I see. I don't think that would be a suitable alternative to obfuscation. For one thing, it requires a great deal more effort. Second, it puts the burden on the client to run the decryption on their machine (every time they access the swf). Finally, since you must provide the client with the key, you haven't really protected anything, you've just added one extra step.
-austin -- Austin Haas Pet Tomato, Inc. http://pettomato.com On Tue Jun 03 14:25 , zwetan wrote: > > > > What do you mean by "you have to the power to encrypt SWF files?" > > > > How is that done? > > > > you have bytearray in AS3, that means you have binary access to data > and so you can encrypt a SWF file and decrypt it on the fly > before loading/playing it > > so sure depending where you want to do it (web, desktop, etc.) > it can more or less complex, and more or less secure > > with encryption what you will want to protect is the key to decrypt the SWF, > not the SWF itself (as this one is useless encrypted and can not be > read or decompiled without decryption) > > and also the process of loading the SWF, > an HTTPS connection for example > > if you search on google you'll find some people that have used > some AS3 encryption library to do just that, > but their solution have a big flaw: they don't protect the key > and they don't put in place a secure loading process > but still their approach would be a good first step to SWF encryption. > > some links > http://www.onflex.org/ted/2008/01/loaderload-vs-loaderloadbytes.php > http://www.adobe.com/devnet/flashplayer/articles/secure_swf_apps_12.html > http://www.flexjunk.com/2008/04/04/encryption-in-flex-applications/ > etc. > > but before going into that road, be really sure why you would want to > encrypt your SWF > and either buy a licence like NitroLM, or spend a lot of time > implementing your own. > > zwetan > > _______________________________________________ > osflash mailing list > [email protected] > http://osflash.org/mailman/listinfo/osflash_osflash.org > _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
