1

Hello I am developing a Mac Os X application that, among other things, plays some video from its resources in a AVPlayerView. What should I use for encrypting the content so it cannot be stolen from resources ?

Thanks

Alfonso Tesauro
  • 1,730
  • 13
  • 21
  • what format is the video in? – Michael Dautermann Apr 21 '16 at 23:15
  • It is normal mp4 but I can convert it to any format suitable to be played by AVFoundation ! Thanks for your interest ! – Alfonso Tesauro Apr 21 '16 at 23:15
  • I have to ask - do you really need to do this? In a sense you have already given the video to the user because it's part of the app. The only thing you might achieve is stopping them from pulling your app apart and using it somewhere else. Very few would bother with this. If your video is that important, why bundle it with the app in the first place? On a more practical note. You will also have to investigate whether you will need to decrypt the whole video file before playing. This is likely to have significant memory and performance issues which may kill the whole idea. – drekka Apr 22 '16 at 00:03
  • I plan to distribute the courses apps on the Mac App Store. The videos represent a lot of the value of the app and if they circulate I will lose Mac App Store earnings – Alfonso Tesauro Apr 22 '16 at 00:04
  • This is not solvable in any absolute sense. If you're looking for a simple method that will make it somewhat difficult for unskilled attackers to remove the videos, almost anything you can dream up will be sufficient for that. If you want something more serious, you will need to pay security professionals or license software to help you on an ongoing basis (and it still won't be effective; it just might not be instantly defeated). Recommendations of specific products is off-topic on Stack Overflow, however. For a longer discussion and links, see http://stackoverflow.com/a/9183066/97337. – Rob Napier Apr 22 '16 at 02:31

1 Answers1

1

You really can't protect the content perfectly. But you can do some simple things to ward off the casual hacker who's semi-technical from ripping your content.

One easy solution is to encrypt the mp4 files with a modern crypto library (e.g. AES) and embedded key. Then run an http server on localhost to read from the resource stream and stream. That should handle the 99% case. But a determined hacker who's willing to spend additional amount of time to reverse engineer your app might be able to find the key and get the original video bytes.

selbie
  • 100,020
  • 15
  • 103
  • 173