I am faced by exactly the same "difficulty". When developing non-trivial web- or AIR-apps the wish arises to protect the codebase in any way. Lastly I ended with 3 possibilities which I will have to ponder against each other:
1. Using a strong JS code compressor (Google Closure Compiler!!!)
2. Keeping as much logic as possible on the server side (no everywhere applicable)
3. Coding valuable algorithms/calculations in a language like Java or C, compiling them and
using them via IPC (came up in AIR2) or TCP-Sockets.
What I'll definitely do is chasing my code abse through Google's Closure Compiler so that everybody trying to debug/modify my code has to sacrifice many many hours and some heavy headache. Sure, it's not very effective, but coding in AS3 and compiling to SWF isn't effective too. Thanks to SWF-Decompilers everyone can get the underlying code similarly crippled like the one produces by GCC.
I appreciate any suggestions.
I think the first solution is the best.
As you said, even developing with flex is not secure, so adobe should find a solution for this problem ...
Hmm ... yeah, maybe kind of binary encoding might be useful. But I don't think that Adobe would do this. Literally the whole nature of those "open webtechnologies" consists of their "openess" in a certain kind. Maybe a smart guy comes up with a nifty hack using the DOM's application cache property where content is cached pre-compiled. Let's see...