Prevent screen capturing with DirectX - c#

I would like to render a single image using DirectX.
It should work similar to VLC player's "directx video output", were it is not possible to capture a frame using simple screen capturing software or the printscreen-key.
It should not be possible (or very difficult) to make a screenshot!
Does anyone know how this works in VLC player?
Are there any other possible solutions?
Maybe with "Output Protection Manager" (see http://msdn.microsoft.com/en-us/library/dd388980(VS.85).aspx)
I've about 3 years C# programming experiance earnt at school.
I've also done some C++ programming, but I would prever a C# solution maybe using WPF or Managed DirectX.
Sorry for my English and thanks for your help in advance!!!

First, the reason that VLC's content doesn't get captured when you use printscreen or other screen capture techniques is because (at least on older versions of Windows) they are using an 'overlay' to present the video. This is a special GPU construct that allows rendering to a virtual 'plane' above the normal screen surface. Since this bypasses everything else and goes straight to the GPU, there isn't any straightforward way to capture it. NOTE: In the last few releases of Windows the rules changed quite a bit concerning overlays. Apps can't assume that D3D9/DDraw overlays are supported and apps shouldn't use them nowadays since the system has much better methods of presenting content with the same high performance.
Direct3D 9 Overlays
If you are displaying video content using Direct3D 9, you too can use an overlay. See this page on MSDN for information on how to do it. There are a lot of restrictions on the usage of D3D9 overlays and they aren't supported on a lot of hardware, so I'll describe some other approaches.
This technique does not prevent other apps from injecting them into your address space and capturing your presents. Also, because it's not supported on some hardware and some capture APIs actually disable overlays, it doesn't provide very strong protection guarantees.
GPU-Based Content Protection
If you have a lot of time to learn about GPU content protection and you know you'll be displaying a non-standard DRM-protected video format, you can roll your own protected media path using GPU content protection. I'm not an expert in this area, and there are few who are. I wouldn't recommend this, but I wanted to point it out. This page on MSDN talks about how it's implemented in Direct3D 9 and this other page talks about how it's implemented using Direct3D 11.
This technique provides strong guarantees that the content has not been captured, since the key-exchange happens almost entirely through hardware (e.g. HDCP).
Media Foundation Protected Media Path (PMP)
If you are displaying video using a well-supported DRM-based media format, you can use Media Foundation's Protected Media Path, which makes use of the GPU-based content protection described previously. It also encapsulates most of the functionality in a separate protected process that other apps cannot intercept or otherwise interact with. If someone tries to install a test-signed driver or otherwise inject a binary that isn't code-signed by a trusted root authority, Windows will not allow the content to be decrypted and your content will remain secure. This technique provides strong guarantees that the content has not been captured. This is used by Netflix on Windows, Blueray players, and others.
DXGI Swap-chain Flags
Assuming you are presenting content using Direct3D 10.x/11.x (and hopefully now you are, as opposed to D3D 9, in 2014), you can use a number of flags on your swap-chain to lock down your content.
You can pass DXGI_SWAP_CHAIN_FLAG_RESTRICTED_CONTENT in the swap-chain flags in order to fail the swap-chain creation if the system doesn't have HDCP or HDCP-like output protection. This probably isn't necessary for your purposes, but it's good if you are worrying about people capturing the HDMI or analog output.
The flag you definitely want is called DXGI_SWAP_CHAIN_FLAG_DISPLAY_ONLY. This prevents all screen-capture APIs from ever seeing your swap-chain. It will just appear as a black rectangle to them.
See this page for all the DXGI swap-chain flags.
This technique doesn't provide the strong guarantees that GPU-based content protection provides, but if you are pretty confident that other apps aren't doing crazy things like injecting themselves into your address space and hooking your present calls, you can be be confident this prevents anyone else from seeing your content (except the monitor, of course).
Full-Window Protection
Sometimes you might want to protect more than just DXGI-presented content. In that case, you can actually make use of a similar mechanism to simply protect an entire window from being captured by various screen-capture techniques. It's an API called SetWindowDisplayAffinity. It's equivalent in strength and function to passing the DXGI_SWAP_CHAIN_FLAG_DISPLAY_ONLY flag for a swap-chain, but it also protects content presented with GDI, older DirectX technologies, etc. Pass the WDA_MONITOR flag to enable protection for a given HWND, or pass WDA_NONE to disable protection.
For full disclosure, I work at Microsoft on the team that handles display logic, including some forms of screen capture and content protection.

Maybe by the sound of it you need to intercept WM_PRINTCLIENT by hooking into a global windows procedure, if the WM_PRINTCLIENT message is used, just return from the hooked window procedure. See here for a detailed information by Feng Yuan about WM_PRINTCLIENT. The other way of doing it is to intercept the clipboard functions where the data is from a particular application and the clipboard contains a bitmap.. See Larry Osterman's blog about this. Here is an article on CodeProject that implements a global windows hook, there's two other links I could supply here and here. (All on CodeProject)

Related

Writing a program to stop another program from taking screenshots [duplicate]

i need to block any screen capture software on the computer from taking screen shots. Since all of them are work on standard API-functions, i think i could monitor and block them.
I need to use C#.
All i have found is how to monitor and block them in a certain program (screen capture program). They are looking for a function in the program, then they change it address on mine function address.
But how can i do it, if i haven't any certain programs? I need to block anyone which tries to take a screenshot.
If your final goal is possible or not I don't know, but for the hooking the API portion I can help you out.
I have used the library EasyHook many times in the past, this will let you hook and intercept system function calls from C# code fairly easily. Just read through the PDF tutorial for setup instructions.
For actually finding the API's I recommend Rohitab's API Monitor, it's still in Alpha stages but it works really well and is free. You just hook it on to a processes and it tells you every external DLL call it makes (with the parameters it passed if you have the xml definition file for the DLL, the program comes with almost all of the windows API dll's pre-defined).
The combination of EasyHook and API Monitor is a great 1-2 punch for mucking with other program's calls.
It is not possible to prevent screenshots from being taken. The battle is already lost because of the DWM (Desktop Window Manager). It's lower level than Win32 and device contexts.
If you want to protect the text in your program, there are a lot easier ways to extract it than doing screenshots and OCR. TextOut and/or Direct2D hooking and accessibility APIs.
If there's a lot of IP in your program. Then don't make it all available onscreen. Make sure it's tedious to crawl the GUI for text, and hard to automate it. And don't load whole texts in memory of the program.
Possible solutions:
1. To prevent copying of text. Draw the text as an image.
2. To prevent accessibility technologies, like screen readers - override WndProc in your control, handle and ignore the window message WM_GETOBJECT.
3. To make it harder if they try to use OCR. Draw graphics behind the text. Human readable, but much harder for a machine to interpret it.
Neither of these methods are invasive for the user.
** A very invasive suggestion **:
If you are really serious about preventing anyone from "stealing" your content.
Implement mouse and keyboard hooks. Filter out typical copy shortcuts. Prevent the mouse from leaving the boundaries of your application.
Allow your application to only run when the OS runs well-known processes and services.
If any process starts which you don't recognize, black out the application and notify the user about it, and request the user to close it. And ofc make sure someone is not just spoofing a well-known process.
Monitor the clipboard as you suggested yourself.
You can ofc soften some of these suggestions based on the context of your application.
As Scott just posted it likely can be prevented with API hooks to see that paint events only go to desktop bound handles and not others, and refuse to paint otherwise. However, you need to consider the following scenarios and see if they're relevant threat to your approach or not:
Your software may be running in a virtual machine like VMWare. Such software has capapbilities to capture screen that does so at "virtual hardware" level, and your API hooks will not be able to discern it - and this would be the easiest way approach if I wanted to bypass your protections.
As a post suggests here, nothing also prevents someone to take monitor cable and plug it into another computer's capture card, and take screenshot that way. Again, your hooks will be helpless here.
Bottom line, you can make it somewhat harder to do, but bypassing such protection may be pretty trivial thing to do.
My 2c.

Custom WinRT app running during lock screen (instead of default Slide show)

Any chance to make it possible to build special WinRT application that would run in lock screen mode on Windows 8 like it "works" for default Slide show option setting?
I don't think this is possible. The Win 8.1 API lets you provide an rss feed of images that fuel the lockscreen slideshow, but you don't appear to be able to provide your own app to replace the lockscreen background.
I agree this would be really useful. The lockscreen could be used to turn your device into an ambient data source. For example, custom slideshows, streams of social network posts & pictures, graphs tracking stats you care about (stocks, server load etc.), streams of trending headlines etc.
You can do things with Badges, such as outlined here and here. Unfortunately, I don't think you can do exactly what you are asking, aside from possibly disabling the Lock Screen and building a facsimile of your own, though I don't know to what extent this will be allowed in the store, and will likely be largely up to the users settings with regards to things like working on battery or not.

Set any application's volume

I was wondering how I could set a specific application (as in any running application, not just my own)'s volume level in c#.
I know I'd probably have to use P/invoke, this is fine. I'm just not sure on how the sound api's work and how I would go about getting/setting the volume of specific applications (like the volume mixer in vista/7 can).
I know it's possible to do programattically because nircmd has a feature that can do it.
Any help would be appriciated, thanks.
I think you should look here. Following the links you'll find interfaces and API functions to use to manipulate endpoints' volume. Together with the documentation, Microsoft provided some code samples in C++. As you said, it is possible to get the same functionalities to work in .NET using platform invoke.
I think (and hope) your request is, for all intents and purposes, impossible. Allowing an application to set its own volume is like allowing an application to override the user's notification icon settings. These settings are user settings, so you can't circumvent them.
Imagine for an instance that a user has the volume of his speakers set way up, but has dimmed the volumes of all individual applications. Your application comes along and goes 'whatevs, I'll just set myself to full volume'. You've just made a user go deaf, or at least cower in a corner of the room, scared to death.

Make entire screen monochrome and other full screen effects

Does anyone know how to apply effects to the entire screen, in c# or any programming language.
I'm mostly interested in making the screen monochrome (specifically green-white instead of black white).
I know a cross-graphic card solution is possible because I found a program that can do it:
http://www.freedomscientific.com/products/lv/magic-bl-product-page.asp
Anyone knows how to accomplish something this or where to look?
Thanks !!
There is no easy Windows API to modify the entire screen contents. But this could be done at the device driver level.
Otherwise you have to resort to some Windows API tricks: place a "fake" window over the entire desktop, in a loop: grab the entire screen contents without grabbing fake window contents, do your processing to get the monochrome effect, then display that on the fake window. Yes, it's hacky and slow, but possible. Even more hacky, when you get mouse clicks to "go through" the fake window (lots of SetWindowsRgn calls).
So cross-platform here means using GDI, though some older DirectDraw APIs might work, in that case, you have a much easier time with hardware overlays (and better performance). Though I'm not sure how many cards actually support hardware overlays, and if newer versions of windows support the older DirectDraw APIs.
One more possibility is if the video card has a C# or C++ or C API, then you can do whatever you want with the card without writing device driver code.
Then there's CUDA, but I haven't yet tried that out. I know it's for stream processing on nVidia boards, but I wonder if it could get you an easy backdoor into the video display stuff.
To help people in the future who are interested in this:
This is possible with the Magnification API's color effect method. This allows one to use a matrix that can be applied to the whole screen.
NegativeScreen is an open source project that implements the feature you are describing in C#.
Unfortunately, this only works with affine transformations, as the API takes only an augmented matrices rather than a delegate or something.

Want to know about the best framework available for my app

I am trying to design a new application which basically aims at providing biometric authentication services. What I want to do is that the app will present the user with an interface where the user can get his eye scanned for authentication. The most important feature I want to incorporate is that the user need not have a webcam, the app must be able to read the eye from the display device i.e. CRT or LCD screen itself.
I want info about the best framework available for this. Once successfully tested, I am planning to provide it as a webservice. Any one who will help me will get a royalty from my income.
I think you're want Microsofts new multi-eye monitors. This is a special version of Multi-Touch intended for eye validation, much like how Microsoft Surface is intended for surface finger interaction. For example, you can just lay an eye on the table, and the table can sense the eye is there and validate it, using blue-tooth or whatever. I saw a demo where this guy just shakes his eye near the table and it validated him. I was so cool. SDK's will be available for Retina, Iris, etc.
I know for a fact that there has not been a lot of work done in this area, but the potential is big. I wish you luck.
The best way to do this is to use (old) monitors with electron tubes (LCD screens are not suited for your purpose). By applying a rectifier for the electric current input, swapping the polarity of the cable set to the electron tube and focussing the electron ray to a radio button on your user interface where the user is required to stare at you can make sure that the ray hits directly his eye and is reflected back to a small canvas you need on your UI (users should look a bit cross-eyed for this purpose). The electron pressure paints the retina layout directly to the canvas and you can read it out as a simple bitmap. No special SDK required.
You might try Apple's new iEye. This fantastic, magical add-on to the iPad rests on the eye, and is operated via a single easy-to-use button at the bottom of the device. Unfortunately, it only works with the iPad, and the SDK is proprietary.
I don't get you.
How do you propose the image of the eye is collected without some kind of image capture device.
A bog standard 'display device' is an 'output device' as opposed to an 'input device' - this means there would be no signal.
Are you talking mobile phone apps, custom manufacture eye scanning devices, desktop pc's?
please elaborate.
aaah Patrick Karcher - has the correct answer. plus one for that - i should have been more prepared for coming to stackoverflow on april fool's day.
If you mean getting images from devices without using encoders and drivers, have a look at TWAIN (Technology Without Any Interface). and it's faq.
The most important feature I want to incorporate is that the user need not have a webcam, the app must be able to read the eye from the display device i.e. CRT or LCD screen itself.
are you sure it's possible with the current CRT and LCD technologies? i think you have to have a reading device.
more info from TWAIN.org:
The TWAIN initiative was originally launched in 1992 by leading industry vendors who recognized a need for a standard software protocol and applications programming interface (API) that regulates communication between software applications and imaging devices (the source of the data). TWAIN defines that standard. The three key elements in TWAIN are the application software, the Source Manager software and the Data Source software. The application uses the TWAIN toolkit which is shipped for free.
good lucks.
I know this is an April Fools, but... Actually, if you remove the condition about the fact that it must come from a CRT or LCD screen it might be possible to do it without image capture device attached to their computer.
Possibly using their facebook username and some red-eye photos of them (reflection of the flash off the back of the retina) + a lot of luck and R+D.
Authentication then might simply come from some way of proving that you are the person in the photo.

Categories