Hugh Howey

Bestselling author of Wool and other books. Currently sailing around the world.

DRM: Dumb or Brilliant?

Harper Collins is employing a new watermarking DRM scheme, so they can tell where their pirated e-books are being sourced from. There are so many levels of dumb and brilliant here that it’s impossible to make a judgement, not without knowing the motivations of those involved.

If the idea is to actually stop piracy, the program is dumb as a bag of rocks with chains wrapped around it held fast by a bevy of padlocks. This won’t stop piracy. And it isn’t like piracy is even a concern. The music industry learned this (mostly and eventually). It takes a few clicks to stirp an ebook of its DRM. It’ll probably take an extra click or two to get rid of the watermark. Really, the only way to make a tamper-proof watermark would be to alter the formatting or content slightly for every outlet you upload to.

So how could this program be brilliant? Well, if it’s a scheme by the DRM manufacturer to make millions of dollars by selling snake oil to fearful publishers, it’s ingenious. I would think the engineers behind this are savvy enough to know it won’t stop the piracy, and they are probably savvy enough to know that piracy has almost no effect on ebook sales (in fact, our July AE report suggests that removing DRM might increase ebook sales. Studies in the music industry have shown the same effect And in traditional publishing, Tor has seen no detriment to going DRM-free).

Another way this program could be brilliant (though I fear no publisher is clever enough to think of this, and I’m probably giving them ideas) is to wage a fruitless legal battle with certain *cough* Amazon *cough* retailers. DRM removal on ebooks is a cinch. Buying ebooks on Amazon is a cinch. There’s a good chance that many of the pirated works are coming from Amazon sales. Perhaps publishers want a way to point back to the source and threaten legal action on the retailer, rather than tracking down the individuals who are doing the actual pirating.

Otherwise, what do publishers hope to gain with this program, other than annoy their paying customers who get locked into a single device? Let’s say they know a pirated ebook started with a purchase at Amazon. What then? Ask them to beef up their proprietary DRM? If Apple can’t keep their devices from being jailbroken (often on the day of release and with very smart people at Apple’s disposal), what hope does ebook DRM have? None.

To get around the unavailability of Harry Potter ebooks, fans took the time to go through the print books and TYPE THE WHOLE DAMN THINGS OUT. And then they uploaded these hand-made ebooks to warez sites. Publishers only lose money by fighting the needs and wishes of their paying customers. And their efforts don’t impact the people who refuse to support artists and publishers, anyway. There are hoarders out there who amass gigabytes of ebooks without any plan to read them, and these aren’t lost sales. It’s just a weird psychological dysfunction. Publishers should learn to ignore it and to embrace DRM-free media.



43 replies to “DRM: Dumb or Brilliant?”

Excellent points. I use Amazon for most of my eBook needs and have a Kindle Paperwhite to read on. But I know at some point Amazon will be replaced by something else. The next big thing may have me using a device that can’t use the Amazon eBooks that have DRM on them. So, what do I do?

I use an application called Calibre with a DRM removal tool that once setup strips the DRM without any effort on my part. I now hold a collection of all of my eBooks in a DRM free format and I have converted my .mobi and .azw eBooks to .epub using the same program.

In my opinion DRM never hurts the pirates. They always find ways around it. DRM hurts the paying customer by locking them into one retailer. If everything was DRM free then I could buy from B&N, Kobo or Amazon and it wouldn’t matter as long as I can convert the file. In 2014 it is shameful that the publishers haven’t learned the same lesson that the music industry finally learned, that DRM never benefits their customers.

Part of the problem is that they listen to advisers who don’t have the first clue about DRM and its effects on sales. Or maybe they do know, but they only get paid by people consumed with fear, so it’s best to keep them that way. A lot of studies have been performed, and a lack of DRM has never been conclusively shown to harm sales, while many studies have indicated that a lack of DRM can indeed increase sales.

Despite this, people cling to their intuition and fear rather than to evidence. And the customer suffers.

After the beyond insane DRM at Barnes & Noble prevented me from accessing I book I had already paid for, I wrote the author explaining that I know DRM decisions were out of their hands, but they are a best selling author and have more clout with publishers than I do. That this was what happened to me, and as a fan who has bought every one of their books, I am letting them know that DRM is hurting their fans and this fan would like it gone.

I got back a politely worded reply about how pirating costs authors thousands of dollars and while they understand that DRM isn’t a perfect solution, it’s the best they have and they need to protect themselves.

As a freelance writer and author who has seen my work stolen multiple times, including articles I wrote published on websites to support companie I never heard of or republished with someone else’s name on them, I get why piracy is upsetting. But it isn’t something you can actually stop, and anything you can do to try to stop only hurts the people who are actually buying the books in the first place. Unfortunately, it’s clear that publishers aren’t the only ones who are ignorant of the reality of piracy.

I have Calibre and I can’t get past the DRM. I hate it when I can’t choose the formats of books I paid for! Why can’t I have the book in different formats? Where do you find a drm removal tool?

Brilliant article! Just one observation. Don’t blame the engineers for this scheme, blame the people who conceived of the idea and hired the engineers! Engineers generally are very strong supporters of free information access.

I had to laugh at this. I always have to wonder about the corporate line about DRM. I’m not sure there’s a single engineer who ever thought “This DRM is perfect. Totally unbreakable! I’ve stopped piracy and made the world a better place” Having had to implement much smaller scale things like this for various companies the conversation always looks like this.

Me: “This isn’t going to stop anyone from stealing your stuff and is only going to inconvenience your legitimate buyers”
Them: “Do it anyway”

This is why we drink…

One point that most people seem to either forget or don’t know: Amazon sells plenty of KDP books that have no DRM on them. During the publishing process (it’s Step 6), Amazon asks a self-publisher if DRM is requested for the book, and the person punches a little radio button that signifies “yes” or “no.” An un-modified version of Calibre will not convert a DRM-protected Amazon book. However, when I have tried converting numerous of my Amazon-purchased e-books from one format to another, many will go through just fine, so they are out there. Non-DRM Amazon e-books are available.

I believe that a bigger problem is the fact that Amazon’s e-book format is proprietary. (And if I say anything here that is wrong, please correct me.) Amazon always uses some form of MOBI, whether straight MOBI 7 or KF8, for its e-books. Nobody else does, not Apple, nor Kobo, nor Nook… no one. All of the major e-book players worldwide, other than Amazon, use the EPUB format, a versatile open format that’s fairly easy to work with. (For the sake of completeness, it must be mentioned that Apple has one additional format—also proprietary—that it accepts. However that particular format is only required for particular types of enhanced e-books. Apple has always accepted, and still does accept, regular e-books in EPUB format.)

It is Amazon’s proprietary format, not its DRM, which ties customers to Amazon’s devices. You need either an Amazon app or Amazon’s hardware to read an e-book that is in Amazon’s format, even if you didn’t get that e-book from Amazon. If an author sells you an e-book in MOBI format from his or her own website, you still need Amazon—something created by and supplied by Amazon—in order to read it. In contrast, if you get an EPUB book (a non-DRM one, at least) from anywhere, you can read it on any EPUB reading device, whether from Apple, or Kobo, or Nook, or Readium, or someone else.

So… the question that some people keep asking—and keep worrying about—is “what happens if Amazon’s e-book universe disappears?” Not that Amazon itself will disappear; I don’t see that happening. But what if, for some reason, Amazon no longer supports its e-book formats? It can happen. Sony did it. After numerous years in the business, Sony no longer does e-books. Period. Quote from Sony: “accounts are now closed and access to purchased content is no longer available.” So, even if you *can* somehow strip the DRM off of your Amazon e-books (and it’s a pain in the ass to do it, even when it’s possible), you would still have to then convert them all to EPUB in order to read them on some other device.

This is what happens when there are two incompatible formats competing for customers. This is the potential for disaster that I, for one, can never quite let go of completely.

You may not know that Mobi is a published standard, so while nobody else is pushing it, many other places sell books in that format (to support kindle users), and software is readily available to read books in that format, or convert them (losslessly) to other formats.

Mobi also predates EPUB (it’s based on, and is a superset of the old palm PRC format), so if you are going to gripe about people going off on their own, blame the people who picked EPUB and declared it “the e-books standard”

The nice thing about standards is that there are so many of them to choose from.
Andrew S. Tanenbaum

This is why I remove the DRM and convert all my ebooks to ePub format.

I don’t actually own the eBook until the DRM is removed. Calibre with a DRM removal plugin makes this while process easy once setup.

Otherwise, what do publishers hope to gain with this program, other than annoy their paying customers who get locked into a single device?

Can you give us an example of a single device to which consumers are locked? When they buy a DRM book from Amazon, to what device are they locked?

I buy DRM books from Amazon and read them on Kindle, iPad, iPhone, Nexus, ChromeBook, and iMac. I pick up any of those devices and the book opens to the last page read. What’s to annoy?

The lower level Nooks don’t work for Kindle books. I don’t know about the high-end Nooks. Anyone know if the Kindle app works on the high-end Nook?

I don’t know anything about the Kobo.

But I do know it is misleading to claim DRM or Amazon format locks consumers into a single device. EBooks purchased from Amazon work on lots of different devices.

How about Kindle and Nook books can both be read on a wide variety of Android and IOS tablets and phones, while Apple can only be read on IOS devices and Macs.

Given the wide variety of devices on which consumers can read their eBooks, I doubt many feel locked up.

I don’t know what ecosystem means in economics. We don’t need metaphors when the facts are so simple.

if you can read you “kindle” books on most devices, and you can read “nook” books on most devices with no effort other than installing the appropriate app (and on other devices with a small amount of effort to convert/sideload it), how locked is it really?

It’s the default, and the default is made very easy to use. Once people buy a bunch of stuff, they don’t want to have to buy it again (which points to a different problem, one that the impending B&N/Nook crash is going to bring to a head as those people face loosing access to their books), but that’s not locked in.

Here’s my problem with this: I buy (and borrow) a lot of books in different ecosystems. I buy books from Amazon and Kobo. I borrow books from my library via OverDrive. I don’t buy books from B&N anymore, but I used to (and if you want to know, the reason I stopped buying it from them has to do with DRM!) I’ve even picked up a few books off of Google Play.

I don’t want to go through 4 or 5 different spots to find a book to read and I don’t want to only buy through one system (AKA Amazon, because they have the largest selection and several of their programs make some ebooks exclusive to them.) Some books I have to get through Amazon. Some books are simply cheaper on Amazon so I pick them. Some books I buy through my local indie bookstore (they get a credit when I buy through them) which works with Kobo. I used to own a Nook, thus my B&N purchases. My Google Play purchases were because one of my favorite authors had a short term half-price sale there and it was a chance to pick up a couple off his books that aren’t very popular for a reasonable price.

After I found out that I already owned the ebook I borrowed from the library both as an epub from B&N AND a mobi from Amazon (because I didn’t think I had it and so bought it again) I decided that I would much rather buy and add it to Calibre (which also allows you to change your mobi books into epub). At that point, I usually read it in a 3rd party app on my tablet (Aldiko)

I am very much against DRM, but am actually in favor of watermarking (done properly)

Implemented properly, watermarking would create a different version of the book for every person who buys it (not for every store), so it would need support from Amazon to do it properly.

Also done properly, it would be extremely hard to strip out the watermark from the book. This is a Stenography problem and the data that needs to be stored hidden in the book is very small.

as a technical aside, let’s say 24 bits of data to give 24M unique identifiers, add some extremely robust error correction and you are talking about 50 bits of data to hide in a 100K word book. since a bit can be any change at all, it can be spacing, punctuation, a misspelled word, a wrong word (too vs to, etc), hiding 50 mistakes in a 100K+ word novel is not that hard to do and would be very hard to eliminate.

Now, if they do something dumb and put it in the metadata, it can be stripped easily (but the common DRM stripping tools leave watermarks in place), remember my comment above about properly implemented :-)

Unlike DRM, watermarking imposes no restrictions or problems on the legitimate user, it’s a forensics tool that can be used to track where it came from if it’s found elsewhere (which doesn’t even prove that the person who purchased it put it there, although that’s probably the way to bet)

Properly implemented also implies making it known that they are watermarking, because it will tend to push fence sitters towards the honesty side of the fence (both in publishing and in acquiring material). Personally, i would combine the hidden watermarking with a page inserted into the book “this book purchased by X” and let dumb hackers remove the obvious label while leaving the real watermark untouched)

Yes, it can be defeated (burner card and e-mail address to buy it for example), but as you demonstrate with the talk about people re-typing Harry Potter, anything that a human can read/watch/hear must eventually be unencrypted at which point it can be digitized again, one way or another.

Anyone trying to claim that their digital security is foolproof doesn’t know what they are talking about. It can only be secure within it’s design limits (at best)

If watermarking makes publishers willing to drop DRM, I’m all for it.

Now, all that being said, do I think HC is going to implement this properly? Not at all.

Do I expect that ti will let them catch some pirates, absolutely, people tend to be careless about what they share.

Amazon is already doing something like that.

A friend of mine once tried to give me a mobi file that he had purchased, because he wanted me to read it urgently (and the ebook cost 15 bucks). I side-loaded it to my Kindle. When tried to open the file, I got a warning that this file had been purchased by someone else (it didn’t specify the name) and wasn’t mine. The file didn’t open at all. I deleted it again, feeling sheepish.

So Amazon must already mark files they sell with something that identifies the customer and triggers a warning if it shows up on another customer’s device.

You couldn’t read that book because it wasn’t lendable – either the author or publisher didn’t put it in Amazon’s Lending Library, so it couldn’t be borrowed. That keeps it with the purchaser.

Or you can convert the .mobi to .rtf, down to raw text, and format back up.

Books are words. Unless you modify the words for each version, no watermark is safe. To go extreme, you could move all the text to something like notepad and even lose the formatting (and italics/bold).

Books are words + formatting.

yes you would have to modify the words, but there is so little information that a watermark needs to store that this could be done in ways that the user wouldn’t notice.

would you notice 20 cases of i replaced by l throughout a book? or ‘ replaced by `?
These sorts of things, or any of the other mistakes that routinely slip through the copyediting stage could be used as data for a watermark.

to have 1M possible watermarks, you would need to have 20 bits of information, add some more bits to give you redundancy (and make it so that changing some of them isn’t going to give you a different legitimate watermark), and you are talking ~40 bits of information. On average, only half of those are a ‘1’, so you would be talking ~20 changes from the stock text that would need to be done over the entire book.

Can it be defeated?

Yes, from a technical point of view, you can buy a bunch of copies and compare them, throwing out the parts that are different.

From a practical point of view, burner accounts that are untraceable could be used to buy the book so the watermark wouldn’t matter as it couldn’t be traced.

But both of these take explicit plans to be a thief ahead of time, and people who go to those extremes are going to steal no matter what you do. The causal file-sharer isn’t going to do that, so watermarks are a good way to cut down on that category (or at least to show that that category isn’t a significant part of the problem)

You’re assuming I have to “notice” those things with my naked human eye. Running a text file through spell and grammar checks would show you any small errors meant to serve as a watermark.

And if a good hacker has two or three versions of the book, they can analyze them to find where all of the differences are. (And a hacker with a good sense of humor would insert all of the watermarks into the final file.)

A couple points.

1. I am not an author, but I seriously have to wonder if any author would be fine with the publisher or retailer deliberately adding spelling errors or punctuation errors into their books, especially considering the some amazon reviewers will remove stars from the review for such errors.

2. As a mentioned over at the passive voice, and Hugh has also mentioned. All it would take would be at least two copies of the book converted to straight text, compared for discrepancies, fixed and then uploaded to defeat the process. Most casual users would not figure it out but most casual pirates are not the ones uploading files to torrent site. Shoot, most users can’t even side load books onto their devices.

This is a useless anti-piracy step that will not prevent piracy and the cost of which they will be able to point to and say “see, this is why we need higher e-book prices”.

“I am not an author, but I seriously have to wonder if any author would be fine with the publisher or retailer deliberately adding spelling errors or punctuation errors into their books, especially considering the some amazon reviewers will remove stars from the review for such errors.

Every error made by an author could be blamed on the watermark.

Could be, but there’s no reason to suppose that it would be. Readers have often been known to blame traditionally published authors for bad covers, poor typesetting, or even the price of the book – all of which are the publisher’s fault.

David Lang,

I’m a bit confused. Is this “stenography” you refer to in your note supposed to be “steganography”? “Stenography” is just shorthand for writing things down quickly like newspaper reporters or secretaries taking dictation do in their work. “Steganography” is using cryptography to “send secret messages,” which I could see being used for watermarking. For example, see:



The biggest thing that I dislike about Amazon’s DRM is that, once you’ve implemented it, they won’t let you undo it.

With some of my earlier stories, I foolishly checked the box to apply DRM. I’d like to be able to undo it, but Amazon won’t allow it. Unless, of course, you completely unpublish the work, and republish it with a different title. That would be silly, confusing, and time-consuming.


I had forgotten about this until your blog post… the only time I’ve ever “pirated” a book was when I downloaded the digital versions of Harry Potter while I was reading through the series (I waited until they were all out)

I was heading out of the country and decided to leave the hefty print versions at home on my book shelf.

Most security measures accept that they are not perfect, and the people designing them are well aware of the vulnerabilities.

However, the existence of a vulnerability does not indicate the security measure is useless. Locks can be picked, Codes can be broken, Guards can be shot. Video cameras can be spray painted. Doors can be chopped down. Safes can be cracked. Birth control can fail.

Some hold that any vulnerability indicates the security measure should be abandoned. Others look at the probababilities of an incidence of failure. The security measures aim at reducing the incidence of unwanted events, not completely eliminating them.

So we have two different standards in play. One group demands perfect security, and advocates abandoning any attempts if it is at all possible for security to be breached. They judge security to be a failure if it is possible to breach it.

The other group looks at the extent of the breaches and judges success to be keeping breaches within defined limits.

If DRM is a problem for consumers, the market will solve it. Consumers will shun DRM books, and buy non-DRM books. DRM books will be driven from the market. But if DRM books are not avoided by consumers, then it’s safe to say only a few really care about it.

So far DRM as most places implement it has been annoying, but not a deal-breaker. However as someone else has mentioned in the comments, the way Barnes & Noble implments DRM has convinced me to never buy from them again. When B&N book and mortar stores were around I would routinely drop $50-100 on books ever few months. When the Nook came out I wanted it mainly out of brandloyalty than any real consideration of pros/cons. By that time I’d lost a good chunk of income and was doing most of my reading from the library, but I looked forward to getting my finances straightened out and being about to pick up a nook.

Yeah. No. I learned about the Nook desktop app, about the same time my family gave me a B&N giftcard for my birthday. After the insanity for first trying to buy a book w/o a credit/debit card, then not being allowed to open or download that book after the card I had expired, I am done with B&N. A store I have been shopping at for as long as I can remember will never get my business again b/c of DRM.

I wonder if DRM actually increases piracy? You know the old saying, “Deer always tastes better out of season.” There will always be those who get a vicarious thrill out of getting away with something. As for digital watermarks, I’d have no problems with them as an alternative to DRM. As long as I can do what I want with my ebooks for my own use, I’m happy. Only those who copy and distribute them illegally have anything to fear from watermarks.

DRM was the reason I stopped buying ebooks from B&N. About a year ago I noticed my favorite ereader in my tablet allowed you to load books you purchased from sites like B&N. Figuring this would be an easy way for me to keep all of my books in one place, I went to do it.

Then I found out that any book locked with DRM (and many of them were) could only be unlocked IF I had the last 5 digits of the credit card I used to purchase the book. Some of the books go back as far the Nook First Generation. I had NO IDEA what credit card I used and for many of them, even if I could say “I used the card on this account.” the credit card had expired and been replaced with a new number. Of course B&N only puts the last 4 digits of the card used on the invoices (safety measures, right?) Oh, and there were the books I purchased via gift card or a combination of gift card and credit card. They wouldn’t work at all.

DRM doesn’t stop piracy but it did cost B&N a customer!

DRM has NEVER stopped piracy. The only thing it has accomplished is making it harder for legitimate users to use the product they paid for. I understand companies wanting to try to stop piracy but someday they need to understand that no matter what they do if someone wants to steal it, they will find a way.

Has DRM ever stopped someone from including a book as an attachment to an email?

If someone wants to steal something they usually evaluate the effort involved. If the effort or risk exceeds their interest or benefit in stealing, they don’t try to steal it.

Not exactly DRM-free–but an apparent step in the direction you’ve been advocating (unless it’s a precursor to something Draconian everywhere else)…

“Both Apple and Amazon are going to let their customers share stuff they’ve bought from their digital storefronts with family members…”

They’re calling it Family Sharing and Family Library.

I am not so sure that most pirated books out there come from amazon.

you more often find the pirated book you want, by using the EPUB term, not MOBI in google and site searches and on IRC.

more pirated books exist in EPUB format than MOBI format.

one might say thats so because the drm remover converted it on calibre to ensure the drm has been removed. I dunno.

what it comes down to… is author appreciation and respect.

no drm will work.

The watermark could be stego’d into the cover image or any other image in the book. You’d never notice.

It would show up to a pirate pretty quick. If they ran a diff between two files all the changes would show up right away. (any source control program can do this.) Then they could either add random bits to the signature or zero out the signature. Then they could publish. Or they could just use a throw away account to buy the book. Stenography only works if you don’t known it is there. Or they could go back to cutting the spine off used books and running the pages through a scanner.

Comments are closed.