Language Selection

English French German Italian Portuguese Spanish

Nook Ebook Reader & DRM

I'm 62 years old, and I've always been a reader. So, a few months ago, I finally coughed up the money to purchase a Barnes and Noble Nook ebook reader. Despite being a Linux user and occasionally enjoying tinkering with the innards of things, I haven't rooted my Nook, or installed any other OS variant—it is completely stock.

Unlike my wife's Amazon Kindle (with its E-Ink display), my Nook's battery doesn't last long. The other day I was reading a good short novel I had just downloaded from Barnes and Noble. I'm about half way through the novel when my Nook's battery level gets very low.

Here's the rub: my charger unit has an intermittent electrical short, and I can't immediately plug it in to continue reading while recharging my nook (a couple of days later, I fix this).

But I want to finish reading my novel now! I've got the time, and I'm really into the story.

So, I'll go to my desktop computer, download a copy to it, and continue reading. Good plan, but after going to the B & N (mynook.barnesandnoble.com/library.html) site and downloading the .epub file, I can't read it. Gibberish on the screen with a warning about DRM encryption protection. Searching on Barnes and Noble's web site reveals that they don't have a Linux DRM reader, only a client for Macintosh and Microsoft Windows PC's.

OK, among the 3 laptops and 3 desktop computers we have here at home, we do have one installation of Microsoft Windows (on a Linux-MS Win dual-boot machine). I use MS-Win for occasional video editing and transcoding, and I don't want to have to restart the computer and boot into windows, just to finish reading the novel.

I consider running WINE on my main desktop Linux machine, but by now, I'm getting really irritated about this stupid DRM.

Bear in mind, I DO NOT STEAL CONTENT. I don't unlawfully download music, software, videos, and books. And when I purchase content, I don't electronically copy and redistribute it to others.

Feeling frustrated, I start looking on the Internet for a way to decrypt my novel so I can continue reading it on my Linux box.

Turns out that someone has written a couple of Python scripts—one to generate the Barnes and Noble encryption key, and one to decrypt the DRM'd .epub books and content. These Python scripts rely on your having the PyCrypto library installed (the script also uses the PyTKinter library for GUI).

Now, Barnes and Noble use an insecure method to generate the key. It is generated from two pieces of information: your name, and your credit card number.

So, I download the two Python scripts (source), and check them through to see if they contain any nefarious code designed to transmit my credit card number to the bad guys—the code is clean.

I invoke the keygen script, and type-in my name and number. Then I run the decrypt program and tell it to work on my novel, not really expecting this to work. Wow—it works perfectly. And now, I've got decrypted copies I can read on any of my electronic devices.

And DRM still stinks. Not only that, it reeks.

And I finish reading the novel.

More in Tux Machines

today's leftovers

  • 6 Excellent Console Linux File Managers
    A console application is computer software which can be used with a text-only computer interface, the command line interface, or a text-based interface included within a graphical user interface operating system, such as a terminal emulator (such as GNOME Terminal or the aforementioned Terminator). Whereas a graphical user interface application generally involves using the mouse and keyboard (or touch control), with a console application the primary (and often only) input method is the keyboard. Many console applications are command line tools, but there is a wealth of software that has a text-based user interface making use of ncurses, a library which allow programmers to write text-based user interfaces.
  • PHP Tour 2016 Clermont-Ferrand
  • Enlightenment's EFL Getting New DRM Library
    Chris Michael of Samsung has been working on a new DRM library for the Enlightenment Foundation Libraries (EFL) with a number of improvements. The initial implementation of this new library, Ecore_Drm2, has been added to EFL Git.
  • Antergos 2016.05.28 Screenshot Tour
  • Gentoo Linux 20160514 Screenshot Tour
  • First coding week with openSUSE, Google Summer of Code
    Embedded below is the blog of Google Summer of Code student Martin Garcia Monterde. Martin detailed his first week coding with openSUSE and the Google Summer of Code.
  • OpenPHT 1.5.2 for Debian/sid
    I have updated the openpht repository with builds of OpenPHT 1.5.2 for Debian/sid for both amd64 and i386 architecture. For those who have forgotten it, OpenPHT is the open source fork of Plex Home Theater that is used on RasPlex, see my last post concerning OpenPHT for details.
  • vcswatch is now looking for tags
    About a week ago, I extended vcswatch to also look at tags in git repositories. Previously, it was solely paying attention to the version number in the top paragraph in debian/changelog, and would alert if that version didn't match the package version in Debian unstable or experimental. The idea is that "UNRELEASED" versions will keep nagging the maintainer (via DDPO) not to forget that some day this package needs an upload. This works for git, svn, bzr, hg, cvs, mtn, and darcs repositories (in decreasing order of actual usage numbers in Debian. I had actually tried to add arch support as well, but that VCS is so weird that it wasn't worth the trouble).

Google and Oracle

Leftovers: OSS

Security Leftovers (Parrot Security OS 3.0 “Lithium”, Regulation)

  • Parrot Security OS 3.0 “Lithium” — Best Kali Linux Alternative Coming With New Features
    The Release Candidate of Parrot Security OS 3.0 ‘Lithium’ is now available for download. The much-anticipated final release will come in six different editions with the addition of Libre, LXDE, and Studio editions. The version 3.0 of this Kali Linux alternative is based on Debian Jessie and powered by custom hardened Linux 4.5 kernel.
  • Regulation can fix security, except you can't regulate security
    Every time I start a discussion about how we can solve some of our security problems it seems like the topics of professional organizations and regulation are where things end up. I think regulations and professional organizations can fix a lot of problems in an industry, I'm not sure they work for security. First let's talk about why regulation usually works, then, why it won't work for security.