Author Archives: administrator

Javelin, Drumlin and Operating System updates: Windows, iOS and OSX

UPDATE 1: Javelin for iOS (a universal version, so iPhones are supported as well as iPADs) is now available on Apple’s iOS App Store and is iOS9 compatible

UPDATE 2 (revised 9th Jan 2016): Javelin for OSX 10.11 is available as via the Javelin downloads page on our website and is now on Apple’s Mac App Store. Javelin does work with El Capitan’s split-screen view, which you also invoke by pressing for longer on the green button and then choosing a screen half where you want Javelin and then another program for the other half.

And now for the full story…

As is ever the case, Apple and Microsoft continue to battle it out with ever more sophisticated updates (upgrades?!) to their operating systems. In nearly every instance this results in problems for end users who are brave enough to update their systems, especially for those “early adopters” who have not waited for the “updates to the updates” first.  The biggest problem for third party applications providers is the lack of backward compatibility with some of these updates. Comments on aspects of the most recent set that may affect users of our Javelin and Drumlin software products is provided below:

iOS 9: again, with essentially no notice (less than a week), on Sept 16th Apple released iOS9 on an unsuspecting public with numerous side effects – and as at 3rd Oct two OS updates to iOS 9 had already been issued by Apple and a new main version, iOS 9.1 was released on Oct 26th.

Where existing apps crash or fail to run at all, in most cases a simple re-install from the App Store will fix the problem – but the App Store app itself has had problems, so no guarantees there! Users who have updated to iOS9 and find the catalog facility results in their app exits suddenly or similar issues occur can resolve this by simply selecting the Grid/List icon on the home page and switching to the List view (see below).


For most versions of the iOS software the grid/list icon shown above is always enabled, but for the Taxbooks app it is turned off as default, but can be turned on via the Settings app on iPADs and iPhones, as shown below:


We have also had some users remove the existing app (deleting it and its files) and re-installing the current version of the app from Apple’s app store, and it then works again after re-authorizing their file or files … so it looks like some of the iOS9 library code is not fully backwards compatible.

Windows 10, and Win7/8 updates to 32/64 bit handling: at the end of July Microsoft released Windows 10, a major new version of its desktop operating system. As part of the move to Windows 10 changes have been made to the way entries in the registry are handled for 32- and 64-bit computers. Along with other changes this has meant we have had to create a new version of Javelin for Windows and Javelin Pro for Windows, specifically for the newer OS versions, including Win10. In addition, the so-called free upgrade to Windows 10 can result in a mess for end users, which takes a lot to sort out. In the case of Javelin, re-authorization will do the trick for most users after updating to the latest versions from our website, whereas with Drumlin, in most cases it works just fine but in some instances it is necessary to completely remove all traces of earlier installations and re-install the latest update from our website, and re-register if necessary (retaining your previous registration data from the apps/roaming/ folder should avoid this step). AdminApp is unaffected by these OS updates.

OSX 10.11 (El Capitan): Some users with OSX10.11 reported that they cannot authorize drmz files with Javelin on 10.11 systems – a version that resolves this is available on our website at: and is now available on the Mac’s AppStore

The list of what’s new in OSX 10.11 is provided by Apple here:

There is no indication in this list of changes in the way the operating system works. However, changes have been made to underlying features of OSX (and iOS9) which are described by Apple in technical notes here:

and tucked away within these release notes are details of a facility called App Transport Security (ATS). Essentially this introduces a mechanism whereby any application that asks for data from a standard web address starting with http:// will generate an error and may be prevented from continuing to work. Apple would like developers to switch to using https:// web addresses for anything that involves data retrieval. Javelin (all platforms) currently retrieves data from a standard http:// address during document authorization, although we may amend this shortly as our DRM servers all have SSL/https: support now.

… more on these OS updates as they occur!

New HTML5 service for online secure PDF viewing

Our online PDF viewer has just got better, faster and simpler to use, with even more security options. Examples of the new facilities are available via our Managed Online services page or simply click on the image below to see how this document looks within the secure PDF viewer – within your browser, on any device you like, with no software installations or downloads!

Amazon and Apple targeted by new EEC rules on ebook tax

Amazon and Apple, amongst other corporate giants in the ebook marketplace, have located themselves for EEC tax purposes in Luxembourg for the last few years. With a local rate of VAT (Sales tax) of 3% this is much lower than the 20%+ payable in most EEC countries. Now action has been taken to close this loophole but it does mean that every publisher selling to consumers in the EEC must be aware of the changes and take appropriate action.

Sales of ebooks from businesses to consumers (B2C sales) must have VAT added when the purchaser is located in any of the 28 EEC countries. Until the start of 2015 this VAT has been added at the rate applicable in the Publishers/Suppliers home country, not the Purchasers. As a result, companies like Amazon have been able to add 3% instead of 20%+ to their prices and substantially undercut similar publishers based in the targeted countries. To close this loophole the EEC now requires VAT to be charged at the rate applicable in the customer’s country, not the suppliers. This means applying the correct rate for each country for the product sold, and ensuring that the home country of the purchaser is known and recorded.

To avoid a publisher or service provider having to register with the tax authorities in all 28 EEC countries, a system known as VAT MOSS (Mini One Stop Shop) has been introduced. With this system we now add VAT at the appropriate rate to sales of secure PDFs made via our Managed Services facilities within the EEC. We then report the amount, country-by-country, via the MOSS service in the UK, and the UK tax authoriities will reconcile the taxes due to each EEC member state. What this means is that customers of our Managed Services will not have to worry about the new regulations, but DIY service publishers will need to register for the VAT MOSS service and account for VAT if they are selling to EEC consumers.

The UK VAT people (HMRC) expected 5000+ businesses to register for VAT MOSS – it is claimed that c.350,000 have done so!

If you would like to discuss our managed services please contact us

There has been a massive amount of discussion about the introduction of these charges, as evidenced by topics on Twitter #VATMESS and press articles. For more information on the UK implementation of VAT MOSS please click here

Adobe PDF print security is not secure at all!

Many people use the tools in Adobe Acrobat and related software (such as PDF exporting from MS Word) to add basic security features to their files. One such facility frequently required is protection against printing – essentially this disables the print menu and toolbar icon in Adobe reader and other Adobe products that display PDFs.

However, for some time now Adobe have recognized that this feature is not secure, because it is not part of PDF standards and other PDF reader providers do not implement this Adobe-specific feature. Indeed, Adobe Acrobat now displays a warning message to this effect (as shown below). For example, an Adobe print-protected PDF can be opened in Javelin for Windows and printed, with no problem at all! However, using the Print protection in our Drumlin PDF publishing software does provide such facilities, as the secured file is only readable using Javelin PDF readers (after authorization). Drumlin protects against printing of PDFs when you want to fully protect your PDF in this way, but also allows you to enable printing but restrict such printing to physical devices and specified numbers of pages.


Managed Services: Adding BUY NOW and ADD TO CART buttons

The Managed Services PDF Publishing facility we offer provides a web-based catalog ordering capability with Add to Cart or Buy Now buttons built into the online ordering pages. A full page examples can be seen at:

If required, these buttons can be placed on the publisher’s own website in order to provide a seamless user experience, optionally with the payment process etc being from the publishers own PayPal account. The result is still automated processing using our servers, so is essentially the same as linking to a catalog page on our managed services site. Other pages used in the process, such as the tailored email template and download template page, remain on our site and are managed by us on your behalf/with your branding/name etc..

Buttons such as these are created using simple HTML commands that look like: <form> a series of instructions… </form>. An example is:

If you click this button it will place a real order for a secure document (in this case a legal guide for US Law Students). In this example we have used the TEXT tab in the WordPress editor (as opposed to the VISUAL tab) to enter the HTML code that creates the button.

Some other points about this approach are noteworthy:

  1. Helpful information and guidance is needed to ensure that purchasers understand what technology platforms are supported (and maybe which are not supported) and whether or not printing of the item is permitted – our sample catalog pages all include this, so can be copied as examples
  2. If you do decide you would like buttons on your own site rather than ours we need to know this so we can ensure that customers return to your site rather than ours for additional orders etc – we would need to provide the button code for you, to ensure it is correct and has been tested on our servers first
  3. If we provide a managed service for a flat rate fee rather than a flat rate plus commission charge, you can be the recipient of the payments made directly rather than via us. Such payments have no commission deducted and appear directly into your PayPal account. In this case the PayPal payment receipt will be sent to you rather than us. You set the price and you are the contracting party for payment and any local sales tax/VAT computations and reporting.

For more information and advice on Managed Service PDF publishing please contact us

What is the difference between and implicit and an explicit hyperlink?

We often get asked why are web address like does not work as an active link to the web address in a PDF. This posting explains the difference between a link that an application “guesses” should be treated as a web or mail link, and a link that includes associated information to tell the application that it should act in a particular way. Note that in this posting the entry does not work as a link because I have not included an explicit link as part of this text, so the web browser thinks it is just pure text.

Explicit hyperlinks

Suppose you have a Word document, and you type the text “Click here to access my website”. This clearly will not go to your website when you click on it. However, if you select the text and use the menu option to Insert a Hyperlink, it will encode the text with an associated (hidden) string that tells Word to go to that URL when the item is clicked – and if you then export the Word document to a PDF it will ensure that the text string keeps this hidden association and the item will be shown as a link in the PDF and will work. So this is an explicitly coded link. If you have the URL as text in a document (e.g. in InDesign) it is the same – it is just text although many applications (e.g. almost all Adobe and Microsoft applications) may well ‘guess’ that you really mean the item to be a link – in fact it is difficult to stop them doing this if you don’t want them to. You can then tell InDesign to make it an explicit link as per Word or wait until it is output to PDF and use Adobe Acrobat, Tools option, Document processing (Create URLs) to make the links explicit, i.e. encoded into the underlying PDF file structure.

Implicit hyperlinks

If you open a PDF in Adobe Reader it will look at a text string that is probably a URL link and guess it should be a link and highlight it and act as if it was a real link – this is an implicit link, in that it implies its purpose from its structure. An implicit link will not be recognized and acted upon by Javelin and most other PDF readers – some PDF readers will work with implicit links and some will not. So, explicitly specifying text strings as links is the correct approach to take for safety.

PDF Printing

It is often the case that PDFs are distributed without really thinking about protecting them against printing. Quite often people will add basic protection against copying and editing using the tools provided in Adobe Acrobat or similar software (see further, below), but files that are not protected against printing or do not control the printing process, can easily be copied, scanned (including to PDF with OCR) and onward distributed.

Pros and Cons of PDFs

There is a lot to be said for the humble PDF. It allows us to share documents easily across multiple platforms, preserving everything from our intended layout, to the correct page order, to our chosen font size and style. However, as noted above, standard PDFs are not protected against the editing or copying of content, nor from printing.

Using the Tools facility in Adobe Acrobat it is possible to add various forms of content protection. These include protection against copying, editing and printing. Date/time-based protection is not provided.

However, these facilities are specific to the Adobe PDF technology and can be bypassed by widely available software that implements decryption, memory-scraping and screen-scraping. Perhaps more importantly they do not provide protection against copying entire documents by simply forwarding these to third parties.

Knowing When to Secure PDFs against Printing

It goes without saying that printing sensitive information carries a significant security risk. Whether this be internally within your company, such as staff payroll documents, contracts, financial statements, or marketing plans, or externally when printing is outsourced. Securing against printing is an ideal way of limiting the unauthorized views of your documents. There may be other benefits, such as managing costs and meeting environmental objectives.

Protecting PDFs

For real protection of PDFs they need to be encrypted and have controls or permissions associated with them. Various tools exist for protecting PDFs. Many PC users, for example, have Microsoft Office as their main document creation facility, As with all current MS Office applications, the File menu, Export facility enables you to save the current document as a PDF. This includes on Options form, as illustrated below,which includes an option to encrypt the document with a password. This provides a level of security against opening the document – the saved document will only open in Adobe Reader if the correct password is entered. Note that this provides no protection otherwise, i.e. printing etc are still permitted.


If Adobe Acrobat is installed on the same computer as above, it will automatically appear as an option on the File menu in MS Office applications as “Save as Adobe PDF”. In this case a different form is displayed, with more security facilities (see below). This is where you can see the options to control for printing (and for editing/copying etc.). The default settings are shown. As can be seen, in addition to the Open document password control there is a second password protected Permissions section.


Digital Rights Management protection

The protection mechanism above works quite well, especially for documents that are not particularly sensitive or high value. There are two main problems with the above approaches however. The first problem is that the document can still be sent to anyone, anywhere in the world, and viewed and copied any number of times. The second problem is that the security applied can be removed in many cases, or simply ignored by using a different PDF reader that does not adhere to Adobe’s settings. The solution to both problems is to apply digital rights management (DRM) controls to the document. In this case the steps are:

  1. create a standard PDF with no special settings
  2. use a special program to encrypt and add security permissions to the file, such as print controls
  3. make the file available to the target user(s) via email, web download etc together with details of how they can open and view the secured document
  4. the target user(s) open the document using a PDF reader (general a free PDF reader provided by the DRM service operator). The document will only open if additional security checks are passed, in all cases requiring a local or wide area network connection, typically to an in-network DRM service. This all happens in 1-2 seconds and includes centralized logging of the events so that actions may be tracked

For more information on providing print security and other DRM-enabled facilities, please contact us

Amazon Kindle Direct Publishing (KDP) and new European VAT rules for eBooks

In an email just issued to European Community-based KDP customers, Amazon have taken the decision to change the ebook pricing model they apply in order to cater for new European Community VAT rules coming into force on January 1st 2015. Essentially they are asking all publishers to adopt a VAT “inclusive” pricing model for their publications or they will impose one automatically. We at Drumlin Security have already requested that our customers do likewise, where their publications are sold to European-based consumer customers. For publishers who sell all or almost all of their publications outside the EEC the problem does not apply.

The core text from Amazon is shown below. More details from Amazon can be found here

“On January 1, 2015, European Union (EU) tax laws regarding the taxation of digital products (including eBooks) will change: previously, Value Added Tax (VAT) was applied based on the seller’s country – as of January 1st, VAT will be applied based on the buyer’s country. As a result, starting on January 1st, KDP authors must set list prices to be inclusive of VAT. We will also make a one-time adjustment for existing books published through KDP to move from VAT-exclusive list prices to list prices which include VAT. We’ll put these changes into effect starting January 1st; you may always change your prices at any time, but you do not need to take any action unless you wish to do so.

Starting January 1st, for any titles already published in KDP, we will make a one-time adjustment to convert VAT-exclusive list prices provided to us to VAT-inclusive list prices. Subject to minimum and maximum thresholds, we will add the applicable VAT based on the primary country of the marketplace to the VAT-exclusive list price provided. For example, if an author had previously set £5.00 as the VAT-exclusive list price for, the new VAT-inclusive list price will be £6.00 because the applicable VAT rate in the UK is 20%. Please note, if an author had set a consistent VAT-exclusive list price for all Euro based Kindle stores, those prices will now be different due to varying VAT rates for the primary country of each Kindle store. For example, if an author had previously provided a €6.00 VAT-exclusive list price for,,, and Kindle stores, the list prices including VAT will be €7.14 (19% VAT), €6.33 (5.5% VAT), €7.26 (21% VAT), and €7.32 (22% VAT) respectively.

Minimum and maximum list prices for the 35% and 70% royalty plans will now also include VAT. For books published before January 1st that would fall outside these new limits after VAT is included, we will adjust the list price to ensure the book remains in the same royalty plan that was previously selected.”

PDF form filling

Today’s question, which we are asked frequently, is “is it possible to have interactive form-filling in a secure PDF?” Here is our immediate response:

The brief answer is “no” – in fact this is a particularly problematic area where a document is encrypted, as “by definition” it cannot be amended because that would require decryption, modification of the document, and then re-encryption… which for truly secure offline documents is not possible. However, less secure solutions may be able to do this, and systems that interact with web-based facilities may also be able to do it. If you have an interactive PDF the probability is that it was produced using Adobe software, and their interaction and processing facilities are, in large measure, proprietary, so the main response would be “use Adobe reader/an Adobe-based solution” for those parts of the application that you need form-filling etc. This could mean separating a PDF into two parts, for example a secure document that was designed simply for reading etc, and some interactive forms that go with it and are essentially unprotected. Another option is to have a secure document but permit limited printing of forms – we have customers who do this, for example for medical interviews and assessments. Another option is to provide the solution entirely “on line” and have interactive forms provided programmatically and/or via standard tools such as flash or html5, or a forms builder. For Adobe’s core offerings in this area see: