I think you've been misled about the privacy policy of the plugin.

The Plugin FAQ states:
Q4. What information about me or my machine does the plugin send?
A4. The plugin sends only an identifier of the file that you are opening, and an identifier of your machine that was randomly generated when the plugin was first used. No other information about you or your machine is gathered or sent, nor anything that associates your machine with your name, location, etc. The information sent is the minimal information that allows us to administer both free and subscription access in a unified way.


However, the URL sent to nrbook.com was:
http://www.nrbook.com:80/fo/nr2copen.php?Request=DocPerm&USR=30237&ServiceID=NR2COPEN&DocumentID=C19-3&Mode=CNR&[/url]
Stamp=1168470302&Machine=********&Disk=********&Uuid=************************************&UNPData=0&Session=&User=#####&ProdVer=1.7.2.7&EncrVer=3.
6.4.1&AcroVersion=7.8&AcroProduct=Reader&AcroCanEdit=Yes&AcroPrefIDib=Yes&FormHFT=No&SelServer=Yes&InBrowser=Unk&DocIsLocal=Yes&DocPathUrl=file%3
a%2f%2f%2f%2fhome%2f#############&Build=727&Language=ENU&FowpKbd=No&VolName=&VolType=Unknown&VolSN=0&FSName=&OSType=&OSName=&OSVersi
on=&OSData=&OSBuild=&PrevMach=&PrevDisk=

This is a whole lot more information than "only an identifier of the file that you are opening, and an identifier of your machine". In particular it includes both the username of my account and the location of file on the local file system (both of which i hashed over). After this request, you now have the address of my machine and a valid local account name.

The OS information wasn't filled in on my machine, but perhaps on others that it can more readily identify, it is. I haven't checked.

Yes, I think you are right. We will ask the FileOpen people if there is a way to have the plug-in NOT send the user name and path information. In fact our script explicitly does not retrieve that information from the packet --- much less store it in any way -- so an accurate statement would be that we don't see more than the information quoted, not that it isn't sent.

For the issue of privacy in transit, we will look into whether we can do the packet exchange as an encrypted SSL transaction. I agree that sending the username is a bad idea. The O/S type is, I think legitimate, since we may in the future offer services that are O/S specific, so we would need to be able to respond accordingly.

Thanks for pointing this out.

Bill P.

OK, we're now doing the packet exchange by SSL, so user privacy issues should be much alleviated.

All Windows XP configurations that we know of shouldn't see any significant difference in performance. But, if anyone gets a strange popup with a message like "Unable to Connect to Server" or "Error #2115", please add to this thread with a description of your Windows configuration (version and service pack number especially).

If anyone is curious, here is an example of what we look at and log from a transaction after it is SSL decrypted on our server (names changed to protect the innocent):

20070114.193648 [timestamp]
172.30.249.161 [IP address, just as in a web log]
Y7W93MXP [unique ID generated by the plug-in]
JP [country associated with IP address]
NR2COPEN [meaning NR in C 2nd edition, open access version]
C0-2 [chapter and section]
XP Professional [operating system]

We think this is the minimum information we need to service both open access and (later on) new paid subscription material downloads, and is a reasonable balance between user anonymity and responsible e-commerce.

I have been to your site a few times in the past. Usually on a specific mission. It has been helpful some times and other times a quicker answer was found else where.
I have some time now, and was considering a more indepth evaluation leading to the purchase of the fortran and or c++ book(s).
My primary computer is a MacBook Pro and my number cruncher is a Mac Pro and several G5 xservs.
I download a pdf, http://www.nrbook.com/a/bookf90pdf/chap9f9.pdf
Blank pages... I went back and read about an important announcement for windows users.
As I use a Mac I was a little confused it should work for me?
Nope. Maybe I will try the plugin for Mac.
The plugin for mac is not compatible with Acrobat 8 for the mac... Too much mucking around I will read the forums

Your FAQ claims
Q3. What does the plugin do? How does it work?
A3. When you open a FileOpen encrypted document, either through your web browser or else a document already downloaded to your machine, the plugin exchanges a few dozen bytes with a web server, using the normal web protocol (port 80). In the case of a free document, the exchange simply verifies that it is, in fact, free. In the case of a subscription document, it verifies that you are a subscriber. Generally, this exchange will occur only once every 30 days for each document, and only when you actually open the document.

In your forum you concede, you defiantly collect:-
20070114.193648 [timestamp]
172.30.249.161 [IP address, just as in a web log]
Y7W93MXP [unique ID generated by the plug-in]
JP [country associated with IP address]
NR2COPEN [meaning NR in C 2nd edition, open access version]
C0-2 [chapter and section]
XP Professional [operating system]

You also don't deny that the plugin sends more data such as username and file path. Using ssl is a small and irrelevant consolation as the data is sent to a third party.

Your faq denies the plug in is spyware.
"Spyware is computer software that collects personal information about users without their informed consent." (wikipedia)
How can this be so? You claim in the FAQ:

Q4. What information about me or my machine does the plugin send?
A4. The plugin sends only an identifier of the file that you are opening, and an identifier of your machine that was randomly generated when the plugin was first used. No other information about you or your machine is gathered or sent, nor anything that associates your machine with your name, location, etc. The information sent is the minimal information that allows us to administer both free and subscription access in a unified way.


Lies. It is spyware under the guise of DRM.

Why do you need my ip address? And hence:-
my geographical information.
my service provider.
my organizations internet gate way
my clients, hotels etc when i travel
Why do you need to know the chapter and section i am referencing
if the connection truly is a few bytes once every 30 days (i doubt it. from further investigation it is more likely sent on every page view)
how can this be useful to you? In a 30 day period at least section 2.3 was looked at... (priceless info... you must collect a lot more than that)
Then there is the rest of the info that you claim to ignore, that is sent to you via a third party

http://www.nrbook.com:80/fo/nr2copen.php?Request=DocPerm&USR=30237&ServiceID=N R2COPEN&DocumentID=C19-3&Mode=CNR&[/url]
Stamp=1168470302&Machine=********&Disk=********&Uu id=************************************&UNPData=0& Session=&User=#####&ProdVer=1.7.2.7&EncrVer=3.
6.4.1&AcroVersion=7.8&AcroProduct=Reader&AcroCanEd it=Yes&AcroPrefIDib=Yes&FormHFT=No&SelServer=Yes&I nBrowser=Unk&DocIsLocal=Yes&DocPathUrl=file%3
a%2f%2f%2f%2fhome%2f#############&Build=727&Langua ge=ENU&FowpKbd=No&VolName=&VolType=Unknown&VolSN=0 &FSName=&OSType=&OSName=&OSVersi
on=&OSData=&OSBuild=&PrevMach=&PrevDisk=

Most people would not know that it is sent. I wouldn't have known if the plugin worked as advertised.

Perhaps you can explain why this plugin is computer software that collects personal information about users without their informed consent. And explain why it is not spywhere.

"We think this is the minimum information we need to service both open access and (later on) new paid subscription material downloads, and is a reasonable balance between user anonymity and responsible e-commerce."

Where is the anonymity? You send my user name, ip address, full file path, data i view, machine id, os type and version etc.
If you require this info maybe you would be polite enough to request i participate in a survey.
What is "responsible e-commerce"

As for DRM...
To the best of my knowlage my music on itunes does not report any of those details above back to apple. (or in this case a third party, http://www.nrbook.com)

If i bought the book (physical object) it would sit on my shelf, if i wanted to use it with my mac book, i could. If i wanted to check something on may mac pro or xservs i could sit infront of them too. i could even take the book to my colleagues laptop and discuss something.
However it appears (based on information gleened from the forums here and at fileopen.com) that the files will be locked to a single computer.

I usually upgrade the latest and gratest hardware, so there will be
- a lag before the plugin will run on my new hardware.
- some change of hardware / software hoops to jump through to get the DRM transfered
this will cause periods of time where i cant view the book. eg right now. the mac book pro has been available for nearly a year? now. that is a long time to wait.

The restriction of using acrobat reader.
I think AR is a poor program. Sure it has a lot of features preview is missing but i prefer not to use it. However I now have no choice.
"but people with ipods don't have a choice either" true but
The ipod is a good player.
I could buy the music from a different store for a different player
I have the option of burning a cd with the tracks on it. the cd is then free to use like any other cd.
(dont confuse this with printing the document that would be like generating the musical score from a song. there are huge advantages in having a digital version.)

In summery - whilst you have accumulated a good resource the data is not really unique.
The advantage is it is all in one place and in a usable form.
In my opinion, others may well disagree,
the invasion of privacy caused by the data collected
the deception by your selves via the missleading information about the information the plug in sends to a third party
the poor support for new products (intel macs, osx, acrobat 8) and the down time that will be incurred when new hardware is installed, or software is upgraded.
the inconvenience of being restricted to acrobat reader
the inconvenience of being restricted to viewing on one computer
the inconvenience of having to have in internet connection to decript the document
Its just not worth it.

The most disconcerting aspect is your deception to the people that support you.

Why did i waste so much time telling you this?
Well your 'DRM' implementation has lost you a customer...
I thought you might want to know. As I said you have a good resource it is a shame to waste it

Dane

Ps I realise you want to protect you IP. However DRM implies you don't trust your users to do the right thing.
Fair enough some probably wont. But you are inconveniencing 100% of the user base to prevent a small percentage from doing the wrong thing. Now of that small percentage how many do you expect to say "Oh this has DRM we better find a different source to steel from" and how many do you think will just bypass the DRM and continue on their way? Quick search on google...
FileOpen Systems responds to ElcomSoft PDF decryption
http://www.planetpdf.com/mainpage.asp?webpageid=1540

Dane,

Thanks for your post. We appreciate it when people take the time to give their views in detail, even when we don't agree with them. Then, other users can make informed choices.

Since I think that both sides of most of the issues you raise are by now pretty clear, I'll just respond on some factual items.

1. You are correct that the current plugin for Macintosh doesn't work with Reader 8, which was just released. It does work with Acrobat 7. The FileOpen folks promise a Macintosh plugin that works with both 7 and 8 soon. The Windows plugin works with both 7 and 8 (as well as earlier versions).

2. You are correct that, as the result of this thread, our FAQ needs some updating. We'll do that.

3. If you object to your IP address being logged, you probably shouldn't use the web at all! All ISPs that we know of log all web hits by IP address, URL, and time, and keep this data indefinitely. Basically we are adding the unique machine ID and the O/S type so that we can in the future offer additional services by machine and O/S, not just IP address (which is not a unique ID for most customers).

4. Since we have not yet rolled out new services, we have not yet decided how subscriptions will be linked to computers. It is probable that a single subscription will allow access on more than one computer (e.g., home, work, and laptop). Stay tuned!

5. We are sorry to lose you as a user. Unfortunately, in today's world, DRM is here to stay. Our publishers would make us remove NR from the web completely if we didn't take some modest steps in this direction.

Bill P.

Bill
In reply to points
1)
You website states the files are accessible with ar8 and safari, this was not true for me.
I had to find and install ar7, and it works fine. However the fileopen 'installer' fails and a manual install was required.

3)
I will assume that you don't realise that you are letting a third party match a specific computer, user, algorithm (chapter, section) and ip address
eg bill is working on a problem involving
Inverse Problems and the Use of A Priori Information
Maximum Entropy Image Restoration
Huffman Coding and Compression of Data
from the ip he is working for the gov/mil and periodically connects from a star-bucks in the proximity of the DOD....
Maybe bill has copied the pdf into a directory with the rest of his project files. Bill has also named the directory by his projects name.
Now you know what he is working on, who its for, how it may work, and where to find him for lunch...
taking that to the extreem
When he is at starbucks he uses wifi, therefor you have network access to his computer. You also have his username, computer type, os version etc, and a file path to his files.



Most websites can not do this.
Some employers would have a problem with the collection of this type of info. This may inadvertently break non-disclosure agreements.

2)
You should have done the research to make sure the FAQ was correct. It is negligent to decive your users.

4)
I hope that is the case.
Are you saying that if i was to buy a current electronic version it would not have the DRM?
Not trying to be smart here, I 'assumed' that if you protected the 'free' stuff the pay stuff would be protected too.
If that is not the case i may be interested in making a purchase

5)
Your publishers want to protect their intelectual property.
I don't think that has to involve restricting legitimate access
or seceratly publishing users personal information potentaly compromising their intelectual property.

I hope that you can find a solution that can still generate enough income to satisfy your publishers.