Legacy ImageMagick Discussions Archive

First, developers, thank you for developing and supporting such an amazing tool for Linux and Unix over
the years.

For a while now I have been horrified at the terms of service of many web companies, social networking
included. Specifically, when a person uploads a picture to a social networking site, the site operator claims
the right to use that picture in any way. I would like to offer a solution to this, which uses the DMCA
as protection. If image data use any encryption, however basic, then it would be illegal under the DMCA
to reverse engineer the encryption scheme to gain access to the content.

As an example, let's say I want to upload a picture, but I don't want social networking sites to have use
of it. I would:

convert -key foo SOURCE.jpg TOUPLOAD.jpg

If I:

display TOUPLOAD.jpg

I would see a JPEG that does not make sense. However, if I:

display -key foo TOUPLOAD.jpg

then it would render correctly. The trick would be to get web browsers to be able to detect scrambled images
(through EXIF perhaps) and prompt for a key. Until then, it would be a manual process.

If it has merit, is this something that could easily be done?

See encrypting images...
http://www.imagemagick.org/Usage/transform/#encipher

It is however ImageMagick specific, does not work for JPEG, GIF or palette PNG, as the pixel data is encrypted, not the file format, and it is important that the pixel data remains unaffected by a save-read cycle.

I have no idea how DMCA encryption works, so I can't help you there.

Thanks Anthony. I should have known this was documented already. I was looking
for encrypt, when encipher/decipher was there all along. I just tested it with PNG,
and it works perfectly. I'll post in the users board first next time.

As for the DMCA, this is a recent Copyright Law in the U.S. that prohibits reverse-engineering
of encryption. Now that I can encipher PNG files, they are effectively protected under the
DMCA from 3rd parties (and their unconscionable terms of use contracts). Nice!

Now, if we can get MozDev plugin to decipher enciphered PNG files, then the game of social
networking may yet start to tilt in favor of the user (unless, of course, they are a JPG only shop).

If you are wanting to just store files (images or otherwise) so thay are safe in remote 'cloud' file stores like "dropbox" I would look at "encfs" (for linux) and its windows equivalent BoxCryptor

EncFS - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/EncFS

BoxCryptor -- EncFS for Windows
http://www.boxcryptor.com/index.html

These create a 'decrypted directory' in which anything you put is mapped to an encrypted directory. That directory could be local, on a USB stick, or a cloud file service. The encrypted part are just 'normal files' (file name is encrypted too) that can be stored anywhere.

I use it quite a lot for large amounts of sensitive data (in lots of files) including images, PDF's, bank spreadsheets, and so on.

anthony wrote:If you are wanting to just store files (images or otherwise) so thay are safe in remote 'cloud' file stores like "dropbox" I would look at "encfs" (for linux) and its windows equivalent BoxCryptor

thanks for sharing! I'll definitely do that.


baie acai