Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Bandwidth thieves 3

Status
Not open for further replies.
EdwardMartinIII

EdwardMartinIII

Technical User
Sep 17, 2002
1,655
US
I've read of it before and I occasionally encountered it in the past, but more than ever, I'm seeing people who inline graphics from my websites to their own websites or discussion boards and so on.

I obviously am charged for over-bandwidth, so I'm trying to put a halt to this.

Usually, I change image file names and that breaks things for a couple months, but then I see the bandwidth creeping up again, while the page hits stay steady. Once again, someone's stealing their images from my host.

Most of these, I'm chagrined to discover, are behind database and session calls, so I can't even use me Urchin statistics to go to the page. If I wanted to, I could wade through all the various discusion boards, but that would suck.

My inner naughty fella wants to bang these idiots back. The idea I cam up with was doing a file-name change as usual, but leaving in the old file names an image that is, in fact, very nasty, such as threats to public officials, etc. Very small files, of course. I'm hoping that the hosts of these dingbats will do the smackdown on the offender, once they see a user with an icon that says "Banging babies for jesus" or something much nastier.

Do any of you encounter bandwidth thieves and if so, what do you do to handle this problem?

Thanks!

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Sort by date Sort by votes
From a technical standpoint, if you're running Apache you can use mod_rewrite in conjunction with the HTTP_REFERER server variable to leave the graphics as-is when called from your website and have alternate versions sent when being called from other sites. The "gotcha" with this is some browsers allow the user to turn off referer reporting.

You could also name all your images "imagename_[today's random string].jpg" and have an automated process generate a new random string and rename all your graphics on a daily basis. The "gotcha" here is local browser caching -- you might have to have two or more copies of every image on your server, named "imagename_[yesterday's random string].jpg", "imagename_[the day before yesterday's random string].jpg", etc., and have your daily automated process rotate the filenames.


But from an ethical view, I see no problem with your editing your graphics on your server however you wish to. If you wish to store nasty graphics on your system, that is, or course, your prerogative.








Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
Oops. Missed one thing with the "rotating images" idea. The process which generate's each day's new token would have to record it somewhere, and your site would have to use server-side scripting or some other method to construct the "current" image names when a page is called.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
sleipnir214: From a technical standpoint, if you're running Apache you can use mod_rewrite in conjunction with the HTTP_REFERER server variable to leave the graphics as-is when called from your website and have alternate versions sent when being called from other sites. The "gotcha" with this is some browsers allow the user to turn off referer reporting.

So, the practical application is that I'd still serve some alternate image (preferably something much smaller in size that is certain to violate the thief's Host User Policy), but only if called from other sites.

What would be the practical result of the situation where a user has turned off referrer reporting? Would they still see my site's original images, or a broken link, or what?

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
It depends on how your code reacts to the missing referer data.

If your code requires that it see your site's domain name in the referer logging, then when referer logging is turned off your legitimate users will see the "nasty" version of the images.

If your code allows fetches of "nice" images when your domain name does not appear in the referer log, it kind of defeats the purpose of even checking it.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
I dunno about the use of porn images. But a nice pic that says "Report this bandwidth thief to their ISP" would be good.

Chip H.


____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
 
Upvote 0 Downvote
I wouldn't use porn. At my current annoyance level, I would make a statement, on a B&W gif, as small-file-size as possible. Announcing it was stolen doesn't really do much, but if, for example, it threatens certain public figures whom it is unlawful (in the US) to threaten, then the thief will appear to be making the threat, which could be read -- again, if the host is in the US -- as a federal offense. This means that the thief must either admit to a federal offense or theft, both of which would probably violate their user contract.

sleipnir214, I'm quite unclear on how this might work. Is there a discussion about this sort of thing in another discussion I could peruse, or would you mind explaining in more detail here?

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
EdwardMartinIII said:
but if, for example, it threatens certain public figures whom it is unlawful (in the US) to threaten, then the thief will appear to be making the threat, which could be read -- again, if the host is in the US -- as a federal offense.
Click to expand...
But then the thief could simply say, "Those are not my images.", provide the link back to your sever, then you might be in trouble for actually owning/providing the images.

Kinda like if someone steals crack from a drug dealer, the police catch him, then he tells them where he got it.

Be careful.

I do like your idea of changing the images. I know if I was in your situation I would probably let my imagination run wild!


Hope This Helps!

Ecobb

"My work is a game, a very serious game." - M.C. Escher
 
Upvote 0 Downvote
Just put "This image stolen from in nice big white letters on a black background.

Mike

"Deliver me from the bane of civilised life; teddy bear envy."

Want to get great answers to your Tek-Tips questions? Have a look at faq219-2884
 
Upvote 0 Downvote
Yeah, I understand that it's possible I could get in a spot of trouble. I've been considering alternate messages, ones that would be legal, but make the user very unpopular.

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
You see these type of image thieves get screwed by just your scam on ebay once and awhile.

My personal favorite are the "personal confession" images. The only one I have a link to apparently was finally taken down... but it had about 6 images which went like this...

"Report this bandwidth thief!"

"I think it's cool to steal copyrighted material without permission!"

"I like little boys"

And it went downhill from there...
 
Upvote 0 Downvote
When this happened to me, I simply changed the picture to free advertisement for my web site. The response was immediate.
 
Upvote 0 Downvote
The route I've been thinking of going has been the "personal confession" type messages as well. Considering the current political climate, the possibilities are nearly endless, especially when I combine words such as "death", "infidel" and so one. I'm not talking about going downhill. I'm talking about a hurl into the abyss.

I really am quite annoyed at this. My last hosting bill included over $900 in bandwidth charges. Although a lot of that was files I had deliberately put out there, a big chunk was bandwidth theft. (side note: the ISP was supposed to CAP my bandwidth, so after a series of progressively exasperated calls, I was able to get them to annul this, assuming it actually takes). So, when I use the word "annoyed", figure $900 worth of annoyed. Really annoyed, and possessing of spare time.

I like the idea of making the images an advertisement for our sole product. That would be kinda cool. Send 'em right to a product page. I'll consider that once I calm down from the last bill.

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
sleipnir214, can you point me to some description of the method you discussed above?

Cheers,


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
This one:

sleipnir214: From a technical standpoint, if you're running Apache you can use mod_rewrite in conjunction with the HTTP_REFERER server variable to leave the graphics as-is when called from your website and have alternate versions sent when being called from other sites. The "gotcha" with this is some browsers allow the user to turn off referer reporting.

Thanks!


[monkey] Edward [monkey]

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door
 
Upvote 0 Downvote
I misspoke. You don't have to use mod_rewrite.

But the Apache online manual can explain it better than I can. There's a part of the Apache manual titled 'Prevent "Image Theft"', in which you'll probably be interested. Go to the bottom of the the appropriate page:

Apache 1.x: Apache 2.x:


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
Hehehehe the advertisement and using HTTP_REFERER variable is as good one. I bet if you look at your logs that 90%+ of the browsers hitting your site wouldn't have the ability to turn off this option and the ones that did probably wouldn't .... leaving you with a few shifty ones and they are probably the ones you would want to send the alt images to anyway.

Hope I've been helpful,
Wayne Francis

If you want to get the best response to a question, please check out FAQ222-2244 first
 
Upvote 0 Downvote
Instead of images that might get the person in trouble, why not simply use images of a solid color. Nobody would want to continue using these, and I would expect the problem to go away on its own. Nobody offended, no harm done.
 
Upvote 0 Downvote
Nobody offended, no harm done.
Click to expand...
Now, where's the fun in that? :)



Hope This Helps!

Ecobb

"My work is a game, a very serious game." - M.C. Escher
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top