What are some effective strategies for preventing the use of my proprietary images?
I'm talking about saving them, direct linking to them etc...
Presently I have a watermark on the image, but I'd rather not.
.NET platform preferred, but if there's a strategy that's on another platform that integrates with my existing application that'd be a bonus.
It's not possible to make it "impossible" to download. When a user visits your site you're sending them the pictures. The user will have a copy of that image in the browsers cache and he'd be able to access it even after he leaves the site ( depending on the browser, of course ). Your only real option is to watermark them :O
using JavaScript to override the click event is the most common I have seen...
see: http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=41
Realistically you can't, unless you don't want them to see it in the first place. You could use some javascript to catch the right mouse button click, but that's really about it.
Another thought, you could possibly embed it in flash, but again, they could just take a screenshot.
@Owen Well that wouldn't prevent them from right clicking and saving the file if they were properly authenticated.
Yeah so far all my best options are fairly easily circumvented with either a screenshot or cache digging.
You could embed each image inside of a flash application, then the browser wouldn't know how to 'save' the image and wouldn't store the raw jpg in the cache folder either. They could still just press the print screen key to get a copy of the image, but it would probably be enough to stop most visitors.
@Wilka My current method is actually similar to that...I encrypt the img URL and a bunch of other stuff and pass that to a flash movie...the flash movie then decrypts it and places a watermark layer over it... There are holes to this that are already being taken advantage of however...but it's becoming clear that if it shows on your screen...there's not much that can be done except for watermarking.
Anything you send to the client is, like, on the client. Not much you can do about it besides making somewhere between "sorta hard" and "quite hard" to save the image.
Sorry. That's impossible. All you can do is make it inconvenient a la flickr.
I would watermark them, and reduce the resolution, of the actual files, instead of doing it through an application on the user's end.
Short answer: you can't. Whatever you display to a user is going to be available to them. You can watermark it, blur it, or offer a low-res version of it, but the bottom line is that whatever images are displayed in the user's browser are going to be available to them in some way.
Response.WriteBinary(), embedded flash, JavaScript hacks, hidden divs.
Over the years I have seen and tried every possible way to secure an image and I have come to one conclusion: If it can be seen online; it can be taken, my friend.
So, what you really should consider what the final goal of this action would really be. Prevent piracy? If a gross and oversized watermark is not your style, you can always embed hidden data (Apress had an article that looked promising on digital steganography) in images to identify them as your own later. You might only offer reduced or lower quality images.
Flickr takes the approach of placing a transparent gif layer on top of the image so if you are not logged in and right click you get their ever awesome spaceball.gif. But nothing can prevent a screenshot other than, well, just not offering the picture.
If the music industry could get you to listen to all of your music without copying or owning files they would. If television could broadcast and be certain nobody could store a copy of the cast, they probably would as well. It's the unfortunate part of sharing media with the public. The really good question here is how you can protect your material WITHOUT getting in the way of respectable users from consuming your images. Put on too much protection and nobody will go to your site/use your software (Personally if you try to disable my mouse I'll go from good user to bad nearly instantly).
It's just not possible. There is always the PrintScreen button.
Whatever is displayed, can be captured.
unfortunately you can always screen grab the browser and crop the image out, not perfect but it circumvents almost every solution posted here :(
It's just not possible. There is always the PrintScreen button.
I remember testing ImageFreeze years ago. It used a Java applet to fetch and display images. The image data and connection was encrypted and the unencrypted image wasn't stored in a temp folder or even in Java's cache.
Also, the applet constantly cleared the windows clipbrd so Print Screen didn't work.
It worked pretty good, but it had some faults.
Besides requiring Java, the JS that embedded the applet (and maybe the applet itself) was setup to not load properly in any browser that didn't give access to the windows clipbrd. This meant that it only worked in IE and only on windows.
Also, the interval the applet used to clear the clipbrd could be beaten with a really fast Print Screen and ctrl+v into Gimp. Printing the screen in other ways would work too.
Finally, Jad could decompile the applet and all/most of its files. So, if you really wanted the pics, you could poke around in the source to figure out how they did it.
In short, you can go out of your way to stop a lot of people, but usability goes down the drain and there will always be a way to get the image if the visitor can see it.
Another approach I've seen that's still entirely vulnerable to screen grabs but does make right-click and cache searching sufficiently annoying is to break the image up into many little images and display them on your page tiled together to appear as though they were a single image.
But as everyone has said, if they can see it, they can grab it.
