doubledee — 2012-07-22T10:59:36-04:00 — #1
On the project that I am currently working, they are using Internet Explorer (IE) 8 because they say "It is the only browser where we can flush the user's browser's cache and prevent them from stealing content. IE8 is the safest way to go..."
I am blown away by these comments?! :eek:
Then again, I don't really know about the cache part.
Would someone please educate me on this topic?
logic_earth — 2012-07-22T16:10:51-04:00 — #2
They are blinded by their own foolishness. That doesn't stop anyone from stealing content, Regardless if you can flush the cache or not.
doubledee — 2012-07-22T19:45:24-04:00 — #3
Can you help me understand the cache flushing thing?
I have no clue what they are referring to, and I don't see why Internet Explorer would have some advantage over any other browser?! :-/
logic_earth — 2012-07-22T19:56:27-04:00 — #4
I honestly don't know what "cache flushing" they are referring too...other then what is in the preferences.
doubledee — 2012-07-22T20:24:03-04:00 — #5
The way they explained it, by using IE8, the application can force the User's Browser's Cache to be flushed...
I don't know how in the world the server could force a user's browser to do anything, but who knows?!
mittineague — 2012-07-22T20:57:13-04:00 — #6
My guess is that if can it's a flaw in the browser. In any case as mentioned it won't prevent theft only make it a little less easy.
And I fail to see how what browser they are using has anything to do with others. Well, unless their goal is to prevent themselves from stealing their own content :fangel:
doubledee — 2012-07-22T22:42:35-04:00 — #7
I'll have to ask for more information tomorrow.
They make it sound like since the application is written in .Net that it can send a message to IE8 and delete all Users' Browsers' Cache from the server.
I guess they worry that if users store the webpages in their browser's cache that that is a security risk.
I can sorta see that, but I don't see how the server has the ability to flush the cache on a user's machine?!
Would this question be better suited in another forum? :-/
ralphm — 2012-07-22T22:46:02-04:00 — #8
Whether they can do it or not, it's an abuse of the end user to force behavior on them.
Anyhow, they can't force users to use IE8, which is the important thing ... so it seems like a pretty silly argument anyway. The fact that they themselves are using IE8 is completely irrelevant. :lol:
doubledee — 2012-07-23T21:23:14-04:00 — #9
Yes they can force users to use IE8.
This is for an intranet system...
The business dictates who gets on the system and what they use for all intents and purposes.
ralphm — 2012-07-23T22:26:06-04:00 — #10
So they are afraid of content being stolen from within their own organization? Jeesh ...
doubledee — 2012-07-24T21:48:10-04:00 — #11
Ralph, you're being obtuse on this topic...
Yes, there is a large concern about information leaking out or being compromised.
I spoke with a developer today and this is what he told me with some degree of certainty...
Apparently the .Net app has a way to send messages to IE8 telling it "Do not cache any photographs".
He was unsure if the app can physically flush any pictures that may already be in cache.
And he was unsure what can and cannot be done with other browsers.
I have heard of the ability to do this before with IE.
I thought there was a way to tell all browsers "Do not cache the web page or any photos", but I'm not sure how easily the user can over-ride that. (My guess, is that such an approach probably isn't very secure or fool-proof?!)
Because the project I am working on is a "Test Bank" which contains images that can contain testing content, they are very very concerned about controlling information.
I can see it being a problem if a user's browser cached a whole bunch of images and then they fell into the wrong hands.
Not being an architect, I'm not sure what the way to address this problem is?! :-/
[b]The best thing I can point to is, "How do banks that offer online-banking address this issue?"
For instance, if you look at images of cancelled checks or possibly bank statements, what would your bank do to make sure there there isn't a bread-crumb trail left behind for anyone accessing your computer or browser's cache?[/b]
(This is one of many reason I do NOT bank online!!!)
I wonder if someone like Paul O' knows about this?
Too bad DeathShadow isn't around here anymore...
ralphm — 2012-07-24T21:53:42-04:00 — #12
You can tell a browser not to cache pages. E.g.
But when someone views a page, the images and other content are still downloaded (that's the only way a page and its assets can be viewed) so there's nothing to stop someone saving all the images manually. There's really no way to prevent content falling into the wrong hands, short of not putting it online in the first place.
Ralph, you're being obtuse on this topic...
No, just realistic.
system — 2012-07-25T06:19:43-04:00 — #13
What a load of baloney :headbang: !!!!!!!!!!!!!!!!!!!!!!!!!!
If I want to take an image from the Internet, I don't need it to be cached by the browser at all. I just right click the image and then select save-as and voila :). Disabling right click with js is about as useful as an ash tray on a motor bike because I would just turn js off.
Another quick way to take an image is to click the screen dump key on the keyboard, which copies the screen contents to the clipboard, and then dump it in Photshop (or whatever) and then I can crop and do what I like with it.
Also, think about it for a minute. What's stopping anyone taking a photo of the screen as a last resort and then edit and enhance the photo of the screen in Photoshop.
Once anything appears on a user's screen, it is effectively gone if the user wnats it and there is absolutely nothing whatsoever anyone can do to stop the screen contents from being taken.
If you don't want it to maybe "fall into the wrong hands", then don't freakin' publish it in the first place
If someone tried to tell me they can stop me from copying anything that appears on the screen infront of me, I would just laugh at them and tell them they have no idea what they are talking about. And it would make no difference what browser and version I am using.