Answer the question
In order to leave comments, you need to log in
How to protect HTML5 (H5P) video on your server from copying and downloading?
Good day to all!
Despite the fact that this issue has already been raised on the site, I would like to know if it is possible to protect the video on your site, which is served in HTML5 format (the video is loaded, interactive elements are superimposed on it through the open-source H5P plugin). All content is stored on our own server. Only subscribers have access to the video. Ideally, the video could not be downloaded and it was black when recording the screen.
Solutions that were proposed here:
1. Broadcast video in "pieces"
------
2. 1. The player receives a secret key at startup (via https)
2. A signature is added to all all playback requests (combination secret key + timestamp + url) and timestamp in additional header
3. The server decides what to do based on such a request.
4. optionally - encryption of the stream itself using the same key
------
3. Option to overlay "Unique watermarks", i.e. a watermark or other graphic element appears on the screen, which allows you to identify the viewer / downloader / copyer.
Well, from the dream section - so that this can be done with modest server capacities, conditionally on an average Rack server or a powerful PC (i7, 32GB ram) that is used only for one site.
If you can solve this problem, then we can discuss the details and discuss cooperation :-)
Thank you and have a nice day!
Answer the question
In order to leave comments, you need to log in
Well, how is that? Really it is not clear - everything that has got on the client - already at the client. No one will protect you from a blonde with an iPhone who stupidly takes the screen, and more advanced ones will simply record video from the screen using software.
What's the point of the secret key over https? Do you understand how it works? Encryption occurs only between the client and the server, as soon as the data has reached the client, the data will be decrypted by the browser.
All these methods are meaningless and can be bypassed without special skills, for example, on the 3rd option, you can simply blur the identifier.
I would do something more freaky, randomly overlay a sound identifier in a video that is incomprehensible to a person’s hearing) Something must be invisible so that no one knows about it for at least some time) In addition, implement the identifier with some code so that even after people have found it was not clear that this is an identifier)
I won’t tell you about the black screen during recording, but many protect themselves from downloading by giving the video through blob:
, which changes with each access, and inside this case the video goes in separate pieces.
As a result, what is happening is visible in the browser-based developer tools, but even individual pieces cannot be downloaded.
No way.
I'm installing a virtual box like VirtualBox. Inside it, I launch the browser, pay for a subscription, go to the site, start the video.
At the moment the video starts, I start recording the video stream from the screen area on the host machine and write to the end, then save the recording. Your server gives the stream to an honest client :) who paid for the subscription. The fact that there is something else "above" the client - he will not know and will not be able to find out.
Of course, you may ask - why do I need this? The Web is full of idiots and fans of all sorts of movements who, purely from their fan ideas, do very strange things from the usual point of view.
But technically it is possible. This is how I recorded a video from the old game "Rendezvous with a Stranger".
> so that the video could not be downloaded and when recording the screen it was black.
Perhaps this is impossible. I saw sites that use all sorts of tricks in the form of code obfuscation, right-click prohibition and redirectors - but this was still not enough to prevent me from downloading videos directly from the server, for example.
> so that the video could not be downloaded and when recording the screen it was black.
If you intend to use only online viewing, then you can prohibit downloading by implementing any of the DRM options. This is the only reliable way. But it requires other investments in the implementation of both infrastructure and code.
And as for the ban on screen capture - it's pointless, because they will still copy, even from a regular camera aimed at the monitor. Better remove anonymity by applying watermarks. The sound track option will not work, I judge from the experience of more competent specialists from Inventos
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question