EXAMPLE: Secure your source files

[Desmond]

Hello,

This example demonstrates how to secure your source files (in this case image files) using a renamed and [potentially] password protected zip file.

This example could be expanded to make use of the built-in Crypto actions as well.

Skills Used: Rename files, temporary file, ZIP, security, Image Object, source files.

[hektor]

how you did that ? may u explain please ? as detailed as u can ? i wanna protect all data include html pages and .exe app ? are it possible to protect those item ?

[Desmond]

Well, it is possible -- sort of. You can protect the files up to the point that the user will see them -- but you still have to unprotect them (ie. unzip to a temp location) to allow the user to view.

Protecting files is a loosing battle -- ultimately the user can "steal" anything that they can see on their screen (And even some things they can't). So the users that you are *Really* concerned about will probably be able to get your source files, regardless of the security you implement. And you risk inconveniencing legitimate users should something go wrong with your protection scheme.

Desmond.

[hektor]

what about just hide the "Autoplay" folder ? are it possible in ISO ?

[Desmond]

Well, if you built your project into an ISO, you couldn't run the application until you burnt that ISO image to a CD -- at that point, your files are once again visible.

Perhaps if you explain what you're trying to do? Please include as much detail as possible.

Desmond

[hektor]

The project include app .exe html,pgf documents most of user's will run it on a virtual drive it's ok , but only things i want is at less hide the source folder , sure i do understand that is impossible to hide or protect the source folder from a hacker's , but only simple hide this folders will be enought for me , how I can did it ?

[Desmond]

What about if you publish to a single-file executable? How large are your source files?

[hektor]

well executable is also good idea , 1 project is a 151mb second one will be nearly 700mb and am still workin on it .

[wasim21k]

well guys i was working on one project how to protect your files.
bit lazy i hop i'll share that file soon.

[sside]

Talking about security, time ago i wrote a library (EncryptDecrypt.dll) to protect valuable files one doesn't want to be copied or share. I use different approach. I do not compress them, i just encrypt them using a very simple yet effective encryption mechanism. After the file is encrypted it is practically useless. The file will retain the original file extension but if one attempts to open it with associated program it will be reported corrupted. My intentions were to encrypt image, audio and/or video files, yet one is not limited to these file extensions. The encryption decryption rates are 20 mb/sec (megabyte/sec) depending from the system. So for smaller files (image, mp3, etc) user will not notice anything. But at a certain point, in order to use the file it must be decrypted. Again if the file is decrypted at a "secret" location (temp or whatever folder) one can still maintain a higher level of security than usual.

I have written another library, which "keeps an eye" on a given file/folder (location) and logs unauthorized activity, So if one creates/writes/deletes to a certain file it will be logged, yet not prevented. It is up to you what to do if the event is risen.

These are different solutions for different scenarios to maintain certain level of security (higher than usual) on files and folders.

This is my input in such things, yet the half of the whole thing. If ir (indigorose team) decides to do the other half (in certain subjects), we can achieve a bullet proof security.

Example:
If image object were to load an image from base64 string (very easy to develop such functionality) an photo, image etc "wouldn't touch the ground" to be first saved as (decrypted) file and then load in an image object.
That would be also my suggestion:

Image.LoadFromBase64String.

So, here you have the images covered. And there we take it at the next level.

Note: EncryptDecrypt.dll does not "encrypt" to base64. I just choose different approach.

With Kind Regards
sside

[seeena]

Well sside post is interesting, but I cant use his method, because my concern is mostly with large files (such as video, mostly over 200 mb), so what I did was to present my program on a cd (or dvd) to the end user, I made my cd half audio and half data, my source folders are written through audio channel and my .exe through normal data channel.

So the users cant see my source folders, I also have "locked" my cd, using dummy audio tracks and some other methods so if in any case they see my source files, it cant be copied from cd/dvd only could be read from it.

Although I also believe that if a user is really concerned to get your source files, HE COULD ! but it would be just hard (or so hard some times), on the other hand, we mostly develop for ordinary ppl who are not so interested in spending hours writing a program to decipher the source file or track them back to temp folder or crack the cd !!

[heuer]

Desmond, in your sample Secure your source files I have tried to use it for a video file but no luck. Do you have a sample with out the list box, single file?

Kind regards
CJ

[rexzooly]

Desmond hi

just a little question what about hard drive run apps isn't there away to make a new fold for the file to be run from on runtime what the end user would find harder to to find and also make the app take full contral of the files so how its
running stop other apps from using it?

i know this is not full proth ever but they would have to know the names
of the files before they could even find the files to steal them if they was in a custom run place and even to fool them have dumby crypted files in the main temps.

do you think this would be possable?