Re: Server Security

From: Sam Watkins (swatkins_at_fastmail.fm)
Date: 12/17/04

  • Next message: Andreas Janssen: "Re: Please--sound" 
    Date: Fri, 17 Dec 2004 16:06:52 +1100
To: debian-user@lists.debian.org

    On Sun, Dec 19, 2004 at 09:29:28AM +0000, Dave Ewart wrote:
    > On Sunday, 19.12.2004 at 09:16 +0000, Jeffrin Thalakkottoor wrote:
    > > How To Configure It On The Server Side ...
    > >
    > > Configure The Server That A File On The Server Can
    > > Only Be Viewed But Not Downloaded.
    >
    > In order to 'view' you *have* to have already downloaded the file. What
    > you suggest cannot be done.

    Realplayer seems to do this quite effectively (at least to stop the
    average person being able to download it without special tools).
    It would be possible to create a similar system for texual information.
    With the assistance of a sufficiently evil OS and browser, or a weird
    animation technique, you could probably even prevent the user capturing
    an image of the media - but they could still run their monitor lead
    through a video recorder. Or point a camera at the screen.

    Some people write javascript code the disables the right button (with
    save as) in IE, and pops up a message "you can't download this!". But
    of course if you disable javascript or use a decent browser you can.

    Sorry to say I'm firmly on the side of the user who wants to download
    content rather than the media provider who wants to protect their
    copyright and build their profits - but maybe your application is
    different? What sort of files do you want to protect?

    Another technique is to display the file bit-by-bit, possibly using
    scripts or images, so that they would have to suffer a lot of work, or
    be a really good programmer, to be able to snarf it. O'reilly does
    something like this with their online bookshelf "safari" thing, it makes
    the thing almost unusable and incredibly annoying. They have the worst
    content / megabytes ratio of any website I've ever seen, their hmtl is
    horrible.

    so in summary you can't just "configure" this sort of thing with today's
    internet servers - although microsoft is working toward it with their
    "trusted computing" ideas. You have to do perform devious and evil
    hacks that will probably reduce the value of your content until the
    whole endeavour is not worthwhile. 

    -- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Andreas Janssen: "Re: Please--sound"