I meant to say "...and the code is completely _un_intelligible..." _______________________________________________________________________
Joseph Balderson | http://joeflash.ca Flex & Flash Platform Developer | Abobe Certified Developer & Trainer Author, Professional Flex 3 (coming Winter 2008) Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 Joseph Balderson wrote: > What you both just described is obfuscation, not encryption. And there > are varying levels of obfuscation. The barest level is replacing all > props with _loc_1, whcih is child's play. I think what Andrew is > referring to is "strong" obfuscation, that will replace vars with a > meaningless string of characters which include illegal characters. The > SWF will still play fine, but the moment you try and decompile into > classes and recompile, you get a zillion compiler errors from all the > illegal characters, and the code is completely intelligible, cause all > custom class members have been replaced by goobledygook. That is what I > call "strong obfuscation". > > True SWF encryption is only possible with code injection decrypted at > runtime, using either encrypted data or preferably over a secure > streaming connection (RTMPE or the like) as far as I know, though I've > never actually seen anyone go to the trouble. > > > _______________________________________________________________________ > > Joseph Balderson | http://joeflash.ca > Flex & Flash Platform Developer | Abobe Certified Developer & Trainer > Author, Professional Flex 3 (coming Winter 2008) > Staff Writer, Community MX | http://communitymx.com/author.cfm?cid=4674 > > > > Sherif Abdou wrote: >> The local variable get changed to _loc_1, so your best best is to write >> some sort of script that changes the public/private variables to >> something like >> __var_1, and make sure u increment by 1. you can do the same for >> functions function __test__1();. I dont think encryption will matter >> unless some crazy person wants to decipher what all they mean. >> >> ----- Original Message ---- >> From: andrewwestberg <[EMAIL PROTECTED]> >> To: [email protected] >> Sent: Tuesday, June 3, 2008 4:54:14 PM >> Subject: [flexcoders] Re: SWC Encrypt 2.0 - Does it work? >> >> > - We ran SWCEncrypt on a Flex SWC and then tried decompiling a >> Flex app >> > created with the encrypted SWC versus the unencrypted SWC. I >> could not tell >> > any difference whatsoever. Both decompiled just fine, it appeared >> as if >> > SWCEncrypt did absolutely nothing to the SWC file. I don't know >> if we were >> > doing soemthing wrong (although really how can you? you just run >> it on a >> > SWC), or if the encryptor doesn't support Flex SWCs specifically. >> >> I tested SWC encrypt on my flex swc today and I can also verify that >> it didn't do a darn thing to the code as viewed through Sothink's >> decompiler. (disclaimer: I consult for a company that does SWF and >> Flex/AIR module encryption that could be considered a competitor of >> these guys. Just checkin out the competition ;) ) >> >> -Andrew >> >> >> > > ------------------------------------ > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: > http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links > > > >
