Hi,
I need to make a series of web pages only accessible visually via a browser. I’m trying to stop any attempt to print, copy or do anything else with the content other than viewing it with your eyes on a screen.
Yes I know it’s impossible to totally block people from doing any of this stuff, but there lots of ways to obfuscate things to the point where casual surfers can’t or wont know how to get the data out.
At this stage I’m figuring that putting the text inside an iframe which is surrounded by a bunch of meaningless code junk and doing the same inside the iframe (to another iframe) and then creating the content within that nested iframe entirely with javascript, then blocking print access via a print stylesheet. Then adding extra hidden content inside the javascripted source code so that even if someone does manage to copy and paste the javascript source, the text will be surrounded by a bunch of mumbo jumbo tag soup.
Basically, I want to throw all accessilbilty and usability concerns out the window and make this an incredibly difficult site to use for anyone not interested in viewing the content on the site.
Yep, although we are intending to have it print out a message saying that the page is copyrighted and printing is not allowed, but that hard copies can be sent via snail mail for a fee.
Couldn’t people just copy the PDF and send it to others?
And I assumed there would be fairly simple ways to crack PDF’s which have had copy protection built in. That was just a guess on my part though, I have no experience in this sort of thing.
You’ll never stop people from downloading the content, you can’t rely on a person having javascript enabled. If the content concerned that important? If similar content can be found on another site then by throwing out accessibilty and useability concerns, you’ll find that no one will bother staying on your site.
By making a site very hard to use and access, casual surfers will leave straight away, probably never to return to your site and more experienced surfers will easily get at whatever it is. You might be better off using a CMS with only those who you want to be able to view the content having permission to read it.
The content will not be available on any other site. In fact there are no other sites that have any content like it.
We don’t care about casual surfers. They’re unlikely to be interested in our content anyway. Anyone who visits the site is likely to be someone we have contacted directly and suggested they use our product.
We’re already intending to lock it in behind a custom CMS. We are wanting to extend the security an extra step. This is content that WILL be copied by people if they’re able to do so easily, so we need to lock it down as well as possible.
We are well aware of the implications of making our content less accessible and are willing to suffer the consequences of it. Users will need to login, then pay to access the content. Unfortunately, although there won’t be a huge number of people interested in accessing the content, those who do will likely be friends with others who are interested in it, so we’re wary that one person will login, pay the fee and proceed to hand the content out to their friends. There will be a certain number of people who will do this and we are prepared to accept that, but we’re still keen to block it as well as possible. The more difficult it is to copy content, the less likely they are to go to the hassle of getting the content out.
I doubt that you’ll ever be able to stop people from printing it or saving it. You might as well post it to those who have paid the fee for whatever this content is. You may as well accept that you’ll never stop people from copying the content. Given the number of sites that are on the Internet, there is more then likely one out there somewhere which has similar content.
I do strongly suggest that you make sure that the site has good accessibility and usability, you don’t want your site to be a contender for “websites which suck” just for protecting a small amount of content. If you don’t want it copied, don’t post it on the internet.
I doubt there is any way to get around that unfortunately. The content is quite long though and we intend to paginate it heavily so that any attempts to take screenshots will take a reasonably long time to do the entire content. Our theory is that it will take so long to do so that they’ll simply give up and just stump up the $10 or so we intend to charge for it.
No, but we’re hoping to reduce it.
We already do, or more to the point, we sell it in person.
Already have. We’re just trying to reduce the number of people who do.
Highly unlikely, and even if there is, their content will go out of date every 12 months and they’ll need to update it. We currently have a 100% total monopoly of a single market by providing hard copies of the content. However, once people have the hard copy they’re just photocopying it and handing it around their friends. We’re pretty sure that we can make more money by slashing our prices by 90% and making it more difficult to copy.
It will be usable for those who have a use for it. No one with disabilities will want to read our content so that side of things does not matter. We don’t care about search engines etc. Anyone interested in our content will find us via other means, they’re unlikely to go looking for this content on the internet.
Someone has suggested using Flash, however I have no experience whatsoever with it. Does anyone know if this would be a suitable way to achieve our goal?
Bearing in mind that we intend to allow people to update the content via a CMS backend, so we would need a way to dynamically create the flash content on the server. I’d prefer a javascript solution preferably since I’ve worked with it before, but if Flash in the best way to go then we would consider it. AFAIK Google Books uses a AJAX approach to loading things, so at this stage I’m assuming that would be the best way to go, but I’m not sure.
PDFs actually have protection built in that stops people copying or printing the content - unlike HTML where you don’t have any way to stop copying or printing apart from using CSS and JavaScript (which can be disabled). So at least with PDF there is actually protection there that needs to be cracked whereas with HTML there is no protection to crack.
You can’t stop people just forwarding the PDF but then you can’t stop people forwarding the HTML either and at least with the PDF they still can’t copy the content or print it (unless they crack the built in security).
ryanhellyer, there is a problem with what you are attempting… the second you try to lock down the content to prevent copying, printing or using any of the age old methods which exist (and trust me they have all been extensively tested to death), you make your website immediately unusable for disabled people which (depending highly on your website and whether it will be a commercial entity, could be seen as illegal). I have done a heck of a lot of research into protecting documents on the web and not one single method has any hope of guarding your content.
Put it this way… all someone needs to do is take a screenshot of your site (outside the browser therefore you cant control it), and use OCR software (comes free with any scanner) to convert the image back into text. It’s highly accurate, its software a lot of people will have access too and it requires literally zero effort (print screen + click the scan and convert button) or if they simply want to print a copy… (printscreen > paste into MS paint > file > print)… game over you.
That is not an issue in this case. Disabled people would never be using our resource.
There are many ways to help prevent people from stealing content. I know full well that I can’t totally stop people, I’m just looking to minimise theft, that’s all. This is for a particular project which I can’t really go into the details of.
Yes, but we’re hoping that the time required to do that will so high that they won’t bother. They would have a lot of print screening to do. Maybe someone will do that, but we highly doubt that. The idea is to drop the price to such a level that they won’t contemplate doing that. Our main concern is trying to stop people from literally grabbing the source code and running with it.
The best thing I’ve come up with so far, is to use base64 encoding and using javascript to decode it into the browser. In theory, users could copy and paste that decoded content, but I’ve set it up so that there is a transparent DIV on top of it which they would need to remove before they could copy and paste anything.
So far it is looking like being fairly awkward to crack and will probably do the job.
We’ll also be making sure that the CMS does not allow users to be logged in on more than one computer at the same time to avoid them handing out their login details to others to use.
I know this all seems a little nuts, but there is logic to the madness! It’s simply a matter of maximising the annoying’ness factor of copying the content to the point that people simply give up and simply cough up the dough to access the content themselves.
This is for a VERY specific target market who are desperate for the content we can provide. They can’t get it from anywhere else, we’re literally their only place they can come to for this type of content so feel we need to protect the IP on our content as much as possible. Selling hard copies has not worked out as planned due to photocopying. The place where our customers use our content is surrounded by literally hundreds of photocopiers, so this is ridiculously easy for them to do. By placing it on a website, we’re hoping to reduce the hassle of delivering hard copies and increase our revenue by stopping too much copying.
@felgall - thanks for the pointers about PDF’s, but it would be too easy for someone to mail bomb the rest of our clients with a copy of the PDF. All of our customers are easily able to contact all of our other customers, there is no way for us to prevent that. So to avoid redistribution, we need to stop any form of copying at all, or at least without it being a royal pain in the neck for them. A small $10 fee will hopefully stop anyone from sitting there for ours on end trying to print screen each page of content.
Yes, but we’re hoping that the time required to do that will so high that they won’t bother. They would have a lot of print screening to do. Maybe someone will do that, but we highly doubt that. The idea is to drop the price to such a level that they won’t contemplate doing that. Our main concern is trying to stop people from literally grabbing the source code and running with it.
Did you know you could just use something like SnagIt (a screen capture tool) to literally press print screen and it would go down the page taking new screenshots each time, pasting them together and would automatically ask you what you want to save it as? lol
Yep, I use a similar tool like that regularly. Most people aren’t aware of products like that so hopefully not too many of our customers will realise that is possible.
We also intend to paginate everything so that they would need to navigate to another page before viewing the next chunk of content. That way they need to go through the screen capture process repeatedly to grab the desired content rather than being able to capture it all on a single page.
Yes, but we’re hoping that the time required to do that will so high that they won’t bother. They would have a lot of print screening to do.
Actually my first thought was what browsershots (sometimes) does where it takes full-page screenshots and merges them (not always, unfortunately). I assume this is what the snaggit does?
You’ll probably want to go ahead and let your visitors know that you are relying on Javascript, just so they know the page will work if they can turn it on.
Lawlz 2: I checked the link and was like, hey that guy looks like Felgall : ) Duh.
Seems fairly quiet on that front so far 
