Hackers claim they have found a way to crack Amazon's Kindle e-book reader claiming they've figured out ways to export protected content for use on other devices.
Amazon sells content for the Kindle in an ".azw" format, some of which is has DRM (digital rights management) technology, which prevents a file from being transferred to an unauthorised device.
But one blogger, who goes by the handle "I love cabbages," with a heart to designate "love," developed a program called "Unswindle" that can convert books stored in the Kindle for PC application into a different file format that can then be imported to another device.
"Primarily, I view DRM as an unnecessary restriction on legitimate freedoms, such as fair use of copyrighted material," the hacker said. "Laws such as the DMCA [Digital Millennium Copyright Act] turn those restrictions into injustice by making their circumvention illegal."
Amazon's proprietary ".azw" format is derived from a format called Mobipocket, which came from a French company of the same name that Amazon purchased, "I love cabbages" said the hacker. The Mobipocket format is still relatively popular.
A hacker named "igorsk" discovered that books in the Mobipocket format with DRM could still be read on the Kindle. Igorsk developed a tool that generated a "PID," or a unique device-specific encryption key, used for Kindle e-books that enabled Mobipocket books with DRM to be read, "I love cabbages" said. That enabled people to buy Mobipocket books from other vendors and read them on their Kindles.
Then, another hacker named "darkreverser" wrote MobideDRM, which could remove the DRM from Mobipocket files. Used in combination with Igorsk's tool, the two programs have allowed people to remove DRM from Kindle books.
But Amazon changed the encryption scheme when it released the Kindle for PC program, a free application that allows people to read Kindle titles on their PCs. Instead of using a single device encryption key for Kindle books, each book is now encrypted with a different key.
"Everything else is the same though - MobideDRM works, you just need to figure out a different key for each book instead of a single key for every book," I love cabbages wrote.
What Unswindle does is grab that unique key for every book using Windows debugging APIs, I love cabbages said. "It then hands all of the actual hard work of actual decryption to darkreverser's MobideDRM".
The files are then unencrypted Mobipocket files - which are similar to HTML files - which then can be converted to other e-book formats or PDF files using other tools, such as Calibre, I love cabbages said.
The blogger wrote that a new version of Kindle for PC doesn't appear to interfere with Unswindle.
"We'll see if Amazon throws out another new build in short order," I love cabbages wrote in an update to a 17 December blog post.
According to comments on the blog, some people found Unswindle worked while others encountered errors.
"I've been aching for someone to un-DRM Kindle4PC," wrote a user who goes by the name Lance." "A few of my textbooks for this semester and next are only available on Kindle and dead tree. I have an e-ink reader already so don't want to buy a Kindle, but the $10 Kindle book is so much better than a $30 paper book, not to mention it's reflowable and I can more easily make it fit my eSlick's screen."
"I love cabbages" said his method to crack Amazon's latest encryption scheme is the same as one found by an Israeli hacker nicknamed "Labba." "I love cabbages" said wrote about the hack on a forum several weeks ago but didn't release more details. Labba, however, figured it out and then "scooped me on releasing."
"He's since retracted his release and given me credit," wrote the hacker who loves cabbages.
Amazon officials were not immediately available for comment.