I have bought a font with a really shitty license agreement and I have a couple of questions.
-
How can I best share the font with the community? (I am afraid of metadata in the font files, which may be tied to my payment account etc. - I had to register and log in to download the ttf files)
-
How can I remove the DSIG and other metadata from the ttf file while keeping it usable?
-
Are they able to detect it if I use the font in a commercial product online by crawling my website and if yes, how could I prevent an automatic detection attempt?
To my (and possibly your) surprise, I didn’t find any free downloads of the font online. Their license is tied to a personal account, you have to log into once a year to keep the license. As far as I understand they theoretically could use the DSIG to let the ttf files “expire”, at least when used in software that verifies the signature. But I may be wrong, please let me know.
Thanks in advance and cheers-I mean ARR
Isn’t this easily bypassed by modifying the “hidden” part
If you even know what the hidden part(s) is, is the problem.
Maybe is in the metadata as someone pointed out earlier, or it could be an otherwise unused ASCII char that looks different for each user who licensed it when printed out, sort of like a qr code as a single ASCII char.
Or it could be that they simply just check filename, file size and/or md5, all of which can be easily changed.
Files have formats. Anything “hidden” here is destroyed by conversion to a different font format before redistribution.
There is no way of controlling this from the authors side without some sort of DRM.