I must not be understanding their product specs clearly enough. But if
the documents are available on a web server and if all their Mirage
product does is prevent the end-user from copy the information from the
browser and redistributing it, then I fail to see how it can stop someone
from just downloading the content using programs like wget and just
storing the data directly to disk. The bottom line is, the content is
available on some type of server. It must be transmitted completely to
the end user in order for the data to be rendered in a browser. The user
can, as I mentioned previously, just save the data to disk without
rendering it in a browser (using wget or some similar utility). Even if
that wasn't possible, what would stop the user from using a network
capturing program to dump the data packets received from the network to a
file?

-Wayne

On Mon, 14 Jan 2002, Andersen, Thomas Bjoern wrote:

> Hi all,
>
> I recently came across Clever Content from Alchemedia
> (http://www.alchemedia.com) which is an image protecting system for
> webbrowsers. Basically, it works by installing a plugin that patches
> Windows/Mac OS and disallows any access to the screen memory, as well as
> controlling how you may use the image on a webpage. The system appears to
> be clever enough to work out when it's running on VNC, VMware or VirtualPC,
> so you can't grab screenshot by using any of those products. There is also
> an "encryption" plug-in that needs to be installed on the webserver serving
> the images.
>
> Has anyone come across this product before? Any comments on the client
> and/or server side security?
>
> Thomas Bjørn Andersen
> e-mail : tbandersenkpmg.com
>
>
>
> ________________________________________________________________________________
>
> In KPMG's opinion, non-encrypted communication via the Internet is not to be considered secure.
> For that reason, it is KPMG's policy that uninvited use of the Internet concerning exchange of confidential information with our clients must not take place. When exchanging information, the client is held liable.
> This e-mail may contain confidential information and is intended solely for the addressee, and any disclosure of this information is strictly prohibited and may be unlawful. If you have received this e-mail by mistake, please notify us immediately and delete this mail.
> This footnote also confirms that this e-mail message has been swept by MIMEsweeper for the presence of computer viruses.
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]