Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: Picture Theft Tracking Tool (PTTT)  (Read 2749 times)

0 Members and 1 Guest are viewing this topic.


  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 6
    • HSG Bensheim/Auerbach
Picture Theft Tracking Tool (PTTT)
« on: June 27, 2006, 08:55:15 am »

Just an idea:
Writing a script which adds to every user called (full size) picture 3 little (encoded?) strings to EXIF or in another hidden and more safe area:
  • unix time stamp of download
  • user IP address
  • url which hosts the picture (could be done once during upload procedure)
When you see your picture somewhere else, you can first check "is it really my picture?" and in case it's true, track when it was downloaded. Together with the IP address you can identify the person which downloaded the picture, when you contact his/her provider and if it's in a country which respects certain copyright issues.

Well, you can identify the person which abuses your picture(s) on his/her homepage w/o adding the 3 issues to the picture. But in case of a more complicated theft chain - someone else made the download and hand it or sold it to s.o. else, you'll get the starting point of the chain too.

I do it similar on my homepage (not the one in my signiture) for a different purpose. I add unique email addresses to the HTML output, containing:
encoded unix time stamp (dot) encoded IP (at) mydomain.tld
When I check my mailbox for
* (at) mydomain.tld
I get all the spam mails, which have their origin by spam bots. With both IP and time, I can contact the provider e.g. by abuse (at)provider (dot) tld
and do my complaint.
O.k. I don't do it in case of tld's like .cn etc.. And maybe it doesn't really help in the fight against spam, it's quite interesting to track the bots and how quick they distributed the captured email addresses.

If s.o. is interested in the few lines of the "faked email addresses for tracking spam bots", I can post it here and you can add it into your anycontent.php

Pages: [1]   Go Up

Page created in 0.015 seconds with 21 queries.