Re: Server Security

To: debian-user@lists.debian.org
Subject: Re: Server Security
From: Sam Watkins <swatkins@fastmail.fm>
Date: Fri, 17 Dec 2004 16:06:52 +1100
Message-id: <[🔎] 20041217050652.GB3099@bart.local>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20041219092928.GA2483@sungate.co.uk>
References: <[🔎] 20041219091645.91473.qmail@web8406.mail.in.yahoo.com> <[🔎] 20041219092928.GA2483@sungate.co.uk>

On Sun, Dec 19, 2004 at 09:29:28AM +0000, Dave Ewart wrote:
> On Sunday, 19.12.2004 at 09:16 +0000, Jeffrin Thalakkottoor wrote:
> > How To Configure It On The Server Side ...
> > 
> > Configure The Server That A File On The Server Can
> > Only Be Viewed But Not Downloaded.
> 
> In order to 'view' you *have* to have already downloaded the file.  What
> you suggest cannot be done.

Realplayer seems to do this quite effectively (at least to stop the
average person being able to download it without special tools).
It would be possible to create a similar system for texual information.
With the assistance of a sufficiently evil OS and browser, or a weird
animation technique, you could probably even prevent the user capturing
an image of the media - but they could still run their monitor lead
through a video recorder.  Or point a camera at the screen.

Some people write javascript code the disables the right button (with
save as) in IE, and pops up a message "you can't download this!".  But
of course if you disable javascript or use a decent browser you can.

Sorry to say I'm firmly on the side of the user who wants to download
content rather than the media provider who wants to protect their
copyright and build their profits - but maybe your application is
different?  What sort of files do you want to protect?

Another technique is to display the file bit-by-bit, possibly using
scripts or images, so that they would have to suffer a lot of work, or
be a really good programmer, to be able to snarf it.  O'reilly does
something like this with their online bookshelf "safari" thing, it makes
the thing almost unusable and incredibly annoying.  They have the worst
content / megabytes ratio of any website I've ever seen, their hmtl is
horrible.

so in summary you can't just "configure" this sort of thing with today's
internet servers - although microsoft is working toward it with their
"trusted computing" ideas.  You have to do perform devious and evil
hacks that will probably reduce the value of your content until the
whole endeavour is not worthwhile.

Reply to:

References:
- Server Security
  - From: Jeffrin Thalakkottoor <ahiliation@yahoo.co.in>
- Re: Server Security
  - From: Dave Ewart <davee@sungate.co.uk>

Prev by Date: Re: oom-killer vs system not reachable
Next by Date: Re: Please--sound
Previous by thread: Re: Server Security
Next by thread: Re: Server Security
Index(es):
- Date
- Thread