ASP.NET VERSIONS: ALL
Protecting Your Content
By Don Kiely
You ve finally done it. The brand new Web site, unlike any the world has ever seen, is up and running on your production machine, and you re about to set the DNS switch that will let amazed and dazzled users see your creation. The accolades are likely to propel you into the list of geniuses of industry who will be studied and revered by generations of technocrats.
But there s just one little problem. How do you protect the content into which you ve put your creative genius? You want users to see the images, the Flash movies, and all the other doodads that will dazzle them. But you don t want your brilliance copied, e-mailed out of context of your Web site, or viewed without all the wise text that gives meaning to all the content, pulling it together into a complete revelation that will have users coming back to your site for decades. There has to be a way to prevent those pesky users from using your content outside of your site, right? Something built into ASP.NET or IIS that protects your content? Surely computer security has evolved to the point of being able to protect such valuable content?
The easy answer is that, no, there is no ironclad way to protect your content. Once your image, for example, is displayed in the user s browser, it is located on the client machine and is out of your control. A video that runs in a browser is delivered over the Internet to the client and is susceptible to capture in various ways.
The bottom line is that if it s viewable in a browser, there is almost certainly a hack the user can employ to capture the content in some way. You ve lost control. Sure, you can add banners, signatures, and perhaps some kind of watermark to damage the visual, but that is going to affect the user s enjoyment of the image on your site.
So, as much as I d like to present you with a foolproof technology method for protecting your content, if you put it on the Web, anyone can grab it and make use of it. There are really only four things, three of them reasonable, that you can do as of today to help protect your content:
- Copyright your content. This doesn t prevent someone from taking and using your content, but at least you can have the satisfaction of spending years in court and forcing a judgment that you ll likely never collect on.
- Embed a digital signature into your content. This way, you can at least prove that it is your content when you start seeing it on 50 thousand sites across the Web.
- Put content you want to protect in a members-only section of the Web site and protect it using all the full force of ASP.NET and IIS. And then be sure that you trust the users you let into that part of the site to protect your content as aggressively as you do.
- Don t use the content on a Web site. If users can t view it in a browser, they can t steal it. More precisely, it will be harder to steal because they ll have to find it first. Security by obscurity is rarely very secure, but it can slow down hackers.
The Web is meant for sharing, so be sure that what you put out there is what you want to share with everyone.
Don Kiely, MVP, MCSD, is a senior technology consultant, building custom applications as well as providing business and technology consulting services. His development work involves tools such as SQL Server, Visual Basic, C#, ASP.NET, and Microsoft Office. He writes regularly for several trade journals, and trains developers in database and .NET technologies. You can reach Don at mailto:[email protected] and read his blog at http://www.sqljunkies.com/weblog/donkiely/.