<shameless_product_plug> nitrolm.com has a new feature I'm working on that allows you to encrypt flex/AIR <mx:ModuleLoader> swfs using public/private keys. You write a modular application (or just put most everything in one module). After that, encrypt using NitroLM's AssetEncrypter tool and change your tags to <nitrolm:EncryptedModuleLoader>.
The code in the module is protected from decompiling because the decryption key is stored on the nitrolm server cluster and only delivered to the client after a valid NitroLM authentication. I will be at 360 flex in San Jose, so if you want to see it in action, stop by the Simplified Logic booth. </shameless_product_plug> The advantage I see in doing true encryption over obfuscation is that the code the user runs is the same that you developed. With obfuscation, you have to worry about bugs introduced by the obfuscator and cryptic stack traces to figure out when runtime errors do happen to occur. -Andrew --- In [email protected], "Cato Paus" <[EMAIL PROTECTED]> wrote: > > > Hello again everyone, how can we protect our code? > > How should we go forward in order to protect the methods used to change > the senistive information on user data, some blogs on this? > > I found one at a remote-finfig.xml and the use of session id > > http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-ja\ > va-do-you-care-about-security/ > <http://www.flexpasta.com/index.php/2008/03/18/flex-using-blazeds-with-j\ > ava-do-you-care-about-security/> > this is good to have this thread hope we can work together to find out > of this :) > > --- In [email protected], "jmfillman" <jmfillman@> wrote: > > > > Has anyone had experience using SWC Encrypt 2.0, by Amayeta? Does it > > work, or would I just be wasting my money? I'm trying to protect a > > component I plan to sell, but given the prevalence of de-compilers, > I'm > > hesitant to release it. I don't want to see all my hard work stolen. > > >
