On Jul 18, 2007, at 7:24 AM, Jim Berkey wrote:

I found early on that so many people can tear down a wall and condemn it easily when they see the skeleton, without ever trying to climb the wall, and that is not a good judge of the effectiveness of the wall. But if you do not see the skeleton, it is much harder to climb that wall. All of a sudden instead of multitudes saying how silly, only a few can actually climb the wall . . . maybe one day only one or two will be able to climb the wall. Yesterday Rákos captured the swf, and then others decompiled and re-compiled it. I have slept on the method that I believe Rákos used to capture the swf, and may have an answer for it later today.

We all definitely appreciate that you are trying. Just remember there's a huge difference in making it difficult to get the file and making it impossible to get the file (the latter being, literally, impossible).

The simple fact is that the SWF needs to be sent to the client, in a form the Flash Player can render. At this point in time, the technology does not exist in the Player or in the communication between the server and the Player (browser/plugin). It is absolutely impossible to keep the end user from gaining access to the SWF content in some manner or another.

You can obfuscate, but you cannot hide the content itself. I think what some of us are saying is - there is no way to keep us from getting the file.

The most difficult method I am aware of is by using FP9 (AS3) and Loader.loadBytes (combined with ByteArray). You could use a secured socket connection and load binary data, decrypted through ByteArray and a client-server handshake (say Blowfish as the encryption method - it'll just take forever to decrypt the data).

That still won't protect you. All one needs is a packet sniffer to get the data (including any keys or other information) and use the SWF that loaded the data in the first place to decrypt it. It'll take a bit longer to get the file (a long time if implemented properly) but you can still get the file.

http://www.bytearray.org/?p=32

good luck.

- jon

_______________________________________________
Flashcoders@chattyfig.figleaf.com
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Reply via email to