Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Damn thread splicing. I didn't realize at the time that this thread was 30+ posts long, not 6. Gotta remember to look at the Re: in the subject... :P ___ Joseph Balderson, Developer | http://joeflash.ca | 705-466-6345 Tom Chiverton wrote: On Wednesday 04 Jun 2008, Joseph Balderson wrote: Ah. I thought he was talking about SWCEncrypt, which is actually an obfuscator. Yeah, but SWFObfuscator isn't as cool a product name, so I guess they went with being confusing... -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * Your email settings: Individual Email | Traditional * To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) * To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
On Wednesday 04 Jun 2008, Joseph Balderson wrote: Ah. I thought he was talking about SWCEncrypt, which is actually an obfuscator. Yeah, but SWFObfuscator isn't as cool a product name, so I guess they went with being confusing... -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com. -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * Your email settings: Individual Email | Traditional * To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) * To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Hello again, I have read more Flex documentation, and found a lot of good information regarding the remote objects and the environment, but I have a thought about making a change in the structure of the Flex application, have someone tried to take a module and put it into a sql database as a bytearray, and bring it to the application as remote object and connect module loader to the DTO, is possible to connect the module loader to the byteArray? --- In flexcoders@yahoogroups.com, Michael Schmalle [EMAIL PROTECTED] wrote: I'll Chime in on this since.. I could call myself a professional component developer. I had the same worries about source and intellectual property (2 years ago). What I have found in the real component market, developers will buy your component without code IF you have a site and support backing up your claim of a purely 'encapsulated' API. Now what I have learned; Mind you I have been developing components since Flash 5 :) - Source code IS love but, they are going to pay a lot more for it. I'm talking about my frameworks coming up that are definite jewels for the professional/enterprise flex developer. I will have to options SWC or SWC/with source. You can't stop people from riping off your stuff. There are ticks and leaches in the REAL world as well. The trick, is to be the leader and innovator. I have survived 2 years without selling source. I have created a brand new framework that I am very proud of, documented great and I will be selling my components with source. Anyway, ramble but... you will always get decompiled and don't kid yourself. Peace, Mike On Wed, Jun 4, 2008 at 3:57 AM, Josh McDonald [EMAIL PROTECTED] wrote: I still can't see what you hope to achieve with these solutions? Anybody willing to copy and paste your code, is just as willing to copy your encrypted .SWC file. Source code is like love - it only has value if you give it out. -Josh On Wed, Jun 4, 2008 at 5:45 PM, Cato Paus [EMAIL PROTECTED] wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds- with-java-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman jmfillman@ wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de- compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED] -- Teoti Graphix, LLC http://www.teotigraphix.com Teoti Graphix Blog http://www.blog.teotigraphix.com You can find more by solving the problem then by 'asking the question'.
RE: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
@Mike, Where do I find this framework? Regards Dale Fraser From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Cato Paus Sent: Thursday, 5 June 2008 6:24 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? Hello again, I have read more Flex documentation, and found a lot of good information regarding the remote objects and the environment, but I have a thought about making a change in the structure of the Flex application, have someone tried to take a module and put it into a sql database as a bytearray, and bring it to the application as remote object and connect module loader to the DTO, is possible to connect the module loader to the byteArray? --- In flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com , Michael Schmalle [EMAIL PROTECTED] wrote: I'll Chime in on this since.. I could call myself a professional component developer. I had the same worries about source and intellectual property (2 years ago). What I have found in the real component market, developers will buy your component without code IF you have a site and support backing up your claim of a purely 'encapsulated' API. Now what I have learned; Mind you I have been developing components since Flash 5 :) - Source code IS love but, they are going to pay a lot more for it. I'm talking about my frameworks coming up that are definite jewels for the professional/enterprise flex developer. I will have to options SWC or SWC/with source. You can't stop people from riping off your stuff. There are ticks and leaches in the REAL world as well. The trick, is to be the leader and innovator. I have survived 2 years without selling source. I have created a brand new framework that I am very proud of, documented great and I will be selling my components with source. Anyway, ramble but... you will always get decompiled and don't kid yourself. Peace, Mike On Wed, Jun 4, 2008 at 3:57 AM, Josh McDonald [EMAIL PROTECTED] wrote: I still can't see what you hope to achieve with these solutions? Anybody willing to copy and paste your code, is just as willing to copy your encrypted .SWC file. Source code is like love - it only has value if you give it out. -Josh On Wed, Jun 4, 2008 at 5:45 PM, Cato Paus [EMAIL PROTECTED] wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds- with-java-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com , jmfillman jmfillman@ wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de- compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED] -- Teoti Graphix, LLC http://www.teotigraphix.com Teoti Graphix Blog http://www.blog.teotigraphix.com You can find more by solving the problem then by 'asking the question'.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Hello again, I have read more Flex documentation, and found a lot of good information regarding the remote objects and the environment, but I have a thought about making a change in the structure of the Flex application, have someone tried to take a module and put it into a sql database as a bytearray, and bring it to the application as remote object and connect module loader to the DTO, is possible to connect the module loader to the byteArray? In order to make the ModuleLoader use a bytearray, you have to do some extending of ModuleLoader. For NitroLM.com, I've created a class called nitrolm:EncryptedModuleLoader that does load ByteArrays internally. It uses a public/private key encryption on the module swf file with the decryption key stored on the server. Because of this, an attacker can't get at the key. Only AFTER a valid NitroLM licensing transaction happens are you allowed access to the decryption key. Basically, all you do is develop a modular application (either put everything in one module (if you're lazy or have a small app), or do several modules. In the NitroLM admin tool, create a new product code, and generate a library key for each module you have. You can then assign those library keys to the product. Then, when you're ready to deploy, you modify your code to use the nitrolm:EncryptedModuleLoader instead of mx:ModuleLoader. In my own code, I just comment/uncomment repeatedly during development. For a Flex app, you run the module swfs through our AIR app called AssetEncrypter using the product keys and library keys generated during setup. Then you just deploy. For AIR, you have to unzip the AIR package, encrypt the modules using AssetEncrypter and then re-package using the ADT tool in the Flex SDK. It's not totally streamlined yet, but I'm always working to improve it. Here is some of my demo code with a couple of encrypted modules. mx:TabNavigator id=tabNav width=100% height=100% mx:VBox label=VBox backgroundColor=#ff/ !--mx:ModuleLoader id=circleModule label=Circle/-- nitrolm:EncryptedModuleLoader id=circleModule label=Circle productName={product_name} libraryName={circle_library_name} licenseClient={licenseClient}/ !--mx:ModuleLoader id=techSupportModule label=Tech Support/-- nitrolm:EncryptedModuleLoader id=techSupportModule label=Tech Support productName={product_name} libraryName={support_library_name} licenseClient={licenseClient}/ /mx:TabNavigator That's the very high level overview anyway (the stuff I'm allowed to share). NitroLM does a lot more than just encryption, and you should look into it if you're doing any type of enterprise application. E-mail notifications, Demo licensing, offline or checked-out license and other features are some of the main reasons people use it. For an open-source or public audience/website type of thing, it's probably overkill. If you want to schedule an online demo sometime, just schedule a meeting with our LM sales guy lmsales [at] simplifiedlogic.com. He schedules my time for demos of the encryption stuff. We'll also have a presentation at 360 Flex San Jose and a booth there. The presentation is by David Bigelow - Making Money with Flex, or something like that. -Andrew Westberg
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-ja\ va-do-you-care-about-security/ http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-j\ ava-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman [EMAIL PROTECTED] wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen.
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I still can't see what you hope to achieve with these solutions? Anybody willing to copy and paste your code, is just as willing to copy your encrypted .SWC file. Source code is like love - it only has value if you give it out. -Josh On Wed, Jun 4, 2008 at 5:45 PM, Cato Paus [EMAIL PROTECTED] wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-java-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman [EMAIL PROTECTED] wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED]
RES: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
My experiences with Flash + AS2 and SWFEncrypt are very positive, even with Sothink trying to decompile and not being able to... On the other hand, never tried with Flex. Maybe you/we should try the newer version, since changelog states: Updated for Flash 9, Flex 2/3 and ActionScript 1/2/3. De: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] Em nome de Doug McCune Enviada em: terça-feira, 3 de junho de 2008 16:53 Para: flexcoders@yahoogroups.com Assunto: Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? That last comment isn't true. The Sothink decompiler works just fine on Flex swfs. Here's my experience with SWF Encrypt and SWC Encrypt: * We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. * SWFEncrypt, on the other hand, works. But it does not work for Flex swfs. If you try to encrypt a full Flex SWF the encryptor goes overboard and jacks up the Flex framework code and makes your SWF unrunnable. * What did seem to work was creating a SWF module that did not include the Flex framework code, encrypting that, and loading that module into a wrapper Flex app. * Neither SWCEncrypt nor SWFEncrypt seems to actually encrypt anything, All of it can still be decompiled with the Sothink decompiler (maybe the decompiler just knows how to decrypt whatever encryption is used). SWFEncrypt does seem to obfuscate the code though. A decompiled SWF that has been run through SWFEncrypt is harder to read than a non-obfuscated one. On Tue, Jun 3, 2008 at 11:49 AM, Cato Paus [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: right now the Flex framework is too much to decode. decoders only hang that I know of --- In flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com , Tom Chiverton [EMAIL PROTECTED] wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com http://www.halliwells.com .
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I'll Chime in on this since.. I could call myself a professional component developer. I had the same worries about source and intellectual property (2 years ago). What I have found in the real component market, developers will buy your component without code IF you have a site and support backing up your claim of a purely 'encapsulated' API. Now what I have learned; Mind you I have been developing components since Flash 5 :) - Source code IS love but, they are going to pay a lot more for it. I'm talking about my frameworks coming up that are definite jewels for the professional/enterprise flex developer. I will have to options SWC or SWC/with source. You can't stop people from riping off your stuff. There are ticks and leaches in the REAL world as well. The trick, is to be the leader and innovator. I have survived 2 years without selling source. I have created a brand new framework that I am very proud of, documented great and I will be selling my components with source. Anyway, ramble but... you will always get decompiled and don't kid yourself. Peace, Mike On Wed, Jun 4, 2008 at 3:57 AM, Josh McDonald [EMAIL PROTECTED] wrote: I still can't see what you hope to achieve with these solutions? Anybody willing to copy and paste your code, is just as willing to copy your encrypted .SWC file. Source code is like love - it only has value if you give it out. -Josh On Wed, Jun 4, 2008 at 5:45 PM, Cato Paus [EMAIL PROTECTED] wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-java-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman [EMAIL PROTECTED] wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED] -- Teoti Graphix, LLC http://www.teotigraphix.com Teoti Graphix Blog http://www.blog.teotigraphix.com You can find more by solving the problem then by 'asking the question'.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
shameless_product_plug nitrolm.com has a new feature I'm working on that allows you to encrypt flex/AIR mx:ModuleLoader swfs using public/private keys. You write a modular application (or just put most everything in one module). After that, encrypt using NitroLM's AssetEncrypter tool and change your tags to nitrolm:EncryptedModuleLoader. The code in the module is protected from decompiling because the decryption key is stored on the nitrolm server cluster and only delivered to the client after a valid NitroLM authentication. I will be at 360 flex in San Jose, so if you want to see it in action, stop by the Simplified Logic booth. /shameless_product_plug The advantage I see in doing true encryption over obfuscation is that the code the user runs is the same that you developed. With obfuscation, you have to worry about bugs introduced by the obfuscator and cryptic stack traces to figure out when runtime errors do happen to occur. -Andrew --- In flexcoders@yahoogroups.com, Cato Paus [EMAIL PROTECTED] wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-ja\ va-do-you-care-about-security/ http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-j\ ava-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman jmfillman@ wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I understand that you can't ever protect your code from everyone. If someone really wants to get the code they will figure it out, eventually. I'm looking to make it hard enough that most people won't bother. I have looked at nitrolm.com, and for me, I'm hesitant to use it for a variety of reasons, but it's an intriguing approach. - In flexcoders@yahoogroups.com, andrewwestberg [EMAIL PROTECTED] wrote: shameless_product_plug nitrolm.com has a new feature I'm working on that allows you to encrypt flex/AIR mx:ModuleLoader swfs using public/private keys. You write a modular application (or just put most everything in one module). After that, encrypt using NitroLM's AssetEncrypter tool and change your tags to nitrolm:EncryptedModuleLoader. The code in the module is protected from decompiling because the decryption key is stored on the nitrolm server cluster and only delivered to the client after a valid NitroLM authentication. I will be at 360 flex in San Jose, so if you want to see it in action, stop by the Simplified Logic booth. /shameless_product_plug The advantage I see in doing true encryption over obfuscation is that the code the user runs is the same that you developed. With obfuscation, you have to worry about bugs introduced by the obfuscator and cryptic stack traces to figure out when runtime errors do happen to occur. -Andrew --- In flexcoders@yahoogroups.com, Cato Paus cato1@ wrote: Hello again everyone, how can we protect our code? How should we go forward in order to protect the methods used to change the senistive information on user data, some blogs on this? I found one at a remote-finfig.xml and the use of session id http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds- with-ja\ va-do-you-care-about-security/ http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds- with-j\ ava-do-you-care-about-security/ this is good to have this thread hope we can work together to find out of this :) --- In flexcoders@yahoogroups.com, jmfillman jmfillman@ wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de- compilers, I'm hesitant to release it. I don't want to see all my hard work stolen.
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
What you both just described is obfuscation, not encryption. And there are varying levels of obfuscation. The barest level is replacing all props with _loc_1, whcih is child's play. I think what Andrew is referring to is strong obfuscation, that will replace vars with a meaningless string of characters which include illegal characters. The SWF will still play fine, but the moment you try and decompile into classes and recompile, you get a zillion compiler errors from all the illegal characters, and the code is completely intelligible, cause all custom class members have been replaced by goobledygook. That is what I call strong obfuscation. True SWF encryption is only possible with code injection decrypted at runtime, using either encrypted data or preferably over a secure streaming connection (RTMPE or the like) as far as I know, though I've never actually seen anyone go to the trouble. ___ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Sherif Abdou wrote: The local variable get changed to _loc_1, so your best best is to write some sort of script that changes the public/private variables to something like __var_1, and make sure u increment by 1. you can do the same for functions function __test__1();. I dont think encryption will matter unless some crazy person wants to decipher what all they mean. - Original Message From: andrewwestberg [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Tuesday, June 3, 2008 4:54:14 PM Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I meant to say ...and the code is completely _un_intelligible... ___ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Joseph Balderson wrote: What you both just described is obfuscation, not encryption. And there are varying levels of obfuscation. The barest level is replacing all props with _loc_1, whcih is child's play. I think what Andrew is referring to is strong obfuscation, that will replace vars with a meaningless string of characters which include illegal characters. The SWF will still play fine, but the moment you try and decompile into classes and recompile, you get a zillion compiler errors from all the illegal characters, and the code is completely intelligible, cause all custom class members have been replaced by goobledygook. That is what I call strong obfuscation. True SWF encryption is only possible with code injection decrypted at runtime, using either encrypted data or preferably over a secure streaming connection (RTMPE or the like) as far as I know, though I've never actually seen anyone go to the trouble. ___ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Sherif Abdou wrote: The local variable get changed to _loc_1, so your best best is to write some sort of script that changes the public/private variables to something like __var_1, and make sure u increment by 1. you can do the same for functions function __test__1();. I dont think encryption will matter unless some crazy person wants to decipher what all they mean. - Original Message From: andrewwestberg [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Tuesday, June 3, 2008 4:54:14 PM Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Just to clarify, Andrew is in fact talking about encryption, not obfuscation. The NitroLM product (which I have not used) actually does raw byte encryption on your swf, which then gets loaded by a wrapper swf and decrypted at runtime based on a secret key that gets sent over a secure connection after valid credentials are passed to the server. You would have to be able to crack the swf encryption before a decompiler would even be able to give you any decompiled code. Doug On Wed, Jun 4, 2008 at 1:35 PM, Joseph Balderson [EMAIL PROTECTED] wrote: I meant to say ...and the code is completely _un_intelligible... __ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Joseph Balderson wrote: What you both just described is obfuscation, not encryption. And there are varying levels of obfuscation. The barest level is replacing all props with _loc_1, whcih is child's play. I think what Andrew is referring to is strong obfuscation, that will replace vars with a meaningless string of characters which include illegal characters. The SWF will still play fine, but the moment you try and decompile into classes and recompile, you get a zillion compiler errors from all the illegal characters, and the code is completely intelligible, cause all custom class members have been replaced by goobledygook. That is what I call strong obfuscation. True SWF encryption is only possible with code injection decrypted at runtime, using either encrypted data or preferably over a secure streaming connection (RTMPE or the like) as far as I know, though I've never actually seen anyone go to the trouble. __ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Sherif Abdou wrote: The local variable get changed to _loc_1, so your best best is to write some sort of script that changes the public/private variables to something like __var_1, and make sure u increment by 1. you can do the same for functions function __test__1();. I dont think encryption will matter unless some crazy person wants to decipher what all they mean. - Original Message From: andrewwestberg [EMAIL PROTECTED]andrewwestberg%40gmail.com To: flexcoders@yahoogroups.com flexcoders%40yahoogroups.com Sent: Tuesday, June 3, 2008 4:54:14 PM Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Ah. I thought he was talking about SWCEncrypt, which is actually an obfuscator. I stand corrected. ___ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Doug McCune wrote: Just to clarify, Andrew is in fact talking about encryption, not obfuscation. The NitroLM product (which I have not used) actually does raw byte encryption on your swf, which then gets loaded by a wrapper swf and decrypted at runtime based on a secret key that gets sent over a secure connection after valid credentials are passed to the server. You would have to be able to crack the swf encryption before a decompiler would even be able to give you any decompiled code. Doug On Wed, Jun 4, 2008 at 1:35 PM, Joseph Balderson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I meant to say ...and the code is completely _un_intelligible... __ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Joseph Balderson wrote: What you both just described is obfuscation, not encryption. And there are varying levels of obfuscation. The barest level is replacing all props with _loc_1, whcih is child's play. I think what Andrew is referring to is strong obfuscation, that will replace vars with a meaningless string of characters which include illegal characters. The SWF will still play fine, but the moment you try and decompile into classes and recompile, you get a zillion compiler errors from all the illegal characters, and the code is completely intelligible, cause all custom class members have been replaced by goobledygook. That is what I call strong obfuscation. True SWF encryption is only possible with code injection decrypted at runtime, using either encrypted data or preferably over a secure streaming connection (RTMPE or the like) as far as I know, though I've never actually seen anyone go to the trouble. __ Joseph Balderson | http://joeflash.ca Flex Flash Platform Developer | Abobe Certified Developer Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Sherif Abdou wrote: The local variable get changed to _loc_1, so your best best is to write some sort of script that changes the public/private variables to something like __var_1, and make sure u increment by 1. you can do the same for functions function __test__1();. I dont think encryption will matter unless some crazy person wants to decipher what all they mean. - Original Message From: andrewwestberg [EMAIL PROTECTED] mailto:andrewwestberg%40gmail.com To: flexcoders@yahoogroups.com mailto:flexcoders%40yahoogroups.com Sent: Tuesday, June 3, 2008 4:54:14 PM Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Hi Mister I have tested both the swc and swf encrypt, and I have hell of a big project running the Flex RSL and Flex Data Services, and lots of remoteobjects, And I have no problems with the swc 2.0 and swf 5.0 --- In flexcoders@yahoogroups.com, jmfillman [EMAIL PROTECTED] wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I have tested it the code looks like spageti! --- In flexcoders@yahoogroups.com, Tom Chiverton [EMAIL PROTECTED] wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
right now the Flex framework is too much to decode. decoders only hang that I know of --- In flexcoders@yahoogroups.com, Tom Chiverton [EMAIL PROTECTED] wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com.
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
That last comment isn't true. The Sothink decompiler works just fine on Flex swfs. Here's my experience with SWF Encrypt and SWC Encrypt: - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. - SWFEncrypt, on the other hand, works. But it does not work for Flex swfs. If you try to encrypt a full Flex SWF the encryptor goes overboard and jacks up the Flex framework code and makes your SWF unrunnable. - What did seem to work was creating a SWF module that did not include the Flex framework code, encrypting that, and loading that module into a wrapper Flex app. - Neither SWCEncrypt nor SWFEncrypt seems to actually encrypt anything, All of it can still be decompiled with the Sothink decompiler (maybe the decompiler just knows how to decrypt whatever encryption is used). SWFEncrypt does seem to obfuscate the code though. A decompiled SWF that has been run through SWFEncrypt is harder to read than a non-obfuscated one. On Tue, Jun 3, 2008 at 11:49 AM, Cato Paus [EMAIL PROTECTED] wrote: right now the Flex framework is too much to decode. decoders only hang that I know of --- In flexcoders@yahoogroups.com flexcoders%40yahoogroups.com, Tom Chiverton [EMAIL PROTECTED] wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Thank you for the information Doug! Very helpful. JF --- In flexcoders@yahoogroups.com, Doug McCune [EMAIL PROTECTED] wrote: That last comment isn't true. The Sothink decompiler works just fine on Flex swfs. Here's my experience with SWF Encrypt and SWC Encrypt: - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. - SWFEncrypt, on the other hand, works. But it does not work for Flex swfs. If you try to encrypt a full Flex SWF the encryptor goes overboard and jacks up the Flex framework code and makes your SWF unrunnable. - What did seem to work was creating a SWF module that did not include the Flex framework code, encrypting that, and loading that module into a wrapper Flex app. - Neither SWCEncrypt nor SWFEncrypt seems to actually encrypt anything, All of it can still be decompiled with the Sothink decompiler (maybe the decompiler just knows how to decrypt whatever encryption is used). SWFEncrypt does seem to obfuscate the code though. A decompiled SWF that has been run through SWFEncrypt is harder to read than a non- obfuscated one. On Tue, Jun 3, 2008 at 11:49 AM, Cato Paus [EMAIL PROTECTED] wrote: right now the Flex framework is too much to decode. decoders only hang that I know of --- In flexcoders@yahoogroups.com flexcoders%40yahoogroups.com, Tom Chiverton tom.chiverton@ wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Hi, Yes that is true, I stand corrected :) I tested it with SWF Encrypt 5.0 and 4.0 my self and the Sothink decompiler did show it almost like the code form flex builder. Money saved there! --- In flexcoders@yahoogroups.com, Doug McCune [EMAIL PROTECTED] wrote: That last comment isn't true. The Sothink decompiler works just fine on Flex swfs. Here's my experience with SWF Encrypt and SWC Encrypt: - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. - SWFEncrypt, on the other hand, works. But it does not work for Flex swfs. If you try to encrypt a full Flex SWF the encryptor goes overboard and jacks up the Flex framework code and makes your SWF unrunnable. - What did seem to work was creating a SWF module that did not include the Flex framework code, encrypting that, and loading that module into a wrapper Flex app. - Neither SWCEncrypt nor SWFEncrypt seems to actually encrypt anything, All of it can still be decompiled with the Sothink decompiler (maybe the decompiler just knows how to decrypt whatever encryption is used). SWFEncrypt does seem to obfuscate the code though. A decompiled SWF that has been run through SWFEncrypt is harder to read than a non- obfuscated one. On Tue, Jun 3, 2008 at 11:49 AM, Cato Paus [EMAIL PROTECTED] wrote: right now the Flex framework is too much to decode. decoders only hang that I know of --- In flexcoders@yahoogroups.com flexcoders%40yahoogroups.com, Tom Chiverton tom.chiverton@ wrote: On Monday 02 Jun 2008, jmfillman wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? Have you tried decompiling a swfencrypt'ed SWF ? -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
anyone tested this one http://www.kindisoft.com/products/ --- In flexcoders@yahoogroups.com, jmfillman [EMAIL PROTECTED] wrote: Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de-compilers, I'm hesitant to release it. I don't want to see all my hard work stolen.
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
- We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
The local variable get changed to _loc_1, so your best best is to write some sort of script that changes the public/private variables to something like __var_1, and make sure u increment by 1. you can do the same for functions function __test__1();. I dont think encryption will matter unless some crazy person wants to decipher what all they mean. - Original Message From: andrewwestberg [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Tuesday, June 3, 2008 4:54:14 PM Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? - We ran SWCEncrypt on a Flex SWC and then tried decompiling a Flex app created with the encrypted SWC versus the unencrypted SWC. I could not tell any difference whatsoever. Both decompiled just fine, it appeared as if SWCEncrypt did absolutely nothing to the SWC file. I don't know if we were doing soemthing wrong (although really how can you? you just run it on a SWC), or if the encryptor doesn't support Flex SWCs specifically. I tested SWC encrypt on my flex swc today and I can also verify that it didn't do a darn thing to the code as viewed through Sothink's decompiler. (disclaimer: I consult for a company that does SWF and Flex/AIR module encryption that could be considered a competitor of these guys. Just checkin out the competition ;) ) -Andrew
[flexcoders] Re: SWC Encrypt 2.0 - Does it work?
Josh, I couldn't disagree more. If you wrote a component that saves me time and/or money, or provides value to my users, it'd be silly, and a waste of time and money, for me to go and develop it myself. Since you saved me time and/or money, you also deserve to be fairly compensated, if you want to receive $$ for your work. I don't have the resources to go after anyone who might de-compile the code, especially internationally. That's just lost money. JF --- In flexcoders@yahoogroups.com, Josh McDonald [EMAIL PROTECTED] wrote: *sigh* Release it, maybe you'll sell some, maybe many amateurs who would never pay will pirate it, maybe one or two professionals will pirate it. Don't release it, your hard work can stay safe, and you'll never sell a copy. Personally, if it doesn't summon Jesus I think you'll need some luck selling a component without source. This is why we have lawyers and contracts. -J On Tue, Jun 3, 2008 at 7:04 AM, Michel Scoz [EMAIL PROTECTED] wrote: I mostly used it for Flash SWF files, and it work wonders as far as I know. At least, no incompatibility problem and/or decompilers being able to show/see the code. -- *De:* flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] *Em nome de *jmfillman *Enviada em:* segunda-feira, 2 de junho de 2008 17:59 *Para:* flexcoders@yahoogroups.com *Assunto:* [flexcoders] SWC Encrypt 2.0 - Does it work? Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de- compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED]
Re: [flexcoders] Re: SWC Encrypt 2.0 - Does it work?
I'm not suggesting you don't try, or that charging for software is wrong or anything like that, just that I feel source adds tremendous value to a component, which changes the price point at which it becomes a good idea to purchase it. I don't know what you plan on charging, or what your component does, so I can't say whether or not it's a good deal. Just that personally, I probably wouldn't recommend purchase of a closed-source component to my employers, unless I can honestly say that having to wait for external help every time something goes wrong will be a lot cheaper than paying me to figure it out. But philosophy aside, how will obfuscating the SWC really help? An obfuscated SWC can just as easily be copied as something that comes with source. -J On Tue, Jun 3, 2008 at 9:28 AM, jmfillman [EMAIL PROTECTED] wrote: Josh, I couldn't disagree more. If you wrote a component that saves me time and/or money, or provides value to my users, it'd be silly, and a waste of time and money, for me to go and develop it myself. Since you saved me time and/or money, you also deserve to be fairly compensated, if you want to receive $$ for your work. I don't have the resources to go after anyone who might de-compile the code, especially internationally. That's just lost money. JF --- In flexcoders@yahoogroups.com flexcoders%40yahoogroups.com, Josh McDonald [EMAIL PROTECTED] wrote: *sigh* Release it, maybe you'll sell some, maybe many amateurs who would never pay will pirate it, maybe one or two professionals will pirate it. Don't release it, your hard work can stay safe, and you'll never sell a copy. Personally, if it doesn't summon Jesus I think you'll need some luck selling a component without source. This is why we have lawyers and contracts. -J On Tue, Jun 3, 2008 at 7:04 AM, Michel Scoz [EMAIL PROTECTED] wrote: I mostly used it for Flash SWF files, and it work wonders as far as I know. At least, no incompatibility problem and/or decompilers being able to show/see the code. -- *De:* flexcoders@yahoogroups.com flexcoders%40yahoogroups.com [mailto:flexcoders@yahoogroups.com flexcoders%40yahoogroups.com] *Em nome de *jmfillman *Enviada em:* segunda-feira, 2 de junho de 2008 17:59 *Para:* flexcoders@yahoogroups.com flexcoders%40yahoogroups.com *Assunto:* [flexcoders] SWC Encrypt 2.0 - Does it work? Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it work, or would I just be wasting my money? I'm trying to protect a component I plan to sell, but given the prevalence of de- compilers, I'm hesitant to release it. I don't want to see all my hard work stolen. -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED] -- Therefore, send not to know For whom the bell tolls. It tolls for thee. :: Josh 'G-Funk' McDonald :: 0437 221 380 :: [EMAIL PROTECTED]