zwetan,
if anyone has any further coherent information or personal experience
with obfuscating by hand (ie not using someone else's software)... i
would be more then happy to hear from you. once i actually achieve
any results i will report back.
i'm benchmarking against asv and sothink 2005 build 5.whatever.
One thing that people don't consider is that
You don't need to obfuscate if people can not access the SWF
In the first place
1) use SSL + prevent caching in the HTTP header
-> no SWF in the browser cache
or
2) instead of pointing to foobar.swf in the Object/Embed tag
point to getBinary.php /getBinary.asp / whatever
+ prevent caching in the HTTP header
-> no SWF in the browser cache
It's complicated to put in place, but the result is
No SWF in the browser cache to decompile
2) off course is still not 100% safe against people being able
to detect a SWF stream with a HTTP sniffer
but the solution 1) well.. almost unbeatable
Neither of your 'solutions' is even remotely unbeatable. I can get
around both of them with the wget command-line tool, which is a
standard install on most flavours of linux. There are others that do
the same thing, and any download accelerator program for Windows will
also be able to download the file.
Obfuscation is the only way to protect your code, and even then I
wouldn't consider it 'almost unbeatable'.
--
Steve Webster
Head of Development
Featurecreep Ltd.
www.featurecreep.com
14 Orchard Street, Bristol, BS1 5EH
0117 905 5047
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
