• This forum is the machine-generated translation of www.cad3d.it/forum1 - the Italian design community. Several terms are not translated correctly.

off topic? file protection from unwanted copies

  • Thread starter Thread starter lucacasa
  • Start date Start date
athlon said:
The first point is resolved first of all by limiting access only to authorized catches and, above all, by empowering them, if I am well in my company, it is very difficult to betray by selling information to the competitor.
Click to expand...
Yes, but in addition to restricting access, you must prevent data leaking...
athlon said:
The second point, however, is brilliantly solved by the "civetta data" , these data are integral data of the project but which constitute a unique "fingerprint".
...
I have no idea what to use in the cad world, some ideas that have come to mind are, for example, using the screws of a project, the project is created with cutting screws, at every access (automatically on the server) a cutting screw is replaced with a cross screw
or sharpen the extra pieces
Click to expand...
making changes to cad models doesn't seem healthy...

it would be better, for example, to create an application (integrated into the software cad and operating only on the business computers) than to save the data of the geometries cad, also save all data related to the last access in the company (as encrypted text within the file). of course, this data will have to be invisible to all computers (both internal and external) and you can only access it through another special software (maybe owned exclusively by the owner or manager).

of course this idea can also extend it to other types of files (pdf jpg doc etc...).
 
SOLID said:
Yes, but in addition to restricting access, you must prevent data leaking...



making changes to cad models doesn't seem healthy...

it would be better, for example, to create an application (integrated into the software cad and operating only on the business computers) than to save the data of the geometries cad, also save all data related to the last access in the company (as encrypted text within the file). of course, this data will have to be invisible to all computers (both internal and external) and you can only access it through another special software (maybe owned exclusively by the owner or manager).

of course this idea can also extend it to other types of files (pdf jpg doc etc...).
Click to expand...
There is a technique called "steganography", I don't think there are cads that integrate it, however you might think of making a standalone application that inserts in the file header (if there is) a hidden information.

If you want, I could also participate in writing such a software, but I have no data on writing the owners cad files.
 
athlon said:
I have no idea what to use in the cad world, some ideas that have come to mind are, for example, using the screws of a project, the project is created with cutting screws, at every access (automatically on the server) a cutting screw is replaced with a cross screw
Click to expand...
If you try to alter the patterns/signs, I think someone will come to visit you and bring you a big nodous club... :mad:
athlon said:
Oppura incurea dei pezzi in piu
Click to expand...
how did jacovitti, designing sausages or feet coming out of the ground? ? ?
:hahahah:
Fulvio Romano said:
There is a technique called "steganography", I don't think there are cads that integrate it, however you might think of making a standalone application that inserts in the file header (if there is) a hidden information.
Click to expand...
This would be more interesting. . .

But they are considerations to "close the gate when the pig has already left"
implies that you have to find out that the file came out and was "received" by the competitor, then you will use the "watermark" as a incriminating proof.
the real force is not to let out information, and this likes or not is almost impossible.
 
MBT said:
If you try to alter the patterns/signs, I think someone will come to visit you and bring you a big nodous club... :mad:



how did jacovitti, designing sausages or feet coming out of the ground? ? ?
:hahahah:


This would be more interesting. . .

But they are considerations to "close the gate when the pig has already left"
implies that you have to find out that the file came out and was "received" by the competitor, then you will use the "watermark" as a incriminating proof.
the real force is not to let out information, and this likes or not is almost impossible.
Click to expand...
in the aziendina of knowledge, it was not an escape of information, but of theft with dig. And I'm not paraphrasing!
 
steganography is a technique that works on files so the perfect integrity of bytes that make up a file is not fundamental, it works well on mp3 or images, but it is not the case with cad.

But the hidden headers to prove that the files you stole from me is not evil at all
 
zeigs said:
steganography is a technique that works on files so the perfect integrity of bytes that make up a file is not fundamental, it works well on mp3 or images, but it is not the case with cad.

But the hidden headers to prove that the files you stole from me is not evil at all
Click to expand...
The steganography proper is as you say. On the contrary, not all images, but only compression ones with loss, on a bmp does not go, the effect is noted.

I thought of applying the same technique in the header section of the files, so basically I don't go to change the content of the file, but only the section dedicated to comments. as it is however a hidden section, good law can consider itself "stegano". . .
 
the change of the headers is not steganography because it modifies the structure of the file by inserting the payload in a format other than the original file.

steganography would be to change non-significant pieces of a cad file, steganography should not be detectable to file analysis.

an added header file is detectable as a modified file ,
a file with 14 cut screws and 15 cross screws is not detectable as a modified file.

The disadvantage of steganography is precisely that it changes the original information, little by little, in an imperceptible way but the changes, the less significant bits of colors in the case of images, in the case of cad can be particular as the type of routes, the type of washers or other things (colors? ) (I do not know specifically the technical design) but 'to be steganography must be necessary for significant bits of the data in which you want to inoculate the information
 
athlon said:
The disadvantage of steganography is precisely that it changes the original information, little by little, in an imperceptible way but the changes, the less significant bits of colors in the case of images, in the case of cad can be particular as the type of routes, the type of washers or other things (colors? ) (I do not know specifically the technical design) but 'to be steganography must necessarily be significant bits of the data in which you want to inoculate the information
Click to expand...
Yes but once the information came out of the company how do you track the file? how do you avoid using that information?
perhaps it would be better to have encryption software that intervenes when opening and saving files on the company's computers, so that in case of leaking information this is not usable.
 
steganography is used to hide information in a file, for example, screws can be traced back to the exact version of the file and using the network log you see who opened that version of the file


to track a file (i.e. to realize that someone else is using it ) the silent cyvette incorporation is used.


an external resource is incorporated into the file (a logo, in image , a font) that aims at a public web resource, when the file is opened automatically, the program tries to access the external resource , this access attempt is recorded by the webserver (with a lot of user data)

you must use silent mode; a mode' ie' in which failover is automatic (if the program does not find the font uses one by default) so that if the file is opened on a PC without connectivity, error messages are not displayed
 
I don't agree that disabling all exits doesn't work.
I have been several times in the famous hammer company and it works them just like that.
When you qualify as a supplier, you need to record all the company data, people and pcs you want to use.
Once you do this, every time you show up in the concierge, just come in if someone comes for you.
Once you are in and go to technical offices, you realize that all workstations are without usb doors, they have no optical readers, they have no internet connection and have access to only one folder of the company network (which never contains "the project").

This is clear that if a high technical manager is in prey to the delirium, having a very high level of access, it can damage ingenious but, surely an interior designer or one lent by the many companies that sell designers a lot to the kg (there are at least 50) ... hardly carry away sensitive data.
 
maxopus said:
I don't agree that disabling all exits doesn't work.
I have been several times in the famous hammer company and it works them just like that.
When you qualify as a supplier, you need to record all the company data, people and pcs you want to use.
Once you do this, every time you show up in the concierge, just come in if someone comes for you.
Once you are in and go to technical offices, you realize that all workstations are without usb doors, they have no optical readers, they have no internet connection and have access to only one folder of the company network (which never contains "the project").

This is clear that if a high technical manager is in prey to the delirium, having a very high level of access, it can damage ingenious but, surely an interior designer or one lent by the many companies that sell designers a lot to the kg (there are at least 50) ... hardly carry away sensitive data.
Click to expand...
The technique you say is perfect. It solves the purpose. Nobody steals. but it has collateral damage like I said a few posts ago (http://www.cad3d.it/forum1/showpost.php?p=153502&postcount=13)

is equivalent to saying, since the condom is not 100% safe, as anti-inflammatory I use eviration...certo, so you are 100% safe, but...
 
Maybe there are...

you could write a software layer, whether it is a demon or a kernel extension that intercepts rescues. saves can be of two types, in the native format of the software or in neutral formats like dxf or pdf.

the demon intercepts the rescue and writes on disk always and only an executable. the executable contains a reader and at startup has two possibilities:
- if you find the resident demon, it means that it is a company pc, extracts the file in memory (not in a file) and passes it to the software that must read it
- if it does not find the demon, it means that it is an external pc, then it explicitly asks to connect to the internet, sends the data of the pc to a tracking server, and then extracts in memory (not in a file) the file. if there is a software that can read the format, launch it, otherwise use its own internal reader.

the executable file can also incorporate the original file, compressing it with password zip algorithms.

of course... even in this case a little elbow oil, a disassembler and a sniffer attached to the ram and the game is made
 
mmmhh. .

d: good, and if I launch the executable on a disposable pc, maybe from an internet connection at an airport (so the track remains but is useless), I open the file and save it in native format?
r: at least I have to make more effort

d:What if the executable should be used in a pc that does not have internet connection? What happens in many companies?
r: well...ehm....boh?
 

Forum statistics

Threads
44,997
Messages
339,767
Members
4
Latest member
ibt

Members online

No members online now.
Total: 1 (members: 0, guests: 1)
Back
Top