Liberating out-of-copyright photos from SmartFrame's DRM


During the middle of the 20th Century, the UK's Royal Air Force took thousands of photographs of the country from above. Think of it like a primitive Google Earth.

Those photographs are "Crown Copyright". For photographs created before 1st June 1957, the copyright expires after 50 years.

Recently, the organisation "Historic England" started sharing high-resolution copies of these photos on a nifty interactive map.

 Aerial Photo Explorer  You can explore over 400,000 digitised photos taken from our aerial photo collections of over 6 million photographs preserved in the Historic England Archive.  Use our nationally important collections of aerial photographs to explore your area. Find the place where you live or why not look for your favourite football ground, railway station or the places you visit?

But there were two problems.

Firstly, they claimed that the photographs were still under copyright. This (no doubt inadvertent) mistake was pointed out to them and was eventually corrected.

The second, and to my mind more troubling, problem is that the photos were "protected" using SmartFrame's Digital Restrictions Management.

SmartFrame has some useful features - it allows for high-resolution photos to be loaded "zoomed out" in lower resolution. The user can then zoom in on a portion which then gets loaded as higher resolution. That's it really. SmartFrame's main selling point is that it "brings robust image control". AKA, it uses DRM to prevent users from downloading images.

It also promises "Complete image protection". This is nonsense. If you transmit an image to a user, the user can copy that image.

Here's how easy it is to download the images which SmartFrame claims to protect.

Screenshots

The obvious flaw in SmartFrame is that users can take screenshots of the high-resolution image. Zoom in, screenshot, pan left, another screenshot, repeat.

Of course, stitching together all those images is a bit of a pain. But perfectly possible to automate if you wanted to.

Canvas Chunks

The way SmartFrame works is by loading small "chunks" of the image and then drawing then on a <canvas> element.

In your browser's network inspector, you'll see each 256x256 sub-image loading.
Screenshot of a network inspection panel. Dozens of JPEG images are being downloaded.
The images are not encrypted, so they can be saved directly. Again, it is a manual and tedious process to scrape them all and then stitch them together.

Inspecting the network requests shows that they all use the same Accept Header of authorization/wndeym9ajvin,*/* - that appears to be common across multiple SmartFrame instances. Bad form of them to reuse that key!

Canvas Access

It's fairly easy to download anything drawn onto a <canvas> element by running:

var c = document.getElementsByClassName("stage") 
c[0].toDataURL() 

However, SmartFrame have overloaded the .toDataURL() function - so it produces a warning when you try that. It's simple enough to disable their JS once the image has loaded.

Of course, the <canvas> is smaller than the full resolution image - so you may need to manually increase its size first.

It's also possible to simply right-click on the <canvas> in the inspector and copy the Base64 representation of the image:

Screenshot of the context menu showing a download option.

Putting it all together

I am indebted to Stuart Langridge for connecting all the dots. He has written and fully documented some code which is, essentially:

  1. Grab the canvas
  2. Resize it
  3. Wait several seconds for the image chunks to fully load onto the canvas
  4. Turn the canvas into a Data URL
  5. Download the data

It looks something like this:

var container = document.querySelector("div.articlePage.container");
container.style.width="6000px";
container.style.maxWidth="6000px";

setTimeout(()=>{
  var stage = document.querySelector("canvas.stage");
  var url = document.createElement("canvas").toDataURL.call(stage);
  var a = document.createElement("a");
  a.href = url;
  a.download = "liberated.png";
  a.click();
}, 3000);

And that's it. A user can paste a dozen lines of Javascript into their browser's console and get a full-resolution PNG.

Warnings

This technique should only be used to download images which are free of copyright restrictions.

Companies should be careful before buying a DRM solution and ensure that it is fit for purpose. SmartFrame really isn't suitable as sold. Despite its grandiose claims of "Super-strong encryption" and "Multi-layered theft-prevention" - it took less than weekend to bypass.

It is possible that SmartFrame will update their systems to defeat this particular flaw. But, thankfully, DRM can never work effectively. You can't give users a locked box and a key - then expect them to only unlock the box under the "right" circumstances.
As Bruce Schneier once said:

trying to make digital files uncopyable is like trying to make water not wet.


6 thoughts on “Liberating out-of-copyright photos from SmartFrame's DRM

  1. says:

    This is a great workaround. It’s a tricky one because the work and cost of digitising and hosting/preserving the original photos plus hosting and maintaining the scans is not zero, but that in no way is reflected in the price they were trying to charge.

  2. Thank you for your input on this work, and for this write-up; and to Stuart Langridge and others in the linked discussions for their insights.

    A few additional points:

    There are apparently just over 38K such images (taken by the RAF before 1st June 1957, so out of copyright) on Historic England's "Aerial Photo Explorer" site
    Historic England have refused to supply me with high-resolution copies of these images in response to my FoI request - https://www.whatdotheyknow.com/request/raf_images_on_aerial_photograph - because they are "reasonably accessible" to me; in other words, by me buying them at a cost of £12 plus VAT - EACH. Over half a million quid for all of them!
    How denying the public easy access to and free reuse of these out-of-copyright images meets Historic England's purpose to "[help] people care for, enjoy and celebrate England's spectacular historic environment" is not clear.
    Other organisations also use SmartFrame to prevent members of the public from downloading images of out-of-copyright artworks. Tate ("Our mission is to increase the public’s enjoyment and understanding of British art...", for example
    While copyright in more recent works should of course be respected, there are legitimate exceptions - https://www.gov.uk/guidance/exceptions-to-copyright - to UK copyright law (such as study, review or parody, etc), where copyright images may legally be downloaded and used (usual "I am not a lawyer" caveat applies).
    Downloading images whose copyright has expired is not "theft"

  3. says:

    Had a play with the JS and wrapped it in a TamperMonkey script
    https://pastebin.com/qYEy5C6L

    Extra code includes checking for the original image width and setting the container width/maxwidth to that value, and also using the image name for the download.

    The only thing missing for me was finding a way to download the images as jpegs instead of pngs. Whilst toDataURL can be passed the format type and compression eg toDataURL('image/jpg',1), once .call is introduced you can't use it.

    1. says:

      Just realised you can get larger images, the container (at least on Chrome) has some negative margins when playing around with the size, so the result is smaller.

      However if you just adjust the width of the smart-frame that works fine.

      var sf = document.querySelector("smart-frame"); var wedge = document.querySelector("canvas.canvas-wedge"); sf.style.width = wedge.width + "px";

Leave a Reply

Your email address will not be published.

%d bloggers like this: