8 Replies Latest reply on Oct 15, 2006 6:17 PM by Newsgroup_User

    DANGER: FLASH DECOMPILER

    Level 7
      I found a flash decompiler that can steal every single piece of a flash
      compiled file swf.

      to test it i created a flash 8 "encrypetd" swf using "protection aganist
      importing" option when i compile the file.

      but this program just skip this it wasnt protected. How can i protect the
      swf? This software can be fatal for us.

      Cheers

      Jaime


        • 1. Re: DANGER: FLASH DECOMPILER
          NSurveyor Level 2
          These have existed for along time now, and there really is nothing you can do about it. By putting your .swfs online, you are allowing others to view the contents of your .fla.
          • 2. Re: DANGER: FLASH DECOMPILER
            Rothrock Level 5
            Such old, old, old news.

            The "protect against importing" is only of use for stopping direct importation to the Flash authoring environment. It offers nothing against decompilers.

            For the Flash Player to play a swf file it needs to be able to read the file.

            THERE IS NO WAY – short of keeping your Flash on a scuffed CD under your bed – to totally protect your file from a determined person. It doesn't mater what any given vendor of "Flash security" software tells you. I'm not going to say they are liars, but just that their friendship with reality may have had a bit of parting of the ways.

            There are some things that can help to make it more difficult for a casual user to get your code. The best you can hope for is to make it more work than it is worth. Search the forums for "security" or "decompiler," you should find plenty of interesting reading.
            • 3. Re: DANGER: FLASH DECOMPILER
              Level 7
              BLoody hell this suxs.

              I am building a massive worldwide project in flash and i always though it
              was going to be secure. This suxs. I have to combine PHP now to make it
              protected.

              THIS IS REALLY BAD FOR FLASH DEVELOPERS.





              "Rothrock" <webforumsuser@macromedia.com> escribió en el mensaje
              news:egtgmg$28c$1@forums.macromedia.com...
              > Such old, old, old news.
              >
              > The "protect against importing" is only of use for stopping direct
              > importation
              > to the Flash authoring environment. It offers nothing against decompilers.
              >
              > For the Flash Player to play a swf file it needs to be able to read the
              > file.
              >
              > THERE IS NO WAY ? short of keeping your Flash on a scuffed CD under your
              > bed ?
              > to totally protect your file from a determined person. It doesn't mater
              > what
              > any given vendor of "Flash security" software tells you. I'm not going to
              > say
              > they are liars, but just that their friendship with reality may have had a
              > bit
              > of parting of the ways.
              >
              > There are some things that can help to make it more difficult for a casual
              > user to get your code. The best you can hope for is to make it more work
              > than
              > it is worth. Search the forums for "security" or "decompiler," you should
              > find
              > plenty of interesting reading.
              >


              • 4. Re: DANGER: FLASH DECOMPILER
                Level 7
                What about
                flash encrypt 1.2 it worked on the 2005... is it anything like this up to
                date?




                "NSurveyor" <saif7463@yahoo.com> escribió en el mensaje
                news:egtgei$1t7$1@forums.macromedia.com...
                > These have existed for along time now, and there really is nothing you can
                > do about it. By putting your .swfs online, you are allowing others to view
                > the contents of your .fla.


                begin 666 1.gif
                K1TE&.#EA`0`!`(#_`,# P ```"'Y! $`````+ `````!``$```("1 $`.P``
                `
                end

                • 5. Re: DANGER: FLASH DECOMPILER
                  kglad Adobe Community Professional & MVP
                  how can you use php to increase the security of your swf? can you secure your php file? can it communicate anything to flash that is secure?
                  • 6. Re: DANGER: FLASH DECOMPILER
                    Level 7
                    >. can you secure your php file? can it communicate anything to flash that
                    >is secure?

                    Sure and sure... Ypu can't see the contents of a PHP file and you could
                    always pass hashed strings back and forth between Flash and PHP. Though
                    unless you're making something where people win or buy things, trying to
                    secure your content is next to pointless.

                    --
                    Dave -
                    Adobe Community Expert
                    www.blurredistinction.com
                    http://www.adobe.com/communities/experts/


                    • 7. Re: DANGER: FLASH DECOMPILER
                      kglad Adobe Community Professional & MVP
                      i should have asked, can you secure the output of your php file that communicates something to flash, that flash can understand (or decrypt) but still have that something be secure?

                      eg, can a swf understand that the number 1 is being sent (from a php file, for example) and NOT allow a user to detect that 1 was sent.

                      you can assume the user will be able to decompile the swf and detect the name of the php file.
                      • 8. Re: DANGER: FLASH DECOMPILER
                        Level 7
                        > What about flash encrypt 1.2 it worked on the 2005

                        Flash Encrypt was very easy to 'crack' its so-called 'encryption .. it also
                        produces non-standard SWF files that may not work in the future.

                        All protection tools are dangerous .. and will soon be redundant with AS3
                        which uses completely different compiled scripting.
                        --
                        Jeckyl