Content theft preventative measures
 

In a nutshell, what the script does is watermark photos on the fly with your members user name, IP address and date viewed.

A demo can be viewed here:

dev.cjhmdm.com/demo (:mad: no clicky)

Login:
demo - demo
demo1 - demo1
demo2 - demo2

If there's true interest in something like this then I'll move forward with other plans, which include a second, "invisible" watermark that only program owners will be able to find/see. Also, if the interest is high enough I will also work on a script that can provide the same for videos.

Can use user:[email protected]/demo to test each user name without having to clear your auth sessions, etc.

Just to note, the script uses standard text instead of an image for stamping the photos to reduce resource usage. Recreates each image on the fly without saving to file, though if you want to save the images to file, this can be done as well.

Output can be modified to change font, font color, font size, text position as well as text shown to suit your needs. Please note that the ttf for whatever font you want to use will have to reside in the same location as this script.

Now, I know the best things in life are free, but no one made a real living giving things out for free I won't be charging a ton, somewhere around $25-50 depending on the other things I'm able to implement. I think that's a fair price, but it's just me so...

Let me know your thoughts, good or bad.

Also, what else would you like to see added? About the only thing I won't add is support for using image based watermarks as this script is intended to be run on live servers, so the footprint has to remain small, and the best way to do that is via simple text.

http://www.dev.cjhmdm.com/demo

Not Found

The requested URL /demo was not found on this server.

http://dev.cjhmdm.com/demo/'

works for me.

remove the www :P

Interesting concept, I think it has some market potential.

I think the best option is to have both kind of watermarks on a picture (video), visible and invisible.

Visible watermark has a substantial preventative potential because 90% of surfers wouldn't even think of sharing a file when they see it with their own eyes their personal info is on it (invisible watermarks would not have such an effect even if you put a huge warning on a page saying all pics (videos) are watermarked - some surfers wouldn't believe, some would not notice etc). But it can be removed.

Invisible watermarks have less of a scare potential, but they can't be removed and even if a visible watermark was blurred you'll still know who shared your content.

That is very nice. Even if I do not run a paysite myself now, I was asking about something like this earlier, also the "invisible fingerprint", and content protection is obvious market these days, when producing something new. I mean, who wouldn't pay some few bucks for protection if they can gain hundred or thousands times from it?
You should market it, and I will surely forward it if you do :thumbsup

The only problem I see, is if someone get their member account hacked, or "pretend" it is hacked. But the IP part could do the trick, together with properly tracking software. At least limit it, and make paying members think twice before they upload to rapidshare or whereever they share.

Yes IP should do the trick, if it doesn't much the one from the billing company's records, it could mean login info either leaked or was hacked etc. But it's still usefull information because you can ban those IPs of the known file sharers through your htaccess file and redirect them to google - they wouldn't have a chance of getting to your site ever again. Sure they can use proxies etc - but downloading HD content through a proxy is a pain, and there isn't the whole lot of publicly available proxies out there, they'll eventually all be banned.

I think we should implement this industry wide, and share IPs databases with each other - so those who're likely to share content would be all redirected to google or whatever, not only from a paysite where they were caught abusing their member access, but from lots of other paysites too.

clever concept, although once any particular batch of watermarked member content
subsequently becomes viralised by others, it becomes tough to point any fingers,
so good for working out the initial source of the "leak", but after that.. unsure..

The first link in the chain is really what you're after - without the first link, there's no chain.

If enough of your members will be scared and not share, there will be way less of those "chains" out there, and much less damage done to your copyrighted materials.

And you have a rock solid proof on file (literally lol) of who was the first link in that chain and leaked your content from member area - it is enough to even go after abusing member in court if you feel like that. You do not have to go after all of them who was in the chain, just the first one which is more than enough. Several of such precedents and even less surfers will go on sharing, thus even less "chains" out there.

I wonder is it possible to have MAC address added to the watermark?

Yes, the initial source is the one launching the damage, and with fingerprints you can trace and estimate actual damage. It's the same logic and argument used against some initial source planting a virus, isn't it? :)

Of course, it doesn't take much for someone to crop out the text. Affiliates are doing it, why wouldn't customers?

Well, initial protection should start from the server level. Meaning that every paysite should have some sort of login protection to prevent password sharing/stealing. We're currently using Password Sentry on our main site, and it works rather well. This alone will help any case that goes to court by having a 2 way, and possibly 3 way comparison. 2 Way comparison would be IP on the content + IP recorded in the login record. 3 way would be those 2 + the IP of the person in question obtained from their ISP (if that's possible).
As previously stated, if you can stop it at the source then you can pretty much stop the rest of the train. Major points noted in my reply to the quote above.
I will look into this.
The visible watermark serves no more purpose than to warn them. If they want to crop, so be it. This is where the invisible (digital) print comes in, which can be placed anywhere in the image; you'd place this one somewhere where it can't be removed.

An additional note: I'm running into some probs with stamping videos without having to re-encode. While re-encoding via tools like ffmpeg is relatively fast (less than 5 minutes encoding time for a 30 minute video), the resource usage is simply too high. I'll keep looking for solutions to this though. One possible solution would be to have a download queue, though I dunno how that would work out to be honest. I'll keep you updated on my findings.

Thanks for showing interest in this concept. While it's not original, I don't see it being used widely just yet so figured I'd step in and try to produce something. I wonder how long it takes for someone to "copy" this and if they'll beat me to the punch on a complete product haha.

Because 70% of them are lazy ass fucks who wouldn't lift a finger, another 25% are not that lazy but they wouldn't have necessary software or wouldn't know how to use it. And only about 5% will go on sharing your cropped images (could be even less if you warn them there's is invisible watermark too).

Certainly interested, pass me a line when you are finished with the product.

Will do.

Also, would there be any overall interest for some software that automatically searches for content throughout various known torrent/p2p/tube sites that will email you results found and even possibly auto email the dcma complaint to said site? Naturally, this would take a lot more time to develop but I'm pretty sure I can come up with a way to do this.

Give me more ideas as well. If you can think it, I can probably do it... though real time fingerprinting videos on the fly is proving difficult due to realistic resource usage :s

There is already flag/monitoring/alert systems in place, but anything new/improvements is great. I don't think the methods and technical details will be published here, but you should talk to those handling these kind of things. Like removeyourcontent.com for instance.

Thanks for the info. Looking at the site you mentioned, it seems they offer a service to manually search for your content, for a fee. What I'm proposing is an automated method that is readily available to anyone, and for likely a lot less than a fee based solution. The major difference between the 2 is accuracy, in which those who manually search for your content will likely find more (or even all of it). Now, naturally the 2 methods will cater to different crowds, but if there is any sort of demand for something like this then I'll work on it.

I'm very sure there is demand for it, because time and ressources is the limit to gain knowledge and act upon it... or at least you can "create" that demand by contacting those who suffer most infringements and those who is dealing with it. If you program it, then try it out and demonstrate your product for the potential customers. Show them the real things, because that certainly bring attention.

offer a free program that works for 30 days. then charge people if they want to keep using it.

Given how prevalent and wide spread this content thievery issue is, I'm surprised that more webmasters and developers are on the bandwagon with you here.

I've looked at a couple of digital watermarking solutions (one being www dot digimarc dot com) but it doesn't seem like this has moved into this space. How come?

I for one love the idea and would like to hear some more. Especially the idea of being able to locate content that has been "borrowed" and used in another location. I'm seriously considering using the digimarc solution even with the added expense ($700 for Photoshop + $500/yr). But what's $1200 considering all the money we loose to this every year?

I for one would be more than happy to work with you and would be the first person in line to purchase if you had an affordable digital watermarking and tracking solution!

Interesting. This could be very effective in combination with actually suing the offending members for damages and including wording in your TOS which specify this.

Bump, will read this in a bit

Interesting script :thumbsup

I made something similar a few years ago, it would write IP and other info on the pic in a random corner in a real tiny font, and also I worked on putting a bar code type mark that wouldn't be seen. Good luck with yours.

great idea

Can it also do it with a zip file that containes an image set?

Any update on this?

One of the best prevention methods is kill online checks.
Duke

It will just take one pirate with a stolen credit card and bogus information to rip your site. you will have no idea who it was, if you charge the Credit card it will be blocked.

its a nice idea, but useless. The only way I see to protect content is to use encrypted flash galleries, that cannot be decompiled or have the resources extracted, and using a on -the-fly encrypted streaming video server that encrypts the video specifically to the player. there are some other things that can be done to really lock down the content to the visitors session as well. Even this won't stop the hackers and pirates, but it will give you time to sell your content and make money befor it all show up on thepiratebay

Doesn't work
 

We tried a similar script that was written by Manny from Isprime. We actually had the script write the user names on the images in random locations, all over the image, in 3 various spots per image. The pirates are not affected by the script because they don't use conventional ways to get into the sites, therefore they are able to still download the images essentially without the script "seeing" them and it never ends up writing anything on the images.


Good idea, but won't work! What needs to be done, is we need to know how they are accessing the sites, then find ways to block that.

Did the pirates hack your server, or did they just figure out the path to your data directory with the original images?

If it is only the latter you can block access to that directory with a simple .htaccess file in the folderOr you can move the data folder outside of the webserver's document root.

I would have to say monitoring tube sites for stolen video would be a massive undertaking as automated scanning would be next to imposable.

Tube site rename videos , change the size etc.. pattern matching which is what a spider would have to do based on those basic properties would fail.

I, myself, and a team of guys from the U of Chicago, in the 90's developed image recognition software to detect colors, facial features etc... This method could work but I expect the hardware, software costs would be enormous, not to mention the bandwidth bills to monitor these tube sites for content. (You may remember Lycos who licensed this software, they were the first to AI images, so no it was not Google or Yahoo)

I have created algorithms that can be used to detect duplicate images, so grabbing a screen shot of a video and comparing it to what you have is possible but again you would have to process the entire video frame by frame.

Another option which would have a very large overhead would be do download the new daily videos or log the URL's and spend the day looking for your stuff with human eyes. Again not very effective.

So no offense guy but I doubt you could offer up a reasonable solution on a programming level that would be of any real use, it would take far too long to process and would cost way more than it is worth.

Server side security..
 

I think the best way to help cut down on image / video theft is using a script proxy to serve up the images from a different server not on the "Cloud" but just on the internal network, protected by only allowing access from an internal IP on the Web Site server.

We call this dual homing, where you have one network adapter connected to the public internet "the Cloud" and another on the internal network. You can use a scripting language to stream video and images from the protected server to the client browser, no direct linking would be possible and the directory hosting the images and videos would only be accessible from the web site server or if someone was physically at the protected server.

This by no means is a 100% solution but it sure will cut back on the theft. Invisible water marking on images and in video would be useful now as they would have to scrape the videos and images which means they would get processed in a script before being displayed and would be watermarked.

Finding a good method to track them down would be an issue, but at least they would be traceable.


My, :2 cents:

Because you're fighting the wrong people.

You will never win against true PIRATES. You will never win against torrents and file sharing.

You can however, win against the average Joe who shares your galleries with everyone else. Joe usually doesn't know how to crop images and the few who do, either won't bother or don't care. You can cut tubes and board sharing way down. But fighting professional pirates is a losing battle.

Don't stop fighting, keep chipping away at the stone. Even a 20% reduction is HUGE.

:2 cents: +1

Is this still being developed? I am very interested in using such a script.