View Full Version : Web image protection

Witold Grabiec
19-Nov-2003, 17:52
I'm looking into web image protection options. Does anyone have experience with anything that's simple and works (outside of watermarking)?

For example I came across this site:


You cannot display image properties, instead you get a warning message. This is the first time I've seen something like it. Is anyone aware of what Guarionex is using?

Paul Kierstead
19-Nov-2003, 18:24
On my system (Safari on Mac OS X) I can do anything I want with his images. Whatever "protection" he has doesn't work on this system.

Basically, the absolutely best you can do is inconvenience someone from taking the image. When it comes right down to it, if they can display it, they can copy it. In the simplest case, they can copy the windows to the clipboard and use that (alt-printscreen on a windows box).

Protecting web images is essentially a hopeless cause.

Witold Grabiec
19-Nov-2003, 18:40
Thanks Paul. I am indeed a windowneer so it's good to know MAC is not affected by whatever it is he's got (something that will not swing me towards buying one anyway). I am not too concerned with screen printing, but rather with hiding the image path. I am in a slow process of digitising myself for the purpose of playing the web more adequately.

Michael Chmilar
19-Nov-2003, 18:52
Using Mozilla, I can see the properties (including path), save the image, etc.

He is probably using some script that only works with Internet Explorer. If you are unfortunate enough to be using Internet Explorer, there is probably an option somewhere in that browser to turn off the scripting or plugin that his method relies on. Then, it is open season.

In short, as Paul said, there is no way to truly protect the images. The best you can hope to do is thwart the casual user.

Most photographers just post smallish images, so they are not useful for printing.

David A. Goldfarb
19-Nov-2003, 19:22
Yeah, I could also download in Windows in Netscape 7 from that site. The Java popup is just an annoyance. If you can display the image, you can take it, either from the browser cache or using a screen capture program. I just post small images with a copyright bar. Use of the image without the bar is evidence of theft.

Ellis Vener
19-Nov-2003, 20:01
All of this concern about image security can be both necessary and absurd and sometimes both atthe same time. You need to be prepared for the worse case scenario and yet still be user friendly. As with all security systems in the real and virtual worlds none are foolproof but the idea is to discourage all but the most determined thief. it can be hard to know the line where sanity stops and self defeating paranoia begins.

One way to protect your images is to split it into several irregular sections so they can't just once to grab the whole iamge at once. each section should have embedded a slightly visible watermark. All iamges should have a watermark like "ęDavid Goldfarb" So that if someone does grab it they know where it came from. Another strategy is to keep the size and resolution sall enogh that a theif couldn't really do anything significant with it.

Seth Resnick at www.sethresnick.com employs a multi-layer approach to security starting with registration and a clear statement of ownership and how to contact for licensing info. his second layer of defense is a layered GIF approach s o that when someone trys a simple grab of one of his images al lthey get is the nearly transparent upper layer that once again tells you how to reach him to licence the image.

Alan Davenport
20-Nov-2003, 00:24
He's using a javascript that detects a right-button mouse click and responds as you've seen. If you disable scripts on your browser, you can right-click and save to your heart's content. As someone mentioned, if it can be seen, it can be saved. If you post it on a web page, it is up for grabs and, moreover, it most likely will be grabbed by someone, somewhere. It might even end up on someone else's web page. I once posted a cool sound file (WAV) that I had taken from a videotape I shot. Every now and then I do a web search to see how many different sites have it, and generally find it all over the place. Is it worth my time, effort and money to pursue copyright violators? In this case, probably not. Welcome to the internet.

Paul Kierstead
20-Nov-2003, 05:48
I am not too concerned with screen printing, but rather with hiding the image path

Well, that pretty much falls into the same category, although it is doable in a sense. If you really, really wanted to do this, you have the web page be a server-side script and the fetching of images a server-side script and the URL for the image would be random and time dependent. In this manner, the URL of the image could be seen, but it would only be valid for a short period (say 5 or 10 minutes). You would have to overlap periods a little so web pages wouldn't break part-way through.

This would work but be a major pain to do as well as probably difficult to get right so that it had no adverse effect on regular visitors. I wouldn't recommend it unless you really really want to accomplish your task, especially seeing people could just copy the image and send it to somewhere anyway.

Another technique might be to code the server (again, scripted on the server side) so that attempting to fetch an image where the referrer was not your own web page did not allow it to be shown; this prevents the image from being embedded in another web page. This is what pbase does, for example.

Frank Petronio
20-Nov-2003, 08:30
Anyone can get around these schemes by simply grabbing a screenshot, so it is all pointless and wasted effort. If you are going to put your images online then you have to be prepared to accept that someone might abuse them. But it is extremely unlikely and rare for that to happen. A good way to check to see if your images are being appropriated is to do a Google image search (it is not a absolute check, but it will catch the idiots that link to your server or are too stupid to rename the image file.)

There is nothing worse than having to register or to be confronted by a huge copyright statement upon entering a photographer's website. As a designer I am immediately turned off because I know the guy is going to be a huge PITA and an anal retentive jerk. And I am entirely sympathetic to the photographer's situation, having been a past ASMP board memeber and a long time photographer. It is more than sufficient to simply put a small copyright notice at the bottom of the page (each page.)

I wouldn't worry about it. In fact the last time I redesigned my website I made my images larger so that people could see them better. I have friends who keep their professional images to only 300 pixels on their websites - they are pitifully small to look at.

Consider the marketing value versus the danger. If some jerk rips off your image, what is the damage to you? If they use it widely and successfully, you have a profitable lawsuit on your hands. That's not a bad thing, really. But in most cases, the thiefs will use your picture in some lame, amateurish website that hardly anybody will see. On the other hand, the value of having beautiful and largish pictures on your website may actually help you get good jobs and inspire people, etc. I'd opt for big, lush photos and not worry about a few jerks.

Witold Grabiec
20-Nov-2003, 08:44
Thanks guys. All points well taken. Up until now I thought of lower resolution being the easiest. Frank brings up a good point, although I believe in non-use if permission not granted. The only time I'd have no problem is when proper credit is given.

20-Nov-2003, 10:27
Why do you want to hide the image path? Are you worried about people hotlinking to your images from outside sites (either from the attribution or bandwidth leech perspectives)? If so, there are a number of server-side tools that can make it much more difficult (although probably not impossible) to prevent people linking to images from outside your site. If your webserver is running Apache, you can use the following trick:


Every time a web browser makes a request to the server for an object (page, image, whatever), it sends a little bit of information detailing what page referred it to that new object. The code above checks to make sure that the person was referred by an internal page (rather than by some hotlinking jerk), and either displays the correct image or an alternate "no hotlinking" version.


Tony Roberts
2-Feb-2004, 17:26
I'm with Frank on this one. Posting images on the web is promotional and the more that see them and even download the better. The missus loves to spider really egregious illegal uses and she's getting real good at it, but we actually approve of casual use.

But if you want to get tough, Digimarc ($$$) is one good way to keep on top of image use; it's what Corbis and Getty use. Here's their link http://www.digimarc.com/default.asp It won't prevent use, but you can spider usage. There's a digimarc plug-in for Photoshop which will ease the embedding process.

But we actually favor the ultimate idea which is to produce a subscription site, say $8-10/year, wherein subscribers would get to download a selection of A4 sized jpegs. We're even going to show them how to download, what paper to buy, how to get get their color inkjets to print them, etc.

For a terrific example, you might want to wander over to Jacquie Lawson's site www.jacquielawson.com. She's making a bundle creating animated cards that can be posted directly to friends and family. Our variation on this idea is somewhat different and I'm talking with a co-designer now to work out the details.