Ooops, sorry, pressed tab+space too quick there - sent too early. (must
drink less coffee)
My previous mail:
Hi James,
A large portion of your classes will be viewable to a decompiler -
basically, the following WILL be viewable:
//Your class before decompilation
class com.yourdomain.yourpackage.YourClass{
private var someVar:String;
private var someOtherVar:Number;
public function YourClass{
var someLocalVar1:Number = new Number(1)
var someOtherLocalVar2:String = new String("foo");
}
}
//Your class after decompilation
class com.yourdomain.yourpackage.YourClass{
private var someVar:String;
private var someOtherVar:Number;
public function YourClass{
var _local1:Number = new Number(1)
var _local2:String = new String("foo");
}
}
Essentially, everything apart from local variables (which are optimised at
compile time by the MMC) will stay as they are. The order of your vars might
change, but bascially the structure will still be there.
Depending on the complexity of your app, you might be able to use swf
obfuscators, but if there's a lot of intra-class communication, especially
between different swfs, you might end up banging your head against a wall
for a while trying to get your otherwise functional app to work. Often
things like this["myClip"+i].doSomething() will get messed up, because the
dynamic addressing will get messed up - I haven't tried Nicholas' OBFU,
though, that looks like it might be a good bet. I know Macromedia were
supposed to be funding ASO, but things have been quiet from them lately:
http://www.genable.com/aso/
Personally, I think the way to go is pre-compile-time lexical obfuscators,
because that will give you far more control over exactly what gets
obfuscated. If you're really determined,you could look at using the flash
intrinsics to modify something like Semantic designs' ECMAscript obfuscator:
http://www.semdesigns.com/Products/Obfuscators/ECMAScriptObfuscator.html?Home=DropDown
I'd be interested to know how you get on, obfuscation is quite a popular
(and emotionally charge) topic round here.
HTH,
Alias
On 10/27/05, James O'Reilly <[EMAIL PROTECTED]> wrote:
>
> Question about protecting my swfs.
>
> If I use external AS2 classes and compile my swf, will those classes be
> exposed if someone were to decompile my swf with a program like
> Sothink's SWF Decompiler or other similar decompiler? It creates a bunch
> of empty files, one for each class I have and says that ActionScript is
> suppressed in the demo version. I can't tell if they are empty because
> it's the demo or if that's because they were external classes.
>
> What good programs might people recommend for obfuscating my swfs?
>
> Is this even neccessary to obfuscate if the code I'm really interested
> in protecting is in external classes rather than inside the FLA? Does
> the same go for compiled clips or custom UI components?
>
> JOR
>
>
>
> ___________________________________
> === James O'Reilly
> ===
> === SynergyMedia, Inc.
> === www.synergymedia.net <http://www.synergymedia.net>
>
>
> _______________________________________________
> Flashcoders mailing list
> [email protected]
> http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
>
_______________________________________________
Flashcoders mailing list
[email protected]
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
