 |  |  | |  | Products -> Flashguard Flash Security Flash Security -> Features |  |
 | |
| |
FLASH PROTECTION FAQS - FLASH DRM FOR SWF FILES
How does Flashguard Flash Security differ from straight file encryption products?
Whilst file encryption products information protection whilst it is in transit or when stored on disk, they do not provide protection for the entire lifecycle of the information in a file. Once a file reaches a recipient, the protection is lost (the recipient decrypts the file), and the file can be forwarded, copied and viewed by unauthorized recipients. In addition, encryption products do not provide DRM controls over file access rights - what a user can or cannot do with the file (print control, etc.) or file expiry.
Flashguard Flash Security dynamically protects flash files inside and outside the network, online and offline, with strong encryption and DRM controls (expiry and access rights), to provide persistent end-to-end protection throughout a flash file's lifecycle.
How does Flashguard Flash Security differ from flash encryption / obfuscation products?
There are a lot of flash security products on the market that claim to protect your flash source code from being stolen and the displayed content from being copied.
Put simply, obfuscation products do not work. There are hundreds of programs available on the Internet that can turn a SWF file back to a FLA project - for example, SWF Decompiler. Even if the code is obfuscated, they work just fine: the FLA file can be opened with Adobe flash editor and it can be edited. Additional security features that lock your flash files to a specific domain can then be easily removed.
Also, because these products alter your source code by changing how they are structured and programmed, they often introduce bugs into your flash files making them not function correctly. This is because your SWF files are NOT encrypted at all, the content and structure of them is just changed. See the Adobe Flash forum on flash obfuscation and SWFs not working.
For products that claim to protect the displayed content, the unprotected SWF files can be easily recovered from your Internet files temporary cache area. This is because all browsers download content from the web into a local cache before displaying it to the user.
Flashguard Flash Security completely encrypts the source code preventing programs decompiling your SWF files to FLA files. Content is only ever decrypted in memory and your nested scripts, objects, images, and animation are fully secured at all times. Your source code is never altered in structure or programming terms.
In addition, Flashguard Flash Security Flash DRM controls control who can view your flash files, how long or how many times they can be viewed, and whether printing is allowed. It also stops screenshots of your secure flash files from being taken.
Does Flashguard Flash Security deliver the decryption key as part of the secure SWF file?
Absolutely not. Decryption keys are only ever delivered to authorized users via a secure mechanism and stored encrypted in a keystore that is locked to individual users computers.
How secure is Flashguard Flash Security?
Flashguard Flash Security uses US Government strength encryption - the AES algorithm at it's strongest strength, 256 bit. It would currently take todays fastest computer approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. Even with expected future advances in technology, AES has the potential to remain secure well beyond twenty years.
In addition, we don't use third party plug-ins to control your protected flash files. This ensures we are not open to weaknesses in the published APIs or security holes in third party applications and cannot be compromised by the inadequacies of other plugins that could be loaded.
Protected flash content is only decrypted for viewing in a secure, controlled environment, and is never made accessible unprotected so DRM controls are always enforced. If a customer does not have a license they cannot view your secure flash files.
Is your application open to password attacks?
No. The keys required to decrypt protected flash files are stored encrypted on the user's computer. There are no passwords to enter and therefore the system is not open to compromise or password attacks. An attacker is faced with a brute force attack of such a significant difficulty that they would need more than 20 years to gain access to a single product. It would be cheaper and quicker for them to photograph every viewable screen of your protected flash content.
There are no passwords for users to enter, manage, forget or pass on to others.
Do I have to upload my SWF files to your web server to protect them?
Absolutely not. We would strongly advise against using any system that employed this approach. With Flashguard Flash Security, you secure flash files on your local computer, so that they are not exposed to any potential compromise in their unprotected form on a web server or whilst being transferred.
Do you host my DRM protected flash files on your server?
No. You host them on your server, web site or network, or you can send them by email just like any other file.
For both security and legal liability reasons we never have access to either your unprotected or protected files. In a professional environment that should not be a requirement and we recommend that you obtain legally enforceable indemnity where a supplier insists that they have access to your IPR at any time.
What we host is the licensing system where you can issue users with licenses and control who can access your protected flash files. We never see either your unprotected files or the protected ones – they remain in your control at all times.
Where can I publish my protected flash files?
You can publish your secure flash files to your web site, on CD-ROM, memory stick, or send them it by email just like any other files. Users/customers need to download our FREE Secure Flash Player to view them.
Can users distribute my DRM protected flash files to others?
No. They can send other people your secure flash files but other users will not be able to view them unless they have purchased a license and registered with you. For this reason, protected flash files can be freely copied and distributed, emailed or published on the Internet without any unauthorized individual being able to access them.
In addition, even existing users/customers cannot necessarily view your secure flash files. You decide which users have access to your protected flash files.
You can assign flash files to publications for simpler management so specific users can view all flash files assigned to a particular publication (all flash files in that publication are encrypted using the same key) or you can publish flash files on their own (where each flash file is encrypted using an unique key). If users have not been licensed with the correct keys then they cannot view your secure flash files.
Do users have to be connected to the Internet in order to view my protected flash files?
No. You can allow secure flash files to be viewed off-line.
All DRM controls (preventing copying, printing, etc.) are retained within each file and therefore no Internet connection is required to enforce controls. Be aware that an initial connection to the Internet is required to validate the user license and to obtain the appropriate decryption key(s) when users view your secure flash files for the first time.
Be aware that if users do not have to connect to the administration server to verify their license details you cannot impose changes to your DRM controls.
Is there a limit to the number of flash files I can protect or users that can view my DRM protected flash files?
No. You can protect as many flash files as you want at no extra charge. There is no limit on the number of users/customers you can add to the system, and the Secure Flash Player they download to view your secure flash files is totally free of charge.
Can I tell unauthorized people where to buy a license from automatically?
Yes. When you protect flash files you can add a free format text message to it. You might want to enter information on how to purchase if you are selling products or give details on contacting your administrator if the system is used for internal information control.
This text is shown when a customer opens unlicensed flash files. The text is also visible at the top of each DRM protected flash file and is visible if they try to open your protected flash files with a text editor or a similar application such as Notepad or MS-Word.
Can users change my DRM security settings?
No. Once security settings have been applied to your flash files they cannot be changed by anyone except yourself. The settings become part of each DRM protected file and remain in force at all times, even when your customers are viewing your protected flash files off-line (i.e. they are not connected to the Internet and server controls do not apply).
If you as the publisher want to issue the same flash files with different security settings (copying, printing, etc.) then you just save and protect the flash files again with the new settings. You can then send these newly protected flash fiiles to your customers.
How can I control flash expiration and revocation once flash files have been published?
Post publication content control is maintained through the use of expiry dates and the ability to revoke access to files or a user. For example, you can publish flash files that will expire in a month's time, so that users will not be able to view them once the expiration date has passed. Or, you can automatically revoke a user if they leave a project, department or company or fail to maintain payments for a subscription.
Note that you can only impose new controls if you require the user to verify their license with the administration server regularly.
Why would I want to set users to expire rather than protected flash files?
The system is flexible so you can do both.
You may want users to expire rather than flash files. This is because if a customer has subscribed to your service for a year then they are entitled to carry on viewing the flash files they have purchased after their subscription has expired. The administration system prevents them from viewing protected flash files with dates outside their subscription period.
On the other hand, you may want to issue your customers or prospects with time sensitive trials or samples of your flash files because you do not want them to carry on viewing protected flash files that have passed their expiration date. In this case once the expiry date has been reached the protected flash is no longer viewable unless they purchase a full copy from you.
We want to give prospects / customers free 30 day trials of our secure flash files. Is this possible?
Yes. When you protect flash files you can specify how long it will be before they expire - e.g. 30 days, 1 year, etc. When a user registers they can then view your DRM protected flash files for the time period you have allocated. Once this time period is reached either the secure flash will expire (if the flash file expires, it can no longer be viewed) and they will need to come back to you for a license to continue viewing your secure flash files.
You can also set user accounts to expire (say after a 30 day period). The difference here is that any secure flash files published during their subscription period (with end dates after their subscription expires) that you have authorized them to view can still be viewed after their subscription period has expired - they just won't be able to view any secure flash files published before or after their subscription period unless they come back to you for a license.
So to summarize you can either expire secure flash files (and they are no longer viewable once they expire) or you can expire users (and they can continue to view the protected flash files that they were authorized to view during their subscription period). Of course, if you have forced users to connect to the administration server before they can view your protected flash files then you can instantly suspend their account and this prevents them from viewing your secure flash files.
Please remember that for these controls to be effective you must require the user to verify their license regularly with the administration server.
I sell training courses and want customer records to be automatically created on the Administration system so that there is no delay in customers receiving their license emails after purchase. How can this be achieved?
You need to purchase our eCommerce integration module to achieve this. The system integrates with your existing eCommerce or shopping cart system and works by acting on HTTP PUT commands sent to the LockLizard licensing server. This creates the customer account and specifies what publications and or secure flash files they are allowed to access.
Can I add existing users to future protected flash files or publications?
Yes. It is a simple matter of assigning the new secure flash files or publications to existing users.
What software do my customers need on their computers in order to view my protected flash files?
They need to download our FREE Secure Flash Player to view them. The secure flash player software can be freely distributed and published on your own web site if you wish to offer your customers that facility.
In addition, you need to set users up with an account on the administration / licensing server so it can email them their license file. The registration of the license gives them access to the protected flash files you have licensed them to use.
What happens when my customers change or update their computers?
Upgrading Computers
Flashguard Flash Security can be re-installed on the same computer without you having to issue users with additional licenses. When a user re-registers with their license, the flash security player checks with the administration server to see if it is the same computer the software was originally registered on, and if so, lets the license be re-used. So if users upgrade their operating system they can re-install the Secure Flash Player software and continue using your protected flash files as before.
Changing Computers
If your users change computers then you will need to allocate them an additional license so they can install the secure flash player software and register with you again. Additional licenses can be added to an existing user account.
| |
| |  | |  |
Home | Products | Purchase | Downloads | Education | Compliance | Our Customers | About Us | News | Support | Articles  Privacy Policy SITE MAP
|
