no8fear / jsc3d

Automatically exported from code.google.com/p/jsc3d
0 stars 0 forks source link

Prevent the uses to download our 3D objects #124

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
It is quite easy a normal user find out the path to the files (Mesh, materials, 
textures) and downloading from the web. How can we prevent that? I have tried 
to use tools like http://www.javascriptobfuscator.com/ but it didn't work as 
expected. Do you know how to do it?

Original issue reported on code.google.com by jjber...@gmail.com on 7 Nov 2014 at 6:33

GoogleCodeExporter commented 9 years ago
Generally, you cannot completely avoid that but raise the difficulty for misuse 
of your data, due to the open nature of the web.

It's recommended to design your own private data format and write a tool to 
convert common obj or stl models to it. Then, as Jsc3d is friendly for 
extension, just write your own loader implementation to load and parse these 
files. To enhance the protection, the loader implementation code should be 
enscrypted via a professional obfuscator.

A practical protection solution I have applied in a paid commercial project 
with Jsc3d is like these:

1. Pack the original obj files into archives which are compressed and 
enscrypted.
2. Implement a new loader class to read in the model files. Though the 
compression/decompression algorithm is almost public, a private key must be 
provided to parse such encrypted data correctly.
3. A powerful obfuscating tool JScrambler is engaged to encrypt the loader 
implementation it self. 

The result is satisfactory. Though it is not likely to fight back a 
super-skilled cracker who would like to pay hours on it, it does protect the 
models from unauthorized use for common users.

Original comment by Humu2...@gmail.com on 8 Nov 2014 at 5:01

GoogleCodeExporter commented 9 years ago
Thanks for your help.

I haver no idea on how to design my own data format and write a conversion 
tool, but it seems the compression and encryption for the OBJ file should be, 
as you say, satisfactory enough.

I nearly have lost any knowledge i had about programming, so if you could help 
me on where I could get the code, and the compression/decompression algorithm I 
would really appreciate it. 
I will investigate JScrambler as you suggest to obfuscate the final code. 

Thanks a lot for your help, It's frustrating to see no advance at all after so 
many hours of investigation/learning,. You saved me a lot of time. 

Juanjo
jjberrio@gmail.com

Original comment by jjber...@gmail.com on 8 Nov 2014 at 3:06

GoogleCodeExporter commented 9 years ago
The decompression library I used in the mentioned project is 
https://github.com/Stuk/jszip, which is capable to process encrypted zip 
archives and released as open source in dual licenses.  As for the tool to 
generate the archives, either zip or 7z is ok.

JScrambler works excellently for code protection. I suggest you only obfuscate 
the loader implementation rather than the whole library. Otherwise, there would 
be an obvious decline of the runtime performance.

Original comment by Humu2...@gmail.com on 9 Nov 2014 at 2:57

GoogleCodeExporter commented 9 years ago
Thanks a lot !!!

I'll start with it right now.

Original comment by jjber...@gmail.com on 9 Nov 2014 at 8:30