Building a system that allows users to see a video only once

Posted by Bart van Heukelom on Stack Overflow See other posts from Stack Overflow or by Bart van Heukelom
Published on 2010-12-27T14:51:10Z Indexed on 2010/12/27 14:53 UTC
Read the original article Hit count: 215

Filed under:

flash

|

security

|

drm

|

pay-per-view

My client wants to distribute a video to some people, specifically car dealers, but he doesn't want the video to end up on Youtube or something like that. Therefore he wants the recipients of the video to be able to see it only once. My idea to implement this is:

Generate a unique key per viewer
Send each viewer a link to a page with a Flash based video player, with their key in the URL
Have Flash get the video from the server. On the server the key is checked and the file sent (using php's readfile or something equivalent). Then the key is invalidated.

I was thinking this wouldn't take more than a day to build.

I know that if you want somebody to be able to play something, you implicitly give them the power to record it as well, but the client just wants me to make it as hard as possible.

Do you think this is secure enough for the intended audience? Anything else I can do to add some security without exceeding the development time of 1 day? I'm also interested in ready made solutions, if they exist.

© Stack Overflow or respective owner

Related posts about flash

Flash Player error logs on Mac OS X

as seen on Super User - Search for 'Super User'
I'm on Mac OS X 10.5.8 running Flash Player 10,0,32,18. Flash Player is dumping giant amounts of error logging into the system log (stuff like "bit length overflow" and "code 0 bits 6-7"). Here's a tiny sampling: Oct 14 13:09:41 thorst-2 [0x0-0x58058].com.adobe.flash-10.0[2416]: bit length overflow Oct… >>> More
phablet-flash aborting while installing Ubuntu Touch on Nexus 4

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a Nexus 4 with Android 4.3 installed and I want to flash it to Ubuntu Touch. My system is Ubuntu 12.04, running inside a virtual machine on Mac OS 10.5.8. To use the VM, I opened an NAT bridge and forwarded port 5037 for adb, I can see the Nexus with adb and e.g. use the adb shell into it.… >>> More
Mac - Flash file not loaded in independent flash player

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am working on an independent application to play flash files on Mac. I have already done the same for Linux, and it works flawlessly but on mac for some reason flash is not drawing to my window. It is not throwing any kind of error too. I am using Flash player 10, that would mean that I am… >>> More
How to stream a shoutcast radio broadcast in Flash (Shoutcast Flash Player)

as seen on Stack Overflow - Search for 'Stack Overflow'
I've been looking for a solution to this for years, but nothing is conclusively documented. There are many Shoutcast Flash players out there (e.g. radio.de) so I know it's possible. However, most of my research leads to this: s = new Sound(); s.loadSound ("url.of.shoutcaststream:8003",true); Which… >>> More
Flash Web Design with the Help of Flash Professionals

as seen on Article City - Search for 'Article City'
Flash has often been criticized by web specialists for its relatively slow loading time. It?s also been targeted by many people who have experienced loading problem of a Flash site on the web. But no... [Author: David Jackson - Web Design and Development - August 31, 2009] >>> More

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More