One of the most popular articles I've ever written has been about Preventing Image 'Theft'
. I wrote it several years ago, but people are still reading it (evidently) and contacting me about it.
I've recently had call to use this sort of thing myself, and what I've got now is rather more advanced than described in the original article. For instance, now I transparently intercept images 'going offsite' and replace them with a correctly-sized blank box containing text about the copyright. And for images I want to be basically previewable but not really usable (if people want a usable version they need to contact me) I watermark 'em.
Watermarking a digital image means adding information to the existing pixels. It can be involve adding invisible information for identification purposes, such as the Digimarc
technique, or it can be to to visibly degrade the quality of the image, perhaps with a message. I've used both, but it's the latter mechanism I needed most recently.
Watermarking for degradation is an interesting challenge. There's nothing you can do short of actually destroying data to keep a really
determined perp from gatting past your defences, but you can make it pretty difficult.
For instance, the degradation watermarking I set up recently uses a watermark with built-in noise, so there isn't a single same-colour region that can be undone. A perp would have to figure out what the watermark pixels are, pixel by pixel, in order to create a mask to remove it. And since I'm using it on dense JPEG images, that's a little difficult.
In addition, the watermark is repeated across the entire image, and not
at regular intervals. Each one is jigged a bit at random, so no two previews of the same image should be identical. (Well, modulo repeats of the random sequence.) This keeps a perp from figuring that the watermark is repeated at fixed intervals, and using that to help remove it. Of course, if it accesses multiple previews of the same image, it can eventually probably
figure out the pixel settings by comparing them. But I suspect that would be a major chore, too.
Both the replacement-with-notice and the watermarking are done in realtime as part of Apache's response to a Web request. The replacement is very low impact indeed, and doesn't cause performance to deteriorate noticeably, but the watermarking involves actual image manipulation, of megapixel images, and so can
slow things down. So you can use the former on almost any server, but the latter really needs a machine with a lot of oomph to keep visitors happy.
You can, of course, get rid of the performance impact by watermarking the images ahead of time, and sending the results normally. That decreases the random factor, though,
and possibly makes the watermark more easily removed.TANSTAAFL
. Security always costs something
, even if it's only (!) convenience.Ken Coar