Perhaps you could get the php to split the image up into several bits and rebuild it client side. That would at least slow it down...other than printscreening.
| SitePoint Sponsor |
Perhaps you could get the php to split the image up into several bits and rebuild it client side. That would at least slow it down...other than printscreening.
Probably a better way (and more user friendly way) would be where the user downloads the content in an encrypted, password zip file which the user downloads, with the password sent to a registered email address, upon payment. The password would be changed after every download.
The total disabling of the clipboard would loose a company many clients, may be illegal in some countries and is in general very annoying.
more user friendly? Having the user extract password-protected zip files?
Anyway, it's a hypothetical script - you'd have to be crazy to actually use it.
Jake Arkinstall
"Sometimes you don't need to reinvent the wheel;
Sometimes its enough to make that wheel more rounded"-Molona
Instead of dictating to my clients what is the 'correct' way to go about these things, I've chosen to explore this avenue.
In considering the legal implications of overwriting the clipboard while the webpage is in use, I've been trying to find applicable references on the web. There's plenty of DRM references concerning Acrobat and Microsoft reader etc, but I haven't found anything applicable to webpages or overriding system features (only accessibility and ui appearances).
If any of you with the opinion that my approach is/may be illegal, could you post a reference?
baileylo, I added a tweak that seems to overcome that method of getting the image to display.
catweasel, srry - ya I didn't mention that in this thread. I offered the clients the watermark/low res solution (standard practice), but wouldn't have it. They want a good quality images without a watermark to display.
You need to understand that this specific approach to solve your clients problem will receive comments like this on a forum for developers.
At the same time you need to understand that its impossible to protect something 100%. In this specific case you cant even get close to 50% due to the way the web works.
No matter what kind of protection you throw out, it will be possible to download the images. It will also be possible to implent this solution into spiders that will download all the images in no time. Heck creating such a spider would most probably take a lot less time than what you have used on your protection so far.
I expect you are working for the adult business, as that is the only pictures that could be downloaded and re-used as they are. Keep in mind that an image you see on a webpage is very scaled down from the original image. These images are "usable", but no professional would even consider using a down scaled image to produce graphics as the result would be much better when you scale down the portion you need from the full size image.
What I would have suggested to a client, would be to create a "client software" which the members would need to download. Then they would access the member area through it. When creating such a solution you are not bound to the specific restrictions the different browsers have. Hence the security would become much better.
That method is 0% effective and 100% annoying. A good way of having would be thieves steal the images while driving all the legitimate visitors away.
Stephen J Chapman
javascriptexample.net, Book Reviews, follow me on Twitter
HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
<input name="html5" type="text" required pattern="^$">
RedDevil, there's no misunderstandings on my part here. I'm not a newbie. You have to understand that this script is only being tested in a public sphere. It's production environment will be a members only area and the image media directory will reside above root where it's not accessible except via php.
You're the second person to infer that the clients' industry is adult content. Whilst I can see how this could be natural conclusion, it's not the case. I'd like to dispel that assumption; the clients are from 2 different industries, retail development and the other electronics research and development.
The "client software" is a good idea, I'll have to check out what can be done in a flash app.
I am afraid you dont fully understand how the web is working. It does not matter if the images are stored above web path as long as you display them in the member area. Any content displayed through a browser can be cached. The two methods I mentioned earlier, will work after you setup a ssl and create a member area. Of course it would require access to the member area, but hey the persons who has access is those you try to protect the images from.Originally Posted by metho
It is possible to do what you want to archive in a better way, both considering user accessibility and security. Even when displaying the images through the browser. However its possible to bypass that method as well, due to the images are displayed on the users monitor.
It would not be possible in Flash, I would recommend to use either C# or Java.
Last edited by TheRedDevil; Sep 30, 2007 at 08:57.
PHP headers are sent to avoid caching; not a cure all, but effective in a lot of cases. C# and Java aren't in my skill set; but I'll still look into it.
Once again, I'm fully aware that there's no 100% sure fire way to do this. The only purpose is make it as difficult as possible to the point where the average user would give up trying to rip off large amounts of property.
It probably falls foul of the The Computer Misuse Act 1990 (UK Law - possibly also covered by an EU Directive/law), the bit i think it possibly falls foul of is:
"3 Unauthorised modification of computer material
(1) A person is guilty of an offence if—
(a) he does any act which causes an unauthorised modification of the contents of any computer; and
(b) at the time when he does the act he has the requisite intent and the requisite knowledge.
(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing—
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer; or
(c) to impair the operation of any such program or the reliability of any such data.
(3) The intent need not be directed at—
(a) any particular computer;
(b) any particular program or data or a program or data of any particular kind; or
(c) any particular modification or a modification of any particular kind.
(4) For the purposes of subsection (1)(b) above the requisite knowledge is knowledge that any modification he intends to cause is unauthorised.
(5) It is immaterial for the purposes of this section whether an unauthorised modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary.
(6) For the purposes of the [1971 c. 48.] Criminal Damage Act 1971 a modification of the contents of a computer shall not be regarded as damaging any computer or computer storage medium unless its effect on that computer or computer storage medium impairs its physical condition.
(7) A person guilty of an offence under this section shall be liable—
(a) on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum or to both; and
(b) on conviction on indictment, to imprisonment for a term not exceeding five years or to a fine or to both. "
There is probably an equivalent law in the US.
Last edited by SpacePhoenix; Sep 29, 2007 at 20:22. Reason: corrected a couple of typos
That law only applies to "unauthorized modification". Should a user understand and agree to their clipboard being modified, it doesn't apply.
Lol -
lol again.Would you like us to take complete control over your clipboard while visiting this site?
What is so important about said images which mean they can't be copied?
Jake Arkinstall
"Sometimes you don't need to reinvent the wheel;
Sometimes its enough to make that wheel more rounded"-Molona
I doubt both (1) and (2) are satisfied by this sort of image hiding script.
Look at (1)(a), does this script cause any modification of the contents of the end user's computer? Not really.
Perhaps (2) on its own (kind of irrelevant, that law seems to require both), but I'd argue not even that.
Disabling the clipboard is a browser feature, something that your browser might do on pages that suggest it. It doesn't exploit any sort of flaw, disabling the clipboard is a feature Microsoft (and others) decided to implement in their browsers.
On the flip side, it is kind of like when a page suggests that it wants to display a pop-up or ad, and your browser decides otherwise: also legal.
Once the data hits your computer, your browser is in control. The exception would be when someone exploits a security hole ... not the case here, this is a sorry but well-known browser feature that Microsoft et al has had years to fix if they so wished.
Using your unpaid time to add free content to SitePoint Pty Ltd's portfolio?
I've been trying on following the thread.
They're against presenting their brand yet their users insist upon above average quality images. So much so that they would knowingly let a malicious site hi-jack their browser and infect their system?
It doesn't only affect the internet browser, it kills the clipboard for all apps that are loaded in the OS.
Last edited by SpacePhoenix; Sep 30, 2007 at 11:09. Reason: typo
Good point
I should restate my last post:
"..... So much so that they would knowingly let a malicious site hi-jack and infect their system?"
I think I see what you mean now, you can copy something to clipboard, browse to a webpage, and then the contents of the clipboard are gone. I wasn't aware you could do that.
Still, it's just a feature of IE, albeit an incredibly stupid one.
Using your unpaid time to add free content to SitePoint Pty Ltd's portfolio?
No, it is an OS feature Windows supplies the clipboard as well as the means to copy data into the clipboard. That is what IE and all the other browsers on WIndows use.
The built in clipboard functions provided by Windows itself.
http://msdn2.microsoft.com/en-us/library/ms648709.aspx
It's a browser feature when a web page (as opposed to a user) can manipulate that clipboard.
Just checked out out Windows, it appears that it a feature you have to enable, at least on Windows IE and Firefox. Windows has a popup warning, Firefox seems to require settings editing. Neither seems to let a web page manipulate your clipboard without your consent.
If this isn't the case, please direct me to the example script that does not require enabling. It is possible I just don't know where to look.
Using your unpaid time to add free content to SitePoint Pty Ltd's portfolio?
If you really don't want people visiting your site so badly that you attempt to sabotage their computer in order to apply "protection" to images that the real thieves will not even notice then why notr just delete the site completely. There will be two advantages to doing that over the current "protection" applied.
1. You will not have lots of people spreading the word across the web about how your site stuffed up their computer and how it cost them hundreds of dollars to get someone to fix it for them.
2. You will actually prevent people taking the images (something the "protection' doesn't do.
Stephen J Chapman
javascriptexample.net, Book Reviews, follow me on Twitter
HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
<input name="html5" type="text" required pattern="^$">
OS/X --- cmd+shift4, takes about 2 seconds to crop and save it to the desktop.
If you were selling images, you could store the image in your server root and use php to server it up -- all along, checking the "order id" provided to the customer against a database. Once the customer buys a copy, they can share it anyways.
In the case of an image though, you could use digimarc that uses web tracking to report any sites using the image (they are doing it with audio and video as well) -- but it will cost you. http://digimarc.com/
intragenesis, llc professional web & graphic design
holmescreek, that is how it would work. This version of the script is entirely public for the purpose of testing. The production version would operate along the lines you describe. Customers wouldn't want to share the images to people external to their company, the product is purchased for their advantage. It would be fine for a customer to share amongst staff, but only what they purchase.
The last tweaks I'll consider for the script will be to restrict the clipboard over-ride feature to operating only when the window/tab is active or to auto-logout the customer after a set period of inactivity. That should minimize the inconvenience.
That's about all the time I'll spend on this; apart from a few more holes posted that would be easily fixed. Another work week begins! Thanks for everyone's time who posted results, and for those who posted constructive criticism, much appreciated. GL 'n HF coding this week
Yeah, again, you could put the "purchased" image in the server root then serve it up after comparing their order id.
Another thing would be is just use two sets of images. A thumbnail and/or scaled down preview that is watermarked (you can easily store these in a sub-folder off the document root). Take a look at bigstockphotos.com for an example of how they provide previews --- then look at the delivery method I mentioned.
intragenesis, llc professional web & graphic design
Hi All
Great thread BTW. :-)
I have an image database and would like some tips from some more advanced programmers.
I want to let people use my images for free, provided they use the correct anchor text and give me a trackback URL.
Does anyone know how this can be done?
Thanks
Alex
Free Africa Pictures for web use|
ok so you post a public image.
they can look at the image all day long.
you create a deterrant from copying the image (and disable the clipboard on the os basically)
average joe who doesnt know anything cannot copy the image (great).
the person who wants and can exploit the image can print screen or view source and go to your php file and get the image.
I would provide a low res image and a high res small portion of the image if you want to sell it.
otherwise,
bottom line is post an image on the web with a deterrant and the innocent will not get it but anyone with bad (or watever) intent will get it.
So you showed em.
Honestly I think you created a great deterrant, probably the best I have seen and great creativity but is probably not worth it in the real world.
btw I copied a photo from flikr (no use restrictions) and put it on a website, the website never even launched, was in demo mode and within a week got a notice from the owner to cease and desist. I was wrong I guess but have no idea how the owner found a 150px image in the footer. (the image was renamed).
if you could find his secret, that would be the cure.
What I lack in acuracy I make up for in misteaks
Posting Permissions
Bookmarks