Flash displayed online from web pages are most vulnerable to
copy and download by all manner of apps that have been specially
designed to "download movies".
However there are some options for adding copy protection that
do not involve obfuscation or encryption of the Flash to prevent
it from being located from where it may be stored on a web site.
But before introducing two (2) most secure options, let's look
at the whole picture and all of the ways that Flash displayed
online can be copied:
If you are providing direct links to either Flash stored on a
web site or streamed so that the user can open and play them
using a generic desktop Flash player, then be advised that what
we are
discussing here has no relevance because there is no opportunity
to intervene and control copy. That is, unless the Flash player
software is of custom designed for playing encrypted and domain
locked Flash.
Secure desktop players are not relevant to this topic because
they fall into the realm of playing from CD. In fact
at the time of writing this article some custom secure players are
utilizing DRM but they are ineffective when it comes to
preventing the user from recording the Flash as it plays.
What this article is about is the display of Flash from web
pages. That is the Flash player code is embedded into the HTML
and no options are provided to play direct from the source. Only
when using embedded players can you have control over copy and
capture:
ArtistScope provides a CopySafe Service that is second to none when it comes to preventing copy from all methods including Print Screen and screen capture. CopySafe Web Protection was first released in 1999 and it is supported on all Windows computers. Site visitors can use their favorite web browser and to view protected web pages, they can download and install the plugin just like they would when encountering Flash for the first time.
CopySafe Web is the most secure solution for displaying
encrypted images and it is the encrypted image that activates
the CopySafe plugin when it loads. Consequently any web page can
be protected by simply adding a small CopySafe encrypted image
and any media displayed on that page will also be protected
including Flash. To
apply CopySafe to a web page all one needs to do is add a few
lines of HTML.
However when you are protecting Flash, you need to be aware of
the fact that file grabbers can locate and download Flash files from
where they are stored on a web site by direct linking. So direct
linking is not recommended at all and the method of providing
the download to your embedded player should be via a Flash media
server.
Using a Flash media server is most recommended to prevent direct
linking to your Flash resources. Media servers do not simply
provide a download because they "stream" the Flash data and at
regulated rates to better suit a user's internet connection thus
enhancing their experience by "buffering" to eliminate annoying
pauses.
Note: When using the ASPS Web Reader it is not necessary to use
stream delivery because static download links cannot be
discovered.
CopySafe Web can be added to any web page regardless of which programming language is used for the page. If you are using a CMS and/or have limited HTML skills, ArtistScope provides a variety of free modules for integrating CopySafe Web with most popular CMS solutions:
The ideal solution for copy protecting web content is by not
using any of the popular web browsers at all, but instead using
a web browser that is specially designed to protect the content
that it displays. Such a web browser needs to display generic
web pages and media but without providing any options that can be
used to save, print and copy the page or download any
media displayed on that page.
Today there are a few custom web browsers available that claim to satisfy these requirements. Some are merely reskinned IE engines that still expose browser cache and some others have been designed to restrict some save and copy options. But the mistake that most custom browser developers are making is that they are trying to support all operating systems (OS) and that is where they fail because proper copy protection is not possible on Mac and Linux based OS.
The ASPS Web Reader is the most secure web browser on the planet when it comes to protecting web page media and it is supported on all Windows OS since XP. Unlike pretentious "secure" browsers, the ASPS Web Reader protects all avenues:
Even when the page and media is on display in the web browser,
nothing can be copied in any way... that is, without using a
camera to take a photograph of the computer screen. The
ArtisBrowser is the most secure
web browser and the only web browser that can
effectively protect web page and media from all methods of copy
and save.
ASPS is a server to
browser solution that has been designed from end-to-end with
copy protection in mind. Web pages assigned for use by the ASPS
Web Reader are delivered in encrypted format from the server and
they can only be decrypted by the ASPS Web Reader, thus creating
a most secure tunnel between your site and your visitor.
Intercepting this page is useless as it cannot be deciphered
except by ASPS and it cannot be hacked.
The ASPS filter can be installed on all Windows servers/computers running IIS since XP and all Linux servers.
ASPS encryption does not affect the web application or programming language used to create web pages because it encrypts and delivers the page after it has been assembled by the server. So it doesn't matter if your website is based on Sharepoint, PHP, ASP.Net, Classic ASP or good old static HTML. Consequently any and all CMS applications like DotNetNuke, Drupal, Joomla, Moodle and WordPress can be run from a ASPS website.
No special treatment like encryption or conversion is required as the only preparation required is to add a line of HTML before the page's DOCTYPE statement. So to protect pages you add this tag and any pages not including that tag will not be protected and redirected to open in the user's default web browser. This way you can cerate doorway pages and leave sections of your site accessible to normal browsers and then most securely protect only those sections or pages that are critical to your mission.
The ArtisBrowser can be downloaded from their demo site. After download, simply follow the links for "Guided Tour' to explore a variety of different media that can be protected by ASPS.
In theory, web page encryption should prevent the location of files linked from a web page, but it does not. In fact web encryption, especially if relying on JavaScript, is a useless contrivance because the web browser finds the decryption key in the very source that it is supposed to be protected. To display the web page, the web browser needs to decrypt it and once decrypted you are back at square one again with the unprotected page on display with all of its HTML and source code which also readily available in browser cache.
Contrary to what some "copy protect" developers claim, it is
impossible to prevent copy using client side scripting such as
JavaScript. It is also impossible to prevent copy without using a
plugin (by installing a custom software) that interacts with the computer at system level system
and "client-side" scripting does not nor ever will have the
permissions to operate at that level. Anyone making claims to
the contrary is preying on the user's and possibly their own
naivety.
Today we have many different operating systems (OS), all of
which fall into distinct family types such as Windows, Linux,
Android, MacOS, etc. So designing a copy protection solution
becomes most difficult and while it might be possible to provide
plugins for all of these OS, in reality it is impossible because
most either cannot support proper copy protection or are too
unstable to survive a rollout, ie: by the time your user
upgrades to the latest update that OS will more than likely be
outdated.
Click for more Copy Protect Resources.
Copy Protection & DRM News |
IT Security News |