Removing the DRM from the book puts you in contravention of terms and conditions and you then. Advertisement Jeff Bezos browses Amazon's Kindle store. ![]() This is made possible, thanks to a heap overflow vulnerability in the PDF rendering function (CVE-2021-30354), which can be leveraged to gain arbitrary write primitive, and a local privilege escalation flaw in the Kindle application manager service (CVE-2021-30355) that enables the threat actor to chain the two flaws to run malware-laced code as a root user. To try and protect your investment on Kindle and Nook, you can try to remove the DRM from the book. DRM on the device is handled at the account level, allowing a family that shares an account to swap content, just as they would swap books. The problem resides in the firmware's e-book parsing framework, specifically in the implementation associated with how PDF documents are opened, permitting an attacker to execute a malicious payload on the device. ASUS VivoBook F512 Thin and Lightweight Laptop, 15.6 FHD WideView NanoEdge, AMD R5-3500U CPU, 8GB RAM, 256GB SSD, Backlit KB, Fingerprint Reader, Windows 10, Peacock Blue, F512DA-EB51. Heap overflow vulnerability in the JBIG2Globals decoding algorithm Upon responsibly disclosing the issue to Amazon in February 2021, the retail and entertainment giant published a fix as part of its 5.13.5 version of Kindle firmware in April 2021.Īttacks exploiting the flaw commence by sending a malicious e-book to an intended victim, who, upon opening the book, triggers the infection sequence sans any interaction, allowing the bad actor to delete the user's library, gain full access to the Amazon account, or convert the Kindle into a bot for striking other devices in the target's local network. Kindle Direct Publishing Indie Digital & Print Publishing Made Easy: Shopbop Designer Fashion Brands: Amazon Warehouse Deep Discounts Open-Box Products: ZVAB Centralized Directory of Antiquarian Books: Amazon Business Pay by Invoice. It sounds like the persons account was deleted, but it shouldnt impact whats on the device save the revoked DRM licenses. ![]() Customer reviews help Amazon sell their products. Advertisement Jeff Bezos browses Amazons Kindle store. The fact you are a loyal customer for 10 years meant nothing to them. DRM on the device is handled at the account level, allowing a family that shares an account to swap content, just as they would swap books. I doubt that they care much about your problem. Those people in customer service are just hired helps. You are getting the Amazon standard canned replies. Edit: SeanDav Deleting Amazon Account wiping content from the device. It appears that you are caught in an Amazon bureaucratic nightmare. ![]() In other words, if a threat actor wanted to single out a specific group of people or demographic, it's possible for the adversary to choose a popular e-book in a language or dialect that's widely spoken among the group to tailor and orchestrate a highly targeted cyber attack. If this person did in fact purchase DRM content and Amazon revoked it, then at a minimum the person should get a refund.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |