7 Replies Latest reply on Feb 17, 2007 7:30 AM by ggshow

can my songs be stolen?

Rustyvoyager Feb 16, 2007 4:53 PM

Ok, I have created buttons with "on (release){loaded = new Sound();
loaded.loadSound("...",true); " attached to them. All is working great but someone told me my song might be stolen. I do realize that if you name the file the same as the song itself people could just assume that and type it directly into the url as " http://www.mysite.com/mysong.mp3/" and their computer would ask if they would like to download it. But i have named the files random number sequences in order fool proof this hack method. Is there any other way people could hack the song? Thanks to anyone who knows, Rustyvoyager

1. Re: can my songs be stolen?

kglad Feb 16, 2007 5:20 PM (in response to Rustyvoyager)

yes. it's easy to check the code in your swf and view the file name you're loading.
Like Show 0 Likes(0)

Actions
2. Re: can my songs be stolen?

Rustyvoyager Feb 16, 2007 6:30 PM (in response to kglad)

How can I check the code from the internet? I want to see how it is done. Thanks
Like Show 0 Likes(0)

Actions
3. Re: can my songs be stolen?

kglad Feb 16, 2007 6:47 PM (in response to Rustyvoyager)

use a decompiler (like sothink's swf decompiler) to decompile the code in your swf. it's then viewable as if someone is looking at your fla. and, in fact, your entire fla can be recreated using a decompiler.
Like Show 0 Likes(0)

Actions
4. Re: can my songs be stolen?

Sketchsta Feb 16, 2007 7:26 PM (in response to Rustyvoyager)

even if the viewer has a decompiler, if you have your song files in a restricted folder on the server, the viewer cant download it......can they??
Like Show 0 Likes(0)

Actions
5. Re: can my songs be stolen?

kglad Feb 16, 2007 10:57 PM (in response to Rustyvoyager)

yes, apparently they can. and i'm not sure how restricted you can make a folder and still have flash load the files it contains.
Like Show 0 Likes(0)

Actions
6. Re: can my songs be stolen?

anonymous thing Feb 16, 2007 11:40 PM (in response to kglad)

- get your song path from an WebService during flash runtime... it's easy to get messages between server and client but it's better than write path directly into your code! Use with solution 1 and 2

1. If you are on a Apache server use a .htaccess to redirect request that acced directly to your .mp3. This patch can be good for a moment but it exist some trick to bypass that. Block directory listing on your mp3 folder.(easy, low protection)

2. If you are really crank about security you can generate a token and a SHA or MD5 key each time, store in a DB for the current user, this way you can replace physical path. Use it with solution 1.(hard to implement, good protection)

3. best simple solution is to stream your song with FMS... but it cost a lot of money...
Like Show 0 Likes(0)

Actions
7. Re: can my songs be stolen?

ggshow Feb 17, 2007 7:30 AM (in response to Rustyvoyager)

no matter who you are, whatever you do,
if you let user to play the song on their pc, they CAN "steal" it.

i can connect the audio out & audio in ports together to record the audio,
if you cant understand this...

erm... i can just play the song, & then put a microphone to record it

the best way to protect the song is: dont play it..
Like Show 0 Likes(0)

Actions