What you both just described is obfuscation, not encryption. And there are varying levels of obfuscation. The barest level is replacing all props with _loc_1, whcih is child's play. I think what Andrew is referring to is "strong" obfuscation, that will replace vars with a meaningless string of characters which include illegal characters. The SWF will still play fine, but the moment you try and decompile into classes and recompile, you get a zillion compiler errors from all the illegal characters, and the code is completely intelligible, cause all custom class members have been replaced by goobledygook. That is what I call "strong obfuscation".
True SWF encryption is only possible with code injection decrypted at runtime, using either encrypted data or preferably over a secure streaming connection (RTMPE or the like) as far as I know, though I've never actually seen anyone go to the trouble. _______________________________________________________________________ Joseph Balderson | http://joeflash.ca Flex & Flash Platform Developer | Abobe Certified Developer & Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Sherif Abdou wrote: > The local variable get changed to _loc_1, so your best best is to write > some sort of script that changes the public/private variables to > something like > __var_1, and make sure u increment by 1. you can do the same for > functions function __test__1();. I dont think encryption will matter > unless some crazy person wants to decipher what all they mean. > > ----- Original Message ---- > From: andrewwestberg <[EMAIL PROTECTED]> > To: [email protected] > Sent: Tuesday, June 3, 2008 4:54:14 PM > Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? > > > - We ran SWCEncrypt on a Flex SWC and then tried decompiling a > Flex app > > created with the encrypted SWC versus the unencrypted SWC. I > could not tell > > any difference whatsoever. Both decompiled just fine, it appeared > as if > > SWCEncrypt did absolutely nothing to the SWC file. I don't know > if we were > > doing soemthing wrong (although really how can you? you just run > it on a > > SWC), or if the encryptor doesn't support Flex SWCs specifically. > > I tested SWC encrypt on my flex swc today and I can also verify that > it didn't do a darn thing to the code as viewed through Sothink's > decompiler. (disclaimer: I consult for a company that does SWF and > Flex/AIR module encryption that could be considered a competitor of > these guys. Just checkin out the competition ;) ) > > -Andrew > > >
