tags:

views:

64

answers:

2
+1  Q: 

Masking Audio

When music is publicly streamed on a website, most of the time they are just linking .mp3 files. Although that doesn't stop anyone from downloading it.

How would you prevent this?

I had a few ideas:

  1. To have the music be in say directory, /tmp/name.mp3 but have it stream through /music/name.mp3.
  2. Use a header to check and see if there is a referrer from a specific domain (music.com), if not redirect them? So if they try to listen to it directly, it won't have a referrer and will not stream the music.

Your thoughts?

+2  A: 

jwz has written up a page describing the issues surrounding this (mostly legal, some technical) for his mixtape collection. See the "decipher the rules" link at the bottom. Here's a relevant quote:

This means that, for example, if there existed tools out in the world that made it trivial for you to download any streaming audio webcast anywhere, I wouldn't be allowed to tell you what those tools were. If they existed. And I'm not saying that they do.

Greg Hewgill  2009-02-20 23:04:57
The link to the page that Greg is referring to, I think, is http://www.dnalounge.com/backstage/webcasting.html
womble  2009-02-20 23:10:04
This is exactly why I want to mask the URL's, legal, I would love to give the music out, but it would hurt in the long run. Thanks!
Garrett  2009-02-21 00:02:41
+3  A: 

You can't stop someone from saving the data stream you're sending. Once the bits hit their computer, you don't know what they're going to do with them. DRM raises the bar a bit, but not by much, since as soon as someone works out how to get around it, they just post a program on the Internet and everyone uses it.

Give up trying to stop people doing what the technology allows them to do, and instead use the advantages of the technology to give people what they want and hence make more money.

womble  2009-02-20 23:22:02
Womble, I understand that. I am not just going to give up and get myself in more trouble due to that. There is a way, and this isn't one of them. I understand once it's downloaded I can open my activity monitor and download it once it's finished. But so people can't send the links around.
Garrett  2009-02-21 00:01:56
If you just want to prevent people having a permanent link to a resource, there's lots of ways to do that, but it's a completely different question to the one you've asked.
womble  2009-02-21 01:31:17

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security