to:

  • removing or modifying any restrictions (from copying text to Clipboard, printing etc) from the documents loaded into Adobe Acrobat or Adobe Reader
  • remove any DRM (Digital Rights Management) schemes from PDF documents, regardless the encryption handler used – WebBuy, InterTrust DocBox, Adobe DRM (EBX) etc.
  • modify or remove digital signatures used within a PDF document
  • affect any/all other aspects of a document’s confidentiality, integrity and authenticity.

The official US-CERT posting can be viewed here along with Adobe’s response.

Why plugins are useless for document security

  • Plugins can be overruled

    A plugin from one manufacturer can stop a plugin from another manufacturer from:

    • not working correctly
    • not working at all
    • changing what controls it enforces
  • Plugins can put your system at risk

    Some document DRM products like FileOpen Rights Manager require you to turn OFF security in Adobe Acrobat in order for their plugin to work.

    Some may say this is not a great basis for a security product, but it just emphasizes the point that even ‘security’ plugins are not as integrated into applications as you may think and may actually make it and your system less secure.

  • Plugins can be easily broken

    Plugins may suddenly stop working when there is:

    • an update to the application it plugs into
    • an update to another plugin within the application

    And if you think about all the different Operating Systems and versions of Adobe Acrobat that have to be supported (a plugin may work in one version but not another) you can see how the situation quickly gets out of control.

  • Anyone can write a plugin for Acrobat

    • Anyone can write a plug-in for Adobe Acrobat Standard or Professional without obtaining an IKLA.  See PDF plugin security.
    • If a company has an IKLA with Adobe Systems, it does not mean that their product is certified as fit for purpose, is secure, or will not create weaknesses in the system.
    • Plugin writers can forge signatures so that their plug-ins run in certified mode where they are given special privileges which can harm the system.
  • Plugins need Admin rights to install

    Companies selling plugin solutions will claim they are easier for users to install.  This is not true.

    • They require the same Administrator rights as installing any other software.
    • They are often more complex to install since they can clash with other plugins already installed – this can cause them to fail to install, or install incorrectly (i.e. they won’t work at all or as expected).

    And unlike application software they can create a gateway for other applications or malware to enter, decreasing the overall security of the application they are plugged in to.

Why Locklizard for PDF Protection?

Locklizard PDF Security – Total PDF DRM Security without Plugins or Passwords

Locklizard document security cannot be compromised by plugins because we prevent all plug-ins from loading so that no vulnerabilities can be introduced.

Locklizard takes your document protection seriously.  We provide total PDF protection with US Gov strength AES encryption, public key technology, DRM and licensing controls, to ensure your PDF files remain protected no matter where they reside.

  • Our DRM PDF Security products enable you to share documents securely without insecure passwords or plug-ins, and enforce access, location, expiry, and usage controls.
  • We use our own Secure Viewers to prevent plugins loading – so your document security cannot be compromised and continues to work even after updates have been applied.
  • Unlike Adobe Permissions which can be easily removed, our DRM controls persistently protect your PDF files and enable you to revoke PDFs at any time regardless of location.
  • No keys are exposed to users or interfaces and documents are only ever decrypted in memory – see our DRM technology.
  • Your PDF files always remain under your control – no uploading of unprotected files to the cloud.
  • Our easy to use adminsitration system provides simple user and document management and unlike passwords, keys are transparently and securely managed for you.

See our customer testimonials or read our case studies to see why thousands of organizations use Locklizard PDF security to securely share and sell their documents.

Customer Testimonials