How can I prevent/make it hard to download my flash video?

Question

I want to at least prevent normal users to download my flash video.

What's the best way to do it?

Create a httphandler, add a token (e.g. timeid), set the cache control to no-cache so that only the users with correct token can view the correct video. Is that feasible?

It is the requirement from client that the video should not be downloaded by users and should be watched only in the particular website.

I want to know if this works: http://www.somesite.com/video.swf?time=1248319067

Server will generate a token(time in the above example) so that user can only have one request to this link. If the user wants to watch the video again, he needs to go to our website to get the token again. Is this okay to prevent novices from downloading?

I can't download this flash video by the downloadHelper firefox plugin: http://news.bbc.co.uk/2/hi/americas/8164177.stm

Updated (13:49 pm 2009/07/23): The above file can be downloaded using some video download software.

The video files of following Chinese sites are well protected (I can't download it using many video download software): http://programme.tvb.com/drama/abrideforaride/video/

Do you know how it is done?

Answer 1

I dont think there is an easy way to stop people from getting your videos if they want them,

there are plenty of plugins for firefox that allow downloading from even youtube and many places. And i imagine those plugins would disable any attempt you made to hide your videos.

not too terribly different than taking an image from flicker, they put a clear gif image over the image that you want to view, so that when you right click and save you get "the shield" image, however can be defeated by the lowly print screen button.

if you want casual users from getting your file, use a flash control and buffer a minute or two of your videos and make that flash authenticate with the server to get those files. that seems reasonable to me

Answer 2

It sounds like you need to add authorization and authentication.

You could put the flash video under a different folder in your ASP.Net application and add a web.config file in that folder to deny access to unauthorized users. For example:

Then you need to enable authentication for your website. The simplest method is forms authentication. A trivial example with hard coded username and password is provided here.

There is loads that you can do with the authentication framework in ASP.Net I suggest googling a bit.

Answer 3

Don't make it available for download.

Answer 4

I don't think there really is an easy way to limit people from getting at it. Your sending them the video, that is how they are able to view it. Any user could just use FRAPS or a similar tool to copy the video from the screen as well.

If your worry is being copied and used elsewhere then you can watermark it or use a few other types of copy protection methods that will allow you to identify your work on other sites. If your worried about people copying it for personal use, then you really have no way of stopping it, you are sending it to them.

Edit: Due diligence would be to inform your customer of how easy it is to copy the work that they will be posting. Most clients have really no idea how easy it is.

Answer 5

The only way to do this is with a trusted client, DRM and an encrypted source.

Your player opens up a connection, the user has a connection to the stream, you perform some magic authentication with their token and then transmite the encrypted data to them.

If you don't do this then anyone can download your video and save it out.

However with all that aside, someone can run screen capture, then save your video and do it again. This is again where the DRM comes in as one of the key features of the DRM in windows clients is that the buffer cannot be sniffed as it's on the protected media pathway.

I guess its a question of how to protect your revenue but dealing with pirates is always going to be a problem for software devs no matter what their business is.

Answer 6

I have attempted two way to prevent the downloading but fails.

• Using javascript to dynamically generate the object for flash.
• Using the token idea proposed in the question.

What annoying me most is that a simple SAVE/AS from the firefox browser could easily bypass the tricks.

The only variable way so far is to using an empty swf file to load another swf file in. Combined with the token idea, it works.

Answer 7

Create really bad content so that no one will want to bother downloading it. Personally it is very hard for me to spend time trying to download a video I do not want