I am working on a cordova android application which will display images and videos.I have the images and videos in the assets folder.I want to protect my resources.I don't want anyone to copy the resources.I have googled for the same and didn't get any proper solution.How to protect files in assets?
Is there any way to encrypt and store videos in assets folder and decrypt it during run time?
My video files will be maximum of 10 MB each file and there are 50 videos in the whole application.
You can definitely do this with DRM - it won't stop someone copying the video files, but as they are encrypted they will not be able to play them back without the correct key.
The process is roughly:
your content is encrypted before it is streamed or downloaded
when the user wants to playback the content the app must request a key for the content from owner of the content or the 'rights authority' (a service which handles keys for content)
The DRM system on the device will securely encrypt the content and play it back using the key it obtained. The video will not be stored in clear format at any point.
Native Android DRM is explained here:
http://developer.android.com/reference/android/drm/package-summary.html
To use this with cordova I think you will have to create a Native plugin - I could not see any cordova DRM API. Alternatively, if you are able to stream the content using the new MPEG DASH format, then you could use a HTML5 video player which supports DRM, such as BitDASH (https://www.dash-player.com).
You need to be aware that all DRM and encryption systems are really just hurdles that make it harder to copy content - at the end of the day if you have a very high quality display and a very high quality camera to record the display, then no DRM protection will save you.
Related
How would we go about getting a video from google cloud storage and streaming that video to a mobile device?
I dont see anything related to videos in the Java API like there is for getting images with ImagesServiceFactory
The videos are only going to be a maximum of 10-15 seconds long if that makes any difference.
Any advice on how to proceed here would be great
There is no difference between streaming a video and downloading any other file from the Cloud Storage. Thus, no special video API.
If the files are not public, you need a servlet that will read the content of the video from Cloud Storage and stream it to the client. Note that you cannot run it on App Engine or managed VM as they do not support file streaming and the request size is limited to 32MB.
Your best option is to run this on a Compute Engine instance:
Bandwidth between Compute Engine and Cloud Storage is free.
Authentication is simple.
Alternatively, you may use a signed URL for your video files. This saves you from developing/deploying a separate Compute Engine instance just for the streaming purposes - signed URLs can be returned by your existing backend.
I want to play encrypted video files present on my device after decrypting them. I want to pre-process the data-stream and parallel play it using videoview like streaming video from Internet.
Is there any way I could buffer the processed data to videoview like a network stream ?
I think you are saying that you want to decrypt the video in one process and then pass the decrypted 'clear stream' video to another process to play it?
If the video is DRM protected, then your use case is very unlikely to be supported by any of the leading DRM solutions - they go to great lengths to ensure the clear stream video is not accessible by an application on the device (for obvious reasons).
If you are using or a simple encryption with the encryption key available to your application then you should be able to do this.
Update
Answering BMvit's question in the comment - one way is to follow these steps:
Stream the encrypted file from the server as usual, 'chunk by chunk'
On your Android device, read from the stream and decrypt each chunk as it is received
Using a localhost http server on your Android device, now 'serve' the decrypted chunks to the MediaPlayer (the media player should be set up to use a URL pointing at your localhost http server)
I am guessing this is the most likely the approach that the libMedia library uses, although I have never seen the source so I could not say for sure: http://libeasy.alwaysdata.net
It is worth being aware that this is tricky (which is probably why LibMedia is not free).
I have an app I am developing that needs to include about 55MB of audio (mp3s) these are short files and about 1000 in total. Bundling these in the apps assets makes the compiled apkabout 60MB.
I want to upload this app to the play store but of cause its to big as it it.
So my questions is, before I start working on using the APK Expansion File system is there anyway I could compress the audio files so the apk fits in under the 50MB limit?
The audios current bit rate is 128kbps
I guess Its better if you can make a player for stream the audio from the internet just like youtube does for their android application to play video files on android phone.
Additionally you can give option to the user to select save the audio for next time play without internet download.
I think this is a good question and +1 from me
I searched through a lot of questions on SO but I can't find the answer, that's why I ask the following question:
An Android app should be able to play an encrypted video file (stored on the SD card and retrieved from a webserver).
The file has to be stored on the SD card so that the app can play the video file without having an active internet connection.
Because the video files may not be copied, the plan is to encrypt them server side when uploading the files to a webserver.
What is the best option?
1) I have seen suggestions for running a local webserver which decrypts the file (and how to do this?)
2) or should we decrypt the file, save it as a temporary file and set this temporary file as the source for the videoplayer?
3) something completely different?
You are trying to implement a DRM scheme, and a naive one at that. Look into DRM schemes and report back if you cannot implement the impossible. All you can hope for is obfuscation, and there are plenty of ways of doing that (none of them are secure of course).
What you need is DRM. Digital Rights Management (DRM) controls the access to your digital content such as video. Firstly, you need to encrypt the video with an encryption video like AES-128. Then with the use of DRM play in exoplayer. Exoplayer has DRM support. you can check here. https://exoplayer.dev/drm.html
You will expose the user to a waiting time if you choose to decrypt a entire big video beforehand. As of the security, you can guess it's a poor idea to have the contents in clear in a file, even temporary. The local webserver is a better choice because it's a streaming method, so without file storage. There is no class for an http server in the SDK, you have to implement your own one, otherwise look for an existing library similar to LocalSingleHttpServer.
Im presently working on an android application which will allow the user to download video and audio content from a server and play them on the phone of the end user.
What I'm trying to do is to secure the audio and video. The files should not be accessible to other applications and the user must not be able to take them off the device and use them.
This is a shot in the dark but can i do this by storing the videos in theSQLLite database as blobs.
And also is it possible to play the videos in android if they are stored as blobs.
I wouldn't use blobs, they are only performant if the binary-files are 256KB or less.
I guess the only way to make the videos secure so the user can't use them is to stream them down from you'r server and deleting the buffer when the Application closes.
On a rootet Device, you have access to every directory, so you can't save the videos on the SDcard or the Phone-Memory.