
Ask HN: My Solution for Securing Paywalled Videos with AWS - anonytrary
Problem: Serve a video to a client if and only if the client has signed up and paid the price for the video.<p>Constraints: Minimize theft and sharing of videos to any client which has not paid. Prevent videos from being downloaded(?).<p>Worst Case: Video is bought by a user, screen-captured, and redistributed. Alternatively, paying user decides to share their username&#x2F;password with other users.<p>Solution:<p>1. Implement a basic user accounts system.<p>2. Dynamically watermark&#x2F;brand all videos to mitigate screen-capture theft.<p>3. Store encrypted&#x2F;restricted videos on S3, restrict access via CloudFront.<p>4. Use Braintree&#x2F;Stripe&#x2F;Cryptocurrency to capture payments for a given video. Upon payment by client, mark the user as having access to the corresponding video.<p>5. Use a short-lived&#x2F;one-time token[0] to grant access to CloudFront endpoint for any paid client. Upon accessing the video after token expiration, a new token will be issued. This prevents users from sharing URLs with friends who haven&#x27;t signed up and paid. The user would be forced to share their sign-in token or username&#x2F;password, which is not preferable. Mitigating this with IP restrictions may not be worth the implementation time.<p>Are there any other major steps that need to be taken here, or have I covered all my bases?<p>With the above solution, generalizing to recurrent (subscription-based) payments or paying for a set of videos shouldn&#x27;t be hard. Are there any additional steps required for these generalizations, or are they relatively straightforward alterations to the solution above?<p>[0] https:&#x2F;&#x2F;docs.aws.amazon.com&#x2F;AmazonCloudFront&#x2F;latest&#x2F;DeveloperGuide&#x2F;private-content-signed-urls.html
======
jlgaddis
Just know that no matter how hard you try to prevent it, if someone wants to
"steal" your videos bad enough, well, they will.

In fact, attempting to make it as difficult as possible (which might lead to
usability issues for the "honest" folks) might be seen as a "challenge". In
other words, you may inadvertantly cause some people to try to acquire and/or
distribute your videos just to see if they can.

Finally, after a certain point, you are likely just wasting time and effort
(and possibly money). If your videos are of any value at all, they _will_ be
"stolen".

~~~
anonytrary
The attack vector that you're speaking of requires a malicious actor to be
competent enough to rip the video content, remove visual and audial
watermarks, and then re-host it elsewhere for redistribution. You're right;
this can and _will_ happen, and isn't worth mitigating.

However, I think there are attack vectors which are worth mitigating. The
biggest one would be preventing signed URLs from being shared from an
authenticated, paying client to a non-paying or unauthenticated client.

Do you know of any illegitimate sources for paid Coursera videos? Do you think
the majority of Coursera users are being funneled through this illegitimate
channel? I think not; the majority of users would rather pay a small amount
for information from the source than some third-hand, sketchy website or
server.

Edit: Unfortunately, it is pretty trivial to download content from a signed
CloudFront URL (see, for example this[0] demonstration). I am wondering if
there is some way to at least mitigate this...

[0]
[https://www.youtube.com/watch?v=xAGc8cxdiVM](https://www.youtube.com/watch?v=xAGc8cxdiVM)

------
anonytrary
With a custom access policy, it would be pretty easy to specify the IP address
allowed for a specific signed URL[0]. This would help to mitigate the risk
factor mentioned in point 5 above.

[0] [http://improve.dk/how-to-set-up-and-serve-private-content-
us...](http://improve.dk/how-to-set-up-and-serve-private-content-using-s3/)

