Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine
Allow file to be read on only one machine Allow file to be read on only one machine
Allow file to be read on only one machine
Go Back  Xtreme Visual Basic Talk > > > Allow file to be read on only one machine


Reply
 
Thread Tools Display Modes
  #1  
Old 09-18-2010, 03:14 PM
dgdolins1 dgdolins1 is offline
Centurion
 
Join Date: Dec 2002
Posts: 124
Default Allow file to be read on only one machine


Hello,

We have a client that creates a suite of pdf manuals which are downloaded off their website with a unique username/password using a vb app we wrote. The file is in a password protected zip format. On downoad complete, the file is unzipped and stored in a hidden folder on the machine. They charge and arm and a leg for this pdf documentation and have reason to believe a few clients are now just using one username/password to download the files and then copy them to multiple machines. The files are launched through a shell we also wrote and it looks like we will be moving to a custom viewer in vb (using the acrobat reader ocx control).

Any ideas on a way to only allow the manuals to be opened on one machine?

I was thinking of leaving the files in the password protected zip and extracting them to a temp folder when opened through the shell and deleting them on close.

I Also thought about internally tagging the pdf file with a unique machine id (like hard drive serial no.) and removing it before opening and removing it on close.

I realize there may not be a perfect solution to this, but we want to make directly copying the files a bit more difficult.

Thank you.
Reply With Quote
  #2  
Old 09-21-2010, 10:17 AM
PrOpHeT's Avatar
PrOpHeTAllow file to be read on only one machine PrOpHeT is offline
Hopelessly confused...

* Expert *
 
Join Date: Mar 2001
Location: Tyler, Tx.
Posts: 3,055
Default

Well, considering the PDF viewer will probably allow saving the file once opened, at least natively, then the "where to put it before opening" becomes a moot point.

If you really want this to be that secure, I would consider not distributing them as PDF or looking into DRM for the PDFs themselves.

My approach would be a proprietary file format (Could even boil down to PDF with extra header information)

The end result being a file that when copied is useless on another machine without the specialized viewer you create. It then gets into the real of securing the viewer from the same copying proceedure...

This is of course thwarted by any ability to save / print / etc...

Locks keep honest people honest, in the end you have to measure loss against development cost.
__________________
When you earnestly believe you can compensate for a lack of skill by doubling your efforts, there's no end to what you can't do ;)

For the love of Gold...
Reply With Quote
  #3  
Old 09-21-2010, 10:40 AM
AtmaWeapon's Avatar
AtmaWeaponAllow file to be read on only one machine AtmaWeapon is offline
Fabulous Florist

Forum Leader
* Guru *
 
Join Date: Feb 2004
Location: Austin, TX
Posts: 9,500
Default

You do know that PDF already has a built-in DRM solution supported by Adobe, right? It's going to be very, very difficult to write your own that's resistant to casual attacks. I'd just use theirs. I've purchased a few e-books that only worked on some limited number of machines before I got so frustrated with the concept that I swore off buying anything that limited again.

If you want to roll your own, hire some computer security experts with salaries reflective of how much business you think you lose when people copy the files.
__________________
.NET Resources
My FAQ threads | Tutor's Corner | Code Library
I would bet money 2/3 of .NET questions are already answered in one of these three places.
Reply With Quote
  #4  
Old 09-21-2010, 07:18 PM
dgdolins1 dgdolins1 is offline
Centurion
 
Join Date: Dec 2002
Posts: 124
Default

ugh, Thanks guys. I knew about the DRM for pdf from a while back but completely failed to think of it as part of a solution. I'm glad I asked.

I worked out a rough plan using this idea where on file download/unzip I would set a password on each file based on say the hard drive serial number or something unique to the machine it was downloaded to. Then, in the custom viewer, automatically enter the password and open the doc in the ocx control. Unfortunately, the ocx does not allow you to enter a password to view a protected document. I will keep digging. Thanks.
Reply With Quote
  #5  
Old 09-22-2010, 09:21 AM
AtmaWeapon's Avatar
AtmaWeaponAllow file to be read on only one machine AtmaWeapon is offline
Fabulous Florist

Forum Leader
* Guru *
 
Join Date: Feb 2004
Location: Austin, TX
Posts: 9,500
Default

If the file is stored unencrypted on the hard drive it is a trivial matter to find and open it. A smart user would find it at install, a smarter user would find it when they launch your browser. It's like putting extra concrete and locks around your front door and leaving the back door unlocked.

Adobe's DRM works because the file is stored encrypted and only decoded after the DRM check passes. The decrypted parts of the file you are viewing are stored in memory, not the hard drive. The only way to achieve this on your own would be to write your own PDF viewer (not use a control that already implements it) so you can read the decrypted file from memory rather than the drive.

It's still possible to make copies at that point because administrators can read memory, but it requires a level of sophistication great enough that it's not worth trying to mitigate.
__________________
.NET Resources
My FAQ threads | Tutor's Corner | Code Library
I would bet money 2/3 of .NET questions are already answered in one of these three places.
Reply With Quote
  #6  
Old 09-22-2010, 09:28 AM
PrOpHeT's Avatar
PrOpHeTAllow file to be read on only one machine PrOpHeT is offline
Hopelessly confused...

* Expert *
 
Join Date: Mar 2001
Location: Tyler, Tx.
Posts: 3,055
Default

Just keep in mind for as many lock there are a greater number of picks.
The password protected zip is only good until it is extracted, then it is moot.
And DRM on the PDF is a paper wall after about 10 minutes of googling.

It is not that a custom solution would be less susceptible to attack, it is simply less of a target. Therefore I would still suggest the custom file format, something to make the file useless without the reader. There are countless ways to make then the reader *less* likely to be copied.

There are PDF controls I do believe out there that allow you to load the PDF directly from a memory stream, I know there are ones (Specifically from exceed, likely others) that allow you manipulate the zip files in memory. By controlling the file format that the PDF files are archived into, and bypassing the write to disk then getting your hands on the file itself would prove not impossible, but difficult.

If going this route it would lead to the question of IF the files had to be PDF, considering you would only view through your application, and you do not need or want the ease of distribution for the PDF file format, are you bound to some function of the PDF, or is there another file format that would more easily facilitate the all in memory method?

I like Atma's last comment, it comes to a question of loss vs cost. Are there really a large amount of people intentionally trying to circumvent your security, and if so at what cost. That generally dictates how far you have to take the countermeasures.

It saves you nothing if it cost more to code, debug, and support in the end.
__________________
When you earnestly believe you can compensate for a lack of skill by doubling your efforts, there's no end to what you can't do ;)

For the love of Gold...
Reply With Quote
  #7  
Old 09-22-2010, 09:30 AM
PrOpHeT's Avatar
PrOpHeTAllow file to be read on only one machine PrOpHeT is offline
Hopelessly confused...

* Expert *
 
Join Date: Mar 2001
Location: Tyler, Tx.
Posts: 3,055
Default

Touche'
__________________
When you earnestly believe you can compensate for a lack of skill by doubling your efforts, there's no end to what you can't do ;)

For the love of Gold...
Reply With Quote
  #8  
Old 09-22-2010, 09:59 AM
dgdolins1 dgdolins1 is offline
Centurion
 
Join Date: Dec 2002
Posts: 124
Default

Agreed and I thank you fellas for the comments. I should have been clear sooner in that we are just trying to keep those casual users from finding the files and copying them to a second machine. Like you say, if they really want it they can get it and we are not terribly concerned with those advanced users (personally, I highly doubt we will ever have to worry about these types). If they find the PDF and try to open it and receive a password dialog, most will give up. Thats what we are after. We have gone around and around with this client for over three years on this issue and now they are really pressing for it and are willing to pay for it so they see at least doing something worthwhile. Like you said Atma, you lock the front door, only to leave the back door unlocked. This is why it always was shoved to the back burner. Its going to take some effort on both our ends as they maintain the zip files and account/login info...if a client buys two machines and subscriptions and cancels one whats to stop them from copying the username and password to the "cancelled" machine to get the documents. There is some work to be done, but I think we can get to where we want to be.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump

Advertisement:





Free Publications
The ASP.NET 2.0 Anthology
101 Essential Tips, Tricks & Hacks - Free 156 Page Preview. Learn the most practical features and best approaches for ASP.NET.
subscribe
Programmers Heaven C# School Book -Free 338 Page eBook
The Programmers Heaven C# School book covers the .NET framework and the C# language.
subscribe
Build Your Own ASP.NET 3.5 Web Site Using C# & VB, 3rd Edition - Free 219 Page Preview!
This comprehensive step-by-step guide will help get your database-driven ASP.NET web site up and running in no time..
subscribe
Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine Allow file to be read on only one machine
Allow file to be read on only one machine
Allow file to be read on only one machine
 
Allow file to be read on only one machine
Allow file to be read on only one machine
 
-->