Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to restrict users: Copy-paste-print-print screen


  • Please log in to reply
9 replies to this topic

#1 Khalouda

Khalouda

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:09 AM

Posted 25 December 2009 - 04:55 AM

Dear members:

I would like to know how to restrict visitors of my website from:

1. Copy-cut-paste of data
2. Print
3. Print-screen
4- Right click

How to disable all these?

Thank you very much

Happy Holidays,

KK.

Edited by Khalouda, 25 December 2009 - 05:01 AM.


BC AdBot (Login to Remove)

 


#2 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:03:09 AM

Posted 25 December 2009 - 01:24 PM

We have had this conversation a few times on here before. It goes like this.

I say, "You can't. Once the code is on my computer, I can do with it what I want."
Someone else says, "Oh yes you can, you use an obfuscator. I use <insert name of software here>."
I say, "No, you can't. Browsers can not render obfuscated code, so at some point, it has to be converted to something the browser can read."
Someone says, "Oh yeah, I'll prove it. Give me the code that I used to create <insert web page here>."
I sigh, open Firebug, and return their code to them in about 30 seconds.
Someone says, "Well, I used an old version of <insert name of software here>. The new version works great."
I repeat, "No, it doesn't. Once it is on my computer, I can do with it what I want."
Someone goes away and never comes back.

If you want to protect data, you use Flash, Silverlight, or Java Applets. At least that will make it much harder.

For Reference

#3 lhamil64

lhamil64

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:05:09 AM

Posted 25 December 2009 - 10:26 PM

Also, I don't think its possible to disable the user from using the Print Screen button because that's a feature built into Windows.

#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,250 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:02:09 AM

Posted 26 December 2009 - 04:03 AM

The Internet is an open information system. Once information is delivered to the client machine, it is out of the control of whomever made it. Full stop.

The protocols and standards upon which the Internet is based make absolutely no provision for any sort of DRM or content protection whatsoever. Further, actions such as copy/paste, printing, and print screen are controlled by the operating system, not the browser. Exposing this kind of system-level control to any website is a very, very bad idea that no one would ever consider putting into their browser or operating system. It would be considered an enormous security hole.

In the end you just have to realize that anything you put on a public website is accessible in its entirety to everyone on the Internet. So it follows that if you have some sort of digital media whose protection from illicit copying is paramount, you just don't put it on your website.

If someone is determined to get your content, they will. They could do it groovicus's way, or they could use a specialized program such as wget or WinHTTrack to download every single file you put on your site.

All that said, it's considered very bad form for any website to alter the expected functionality or existing characteristics of the user's computer or web browser in any what whatsoever unless such changes are explicitly requested by the user. This includes attempting to disable certain functions, resizing the user's browser window, using grossly non-standard widgets, etc.

Edited by Amazing Andrew, 26 December 2009 - 04:14 AM.


#5 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:03:09 AM

Posted 26 December 2009 - 12:50 PM

All that said, it's considered very bad form for any website to alter the expected functionality or existing characteristics of the user's computer or web browser in any what whatsoever unless such changes are explicitly requested by the user. This includes attempting to disable certain functions, resizing the user's browser window, using grossly non-standard widgets, etc.


Yep. It gives people a good reason to not go to your website.

#6 ident

ident

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cambridge
  • Local time:05:09 AM

Posted 24 January 2012 - 06:56 AM

When i was 13 i created my first website on geocities. Myths_Bot_World(RIP). If a user right clicked any where a Messagebox Dialogue would appear notifying the user not to do this again. A variable was set. If the user did decide to try again they would be pleased to find they are now flooded with 30 Messageboxs with text along the lines of "LAMER!!!! RIGHT CLICK BAN", "INFECTION DOWNLOADING 10%", "INFECTION DOWNLOADING 20%" and so on until they reached the last Messagebox in a indefinite loop.

This feature never really took off. How how sad and silly was i lol

Edited by ident, 24 January 2012 - 12:21 PM.


#7 Romeo29

Romeo29

    Learning To Bleep


  • BC Advisor
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:04:09 AM

Posted 25 January 2012 - 04:53 PM

I concur with others on this topic. It is impossible to protect your data once its out.

If you want to protect your data from being printed, copy pasted etc., then better distribute it in form of a PDF file with all kinds of restrictions set on it.

#8 quinch

quinch

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 03 February 2012 - 09:32 PM

Agreed, there is zero you can do to 100% prevent people ripping your content, you can however do something after the fact, you can set up a Google Alert for bits of your content, if your content appears elsewhere on the web you get an email about it. At this point you send the infringer an email with an attached invoice for use of your content and point out that if the email is ignored you will send their ISP (Internet Service Provider) a takedown notice.

Read more here

Also when creating Google Alerts surround the words you use with "" marks and it is best to make sure that you use certain words, maybe even a typo or grammatical error in your content so that Google doesn't keep sending you lots of similarly worded articles.

#9 tripflex

tripflex

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, FL
  • Local time:05:09 AM

Posted 06 March 2012 - 10:30 PM

Agreed, there is zero you can do to 100% prevent people ripping your content, you can however do something after the fact, you can set up a Google Alert for bits of your content, if your content appears elsewhere on the web you get an email about it. At this point you send the infringer an email with an attached invoice for use of your content and point out that if the email is ignored you will send their ISP (Internet Service Provider) a takedown notice.

Read more here

Also when creating Google Alerts surround the words you use with "" marks and it is best to make sure that you use certain words, maybe even a typo or grammatical error in your content so that Google doesn't keep sending you lots of similarly worded articles.


Some hosts don't even care about DMCA notices...they actually laugh at it, i know, i'm in the business.

There's really nothing you can do, your HTML/CSS is always going to be accessible, it has to be in order for the web browser to process it and your website to work.
There's no place like 0.0.0.0, i'm tired of being at 127.0.0.1

#10 RB_Kandy

RB_Kandy

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:04:09 AM

Posted 15 June 2012 - 01:11 AM

Wow, I just noticed how old the original post is, but people keep resurrecting it, so let me chime in and keep it going LOL

As previously stated, there is no fool proof way of keeping your web content out of the hands of other people. Though efforts in the past have been made. Such as placing a transparent gif over an image so that when you right click "save as" you save a big blank gif. However, you could easily view source of the page, find the image, look at the dir it came from, and copy it from there. In many cases that lead you to the dir where all the images for the site were.

Another attempt was to use pop up dialogues that tell you not to copy their stuff. And while it does stop "polite" people from copying your images and text, it did nothing to stop disrespectful users, as you could disable the pop ups, or just use keyboard short cuts.

Then there is making your website as a PDF. Well, if you set the security features to prevent copying and printing, than the user cannot copy and print using those commands from the PDF menu. However, it makes the entire site easy to download to the user's hard drive. Even if you set the option that the pdf may not be saved, there is a simple way around that, that works in all cases (at least I think it works in all cases) and I won't go into details as there is a small possibility that the mods might consider it tips on how to hack, even though I don't consider it a hack.
Another problem with the PDF is that it does nothing to prevent the user from "print screen" This is an OS based command, no messenger or browser client can disable that. So everything can be printed, and even video captured.

There is some trick to stopping people from copying text, and I haven't checked, but I think it's a matter of layering a huge transparent gif over top the text. At either rate, I avoid these sites like the plague for 2 reasons:
1. I like to copy and paste large blocks of text into my text-to-speech engine and listen to it being read. if I can't listen to the text being read to me, than I am not interested in your site.
2. These web pages tend to run my CPU to 100% and slow everything down, and at times crash my browser. I consider that an attack on my computer, and will avoid that site.

Same deal with Java based websites where every bit of content is dynamically created and everything runs on a million java protocals. Many people disable java, because java is how you get viruses via surfing (as opposed to getting them by downloading and installing). And of course Java takes a mellinium to load, and wreaks havac on system resources. poorly written java code can crash a browser or even the entire computer. I'm sorry, but java is just the anti christ of programming. So people will either avoid your site because it will be resource intensive or their browser isn't configured to run it. Heck I even avoid popular sites like Tom's Hardware simply because every page on that site takes forever for my system to parce, render, and load.
I only go into so much detail here because I think it is important for all web developers to understand that if their site, for any reason, makes a person's browser run sluggish or sucks up too much system resources, or forces them to click "next page" after every paragraph and have to load a billion advertizements on each page, people won't come back to your website, and that's bad for business. Ideally a web site should be compatible with as many prowsers and OS's as possible, and be as easy on bandwidth, ram, and CPU, as possible. Pages should load quick and not weigh down a system.
Oh and, off topic, but never embed sound into your web page, that embed sound tag should be demoted and no longer supported by any browser. Just saying.

And one last thing, making content that can't be copied and pasted, goes against our culture's spirit. We are the copy&paste generation. Look at the million plus youtube videos of people who make anime characters lip sync to popular songs. Look at homemade remixes of pop music. Look at parody videos of infomercials, the comical dubs of Billy Mays. and auto-tuning interviews and news segments. We are the copy paste generation, attempting to prevent that is a slap in the face to the web surfing public.

Your best bet is to politely ask that people not use any portion of your website without your permission. Polite people like me will respect that, but not everyone is polite.

*Edit: I wanted to add, that java isn't "really" evil. And mild and appropriate uses of java are fine. I just mean sloppy coding and overuse of java cause browser and computer hangs and crashes.

Edited by RB_Kandy, 15 June 2012 - 12:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users