Activ E-Book and Temp Directory
|
| Storyman
|
One thing that I appreciate about Activ E-Book is how it permits javascript to be used. In order to allow this functionality it needs to create a temp directory, which it deletes when the user closes the ebook. My question is how secure are the files in the temp directory when the e-book is open? Let's say that a user has free access to the first three chapters, then is expected to pay for the remainder of the book. Is it possible for a non-paying user to snoop around in the temp directory while the e-book is open and read the chapters that he is supposed to pay to read? Or are the locked pages somehow encrypted so even if he was able to locate the files he would be unable to read them? Thanks for your help.
|
Posted on: 6:42 am on April 19, 2004
|
|
| EBookCompiler
|
There are quite a few variations 4.0x and earlier:
- The HTML pages the user is permitted to see will be there
- The HTML pages the user is not permitted to see will be only contain the same info as "This page is password protected" type page
4.2x and later - depends on HTML Protection in Advanced Security
Low Security setting - same as 4.0x and earlier High Security setting - the HTML pages in the temp folder are encoded, differently each time. So they won't be able to be viewed in a browser.
|
Posted on: 3:29 pm on April 20, 2004
|
|
| Storyman
|
Thanks for the reply. Just to be sure I've got a handle on this. Every time the e-book is opened and the security setting is set to high the files are stored in a temp directory with an unique encoding each time. What advantage is there to using a low security setting? Is there a noticeable performance hit when using the high security setting due to the extra cycles required to encode/decode the material? Richard
|
Posted on: 7:00 pm on April 20, 2004
|
|
| EBookCompiler
|
yes I think your understanding is right I have never noticed any speed difference between High and Low Security. The Low Security option is supported because some people write scripts etc., which depend on there being HTML files
|
Posted on: 7:57 pm on April 21, 2004
|
|
| Storyman
|
Whoa, now I'm confused. You wrote: "The Low Security option is supported because some people write scripts etc., which depend on there being HTML files." Please explain what you mean by scripts that depend on HTML files. I'll be using HTML extensively and most likely it will be set within Frames. Is this going to be a problem if I use the higher security setting? What sort of things am I prevented from doing if I use HTML?
|
Posted on: 9:51 pm on April 21, 2004
|
|
| EBookCompiler
|
Nearly always High Security is not a problem Some people write scripts which depend on their being an actual unencrypted HTML file on the disk. For example using the ebookcompiler API or scripts, you can actually open a file and read it into memory or something Another case where you might want Low Security if you want to open one of your ebook pages outside of the ebook into a separate external Internet Explorer browser window. Internet Explorer doesn't know about our High Security option, so in this, you need to use Low Security
|
Posted on: 8:43 am on April 22, 2004
|
|
| Storyman
|
I've got to say that your support for Activ e-Book is phenomenal and greatly appreciated. Thanks again, Richard
|
Posted on: 8:53 am on April 22, 2004
|
|
| paulg
|
Although the html gets encrypted, there could be other embedded files such as images or multimedia files that one might wish to protect. Using the {ebook} variable in ActivScript, it is possible to locate and over-write these files with null data when the e-book is exited, (is there a better way - ie is there a delete method?**) but I'm also trying to find a way of decrypting a non-html file 'on the fly' when the page that references it is activated. Anyone got any ideas?
** I've just discovered that 4.22 tidies up after itself and deletes the temp files anyway!
(Edited by paulg at 11:21 am on May 15, 2004)
|
Posted on: 11:02 am on May 15, 2004
|
|
| bigbook
|
I include an XLS file in my ebook. While the HTML files are encrypted in the temp directory, this file is not. Anyone who opens my book can get my XLS file without paying. How can I protect my XLS file?
|
Posted on: 9:15 pm on January 22, 2005
|
|
| paulg
|
I too have an xls file associated with my ebook. I use VBA to check that the password for the ebook has been entered, only then it can run. I also embed a 'self destruct' code so that if a user wants a refund for any reason, he has to apply a routine that sets a series of hidden flags that the VBA checks - once these are set, it returns a validation code so that I know the refund is safe and the program won't work any more. Such is the power of Activ!
|
Posted on: 12:07 am on January 23, 2005
|
|
| bigbook
|
That's great. But I also have some other files, like PPT, DOC and Microsoft Project. You post has given me hope.
|
Posted on: 12:10 am on January 23, 2005
|
|
| Storyman
|
PaulG, Is there any chance that you'll be selling your VBA coding?
|
Posted on: 12:13 am on January 23, 2005
|
|
| paulg
|
If it's MS Office based, then VBA can be used to test the variables that Activ sets, together with any custom cookie-like settings that are made using Activ script. It's not foolproof by any stretch of the imagination, but it will be OK for 99% of the time. I don't want to publish exactly how I have done it, but rest assured it aint rocket science! Feel free to contact me if you want to discuss in more detail.
|
Posted on: 12:47 am on January 23, 2005
|
|
