"So, is it possible that Pandora's (100% Flex) payments system is secure?"
As Miti says, just don't hardcode things like developer, API, or encryption keys (so the swf can't be inspected to find them). You also realise that absolutely nothing on this earth is 100% secure, there are just increasing levels of hoops to jump through to deter would be thieves... Gk. From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 19 April 2010 02:20 To: [email protected] Subject: [flexcoders] Re: security & flex the link has everything to do with my question. He gives an example of a shopping cart/payment system setup in Flex. This raises my question of whether or not flash is secure enough to operate his phone store in real life. More specifically, user enters information into flash app, which then sends it somewhere to get processed (presumably some HTTPS address). The period of time where flash is transfering info to the HTTPS address is not secure, as described here: http://www.adobe.com/devnet/flex/articles/flex_amazon_02.html Specifically, Miti (a Flex Evangelist, so we should take his word for it, right?) says: "hardcoding sensitive information into a Flex application is a highly insecure practice". So, is it possible that Pandora's (100% Flex) payments system is secure?
