Defending Americans’ Right to Decrypt

July 16th, 2020 by Olga Koksharova
Category: «Did you know that...?», «Elcomsoft News», «General»

19 years ago, on July 16, 2001, the FBI arrested Dmitry Sklyarov, almost immediately after his speech at the DEF CON hacker conference, on a number of charges by Adobe. Dmitry was accused of many things, from software trafficking to conspiring with Elcomsoft and “third parties”, who put up the software for sale that could bypass technological protection on copyrighted material. Dmitry’s career at Elcomsoft began with a project on gaining access to protected Access databases. Soon, Dmitry got an idea about the security of PDF documents, and so he started working on it. From this idea the never-to-be-forgotten Advanced eBook Processor was born, because of which Dmitry was arrested in 2001 at DEF CON in Las Vegas, NV.

In particular, Dmitry developed a program that allowed the user to remove DRM protection from legally purchased PDF documents, including e-books. The program was released in 2001. According to the then-current Russian law, the buyer had the right to create one backup copy of the purchased product without informing the copyright holder. In other words, creating this product in Russia was legal under the Russian law. However, sales were conducted over the Internet, covering the entire world. Before Dmitry’s trip to DEF CON with a talk about his findings, the company had sold about 20 licenses of the product.

Once his talk was accepted, Dmitry safely arrived at DEF CON, and made a talk on eBook security. A couple days later, when leaving the hotel room and planning to go to the airport, he encountered several FBI men who politely offered Dmitry to follow them.

(Dmitry Sklyarov and Vladimir Katalov, right before Dmitry’s presentation on Defcon)

According to Dmitry’s words, he took it as a joke at first. At the conference there were a great number of games about the police, like for example “Spot the fed”, where players had to detect a federal agent by asking questions. Therefore, when Dmitry came across four people who introduced themselves as federal agents, he first decided it was a game and tried to pass them by. However, one of the feds stopped Dmitry and produced a token.

After examining his hotel room, the feds took Dmitry to the local court in Las Vegas. There were no pre-trial detention facilities, and it was not possible to release him on bail immediately. As a result, Dmitry was kept in a Las Vegas jail, where he spent 11 days. And then the fun began. Andrey Malyshev, the second employee of Elcomsoft, who was present during Dmitry’s talk at DEF CON and was also present at Dmitry’s arrest, immediately called Elcomsoft head office in Moscow and notified of Dmitry’s arrest. This caused a whole mayhem in Moscow. The consulate sent a request to the jail to find out if Dmitry was really being held in it.  However, they received an answer that there was no such person. Since a lawsuit against Dmitry was filed in California, so the trial was also to be held in California. While Dmitry was not in California, he was not in jail, but in transit. So, there was no information that Dmitry was jailed yet, and information on those arrested in transit was not available. Nice! Nevertheless, Dmitry was finally found a couple of days later.

Dmitry’s transportation is another story which deserves a record. By law, a person in transit cannot be kept in one detention facility for longer than 21 days. This way, they can transport him from one jail to another without limiting time in transit. Dmitry changed 3 jails.

After 11 days in Las Vegas, Dmitry was sent to Oklahoma, to the Federal Transfer Center right on the side of the airport. The Transfer Center was not bad at all, including five rooms with TVs, a microwave, an ice making machine and a lot of food; almost a hotel. After spending a week in Oklahoma, Dmitry was transported by plane to San Jose, California. The funny thing is that comparing the experience of several US detention facilities with the student construction teams and the army in the former USSR, Dmitry finds that it is more comfortable to be jailed in America.

When Dmitry was brought to San Jose, Adobe decided to abandon their claims. But the case could not be left just like that, and the state appeared in this case as a new claimant. Now public opinion started boiling, standing up for the defense of Dmitry Sklyarov with a series of manifestations in different countries.

Dmitry also received active support from the Electronic Frontier Foundation.

At first, Dmitry was accused of “benefiting from the distribution of the prohibited program” and “promoting the prohibited program to the market”, both of which were dropped soon and substituted by a new charge on conspiracy with the company. Later, a process against Elcomsoft started and Dmitry was released on bail until the court’s decision. The trial was held on December 17, 2002 in San Jose, where both Elcomsoft and Dmitry were found not guilty on all five charges. Elcomsoft won the case.

This case was full of interesting episodes from Dmitry’s temporary stay in the US and from the events in court. If you are willing to dig deeper into this, you can check more articles, interviews with Dmitry, as well as extensive coverage from the courtroom with interrogations of Alexander and Vladimir Katalov On Lisa Rein’s Radar.

Dmitry’s current view on this matter is rather ironic: “Now all this seems to me like this. Americans had the DMCA law. At that time, it was never applied to an individual, and therefore they needed a precedent. They needed a software developer who would create a software, after using which, one could be found guilty. It was necessary to demonstrate that the law works. As a result, it turned out that Alexander Katalov defended the interests of American citizens at his own expense, defended their right to make this kind of software”.

I couldn’t help but ask Dmitry whether the past 19 years changed his view of those events. Here’s what he said: “For the 19 years there have been no events that could affect my attitude towards the situation. It was an unpleasant but very interesting experience. It was also particularly touching that the company, specifically Alexander and Vladimir, stood up for me and did all in their power to help.

To my question to Dmitry whether he made any new attempts to visit the USA, he confessed: “A year ago, I applied for a visa again. After 4 months of processing, my application was rejected. Last time it took them 11 months. Old excuse, not enough evidence that I’m not going to immigrate. Maybe in 5 years I’ll try again.

Now Dmitry Sklyarov is a well-known information security researcher with his own team. He successfully worked in Elcomsoft for over 10 years, running several projects, including Advanced PDF Password Recovery (removing restrictions from PDF files and breaking PDF passwords to open the file), Elcomsoft Distributed Password Recovery (top password recovery software widely used by law enforcement and government agencies all over the world) and Elcomsoft iOS Forensic Toolkit (breaking the iPhone encryption, the first in the world).

(Vladimir Katalov and Kevin Mitnick, breaking the passcode on Kevin’s iPhone 4)

While working in the company, he also wrote a book “Hidden Keys to Software Break-ins and Unauthorized Entry”. Dmitry loves to write on cryptography and admits that he would love to do it more often if he had more time for this.



Advanced PDF Password Recovery

Unlock PDF documents and remove editing, printing and copying restrictions instantly. Open encrypted and password-protected PDF documents quickly and efficiently. The unique, patented Thunder Tables® technology guarantees the recovery of 40-bit keys in under a minute! The multi-threaded low-level code is optimized for modern multi-core PCs, ensuring the best performance and the quickest recovery of the most complex passwords.

Advanced PDF Password Recovery official web page & downloads »