This afternoon there's a seminar about a brief introduction of Studio 8. I was exciting on new features of flash 8, it's so easy to get blur and shadow just like what Photoshop did.

There's a break because of some trouble, later it looks work nice but my browser still nothing following up. I think it should be some bugs of flash player 8 beta with IE, so I closed it and reopen with Opera 8, it worked well then. :)

blur since flash 6:

http://flashscript.biz/components/blur/blur.html

shadow since flash 6:

http://flashscript.biz/MX2004/onions/shader.html

those effects you can easily achieve by playing around with alpha, x, y and duplicateMovieClip.

I am excited about flash 8 but not because of blur or shadow.

The type of blur and dropshadow(and glow and bevel for that matter), in Flash 8 was *not* achievable at all in previous versions. The new type being realtime raster effects... your scripts are nice, cancerinform, I don't mean to downplay them, but they are not the same as what is being implemented into Flash 8.

BTW:
My main wish for Flash 9
tellTarget ("MacroMedia") {
gotoAndWish ("A_Flash_Obfurscatoring_Object");//to protect scripts from being stolen by others
}

WHHHOOOOPS, that was flash 3, I mean of course this:

var MacroMedia:Company;
_root.MacroMedia.gotoAndWish ("A_Flash_Obfurscatoring_Object");

Funny. :)

don't you mean


var M4cr0-M3d14:Company;
0.M4cr0-M3d14.gotoAndWish ("A_Flash_Obfurscatoring_Object");


:P

>flashl!ght<, I know, just wanted to challenge :mrpimp:
Lexicon you got it :thumbsup:

I would like... :grouphug:

var pubKey = "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)

mQGiBEMXnIoRBAC+5qkcvKX+zCC5/sajgxdRbSUQGb13gHCx8mvAWHdwTeOIr0yj
7+X9t9jFOYgV/kQoMiAOig+pAT0OKiMhm9ZqItXI1ALu1Z6qk26y22emiqUloWC J
axizwYvE9+ehzX/ZqYyDAW4UmO2KAY75N+HnQ4yYez5dz95U8wD912FBYwCg7BoT
kJ1SL1u6uc8Y2P6ODexiVgkEALH3IM+Yyq37oxIDN71PR6MdXc /DkIRJvGI69s/9
H1wwjftsNPgafAv4jtaNuH1x1y2zoFPJqDvpNPmN2rryx09ocL pbuUaDVNaIMDlu
8SLL3/n40KDqeTI9IjnmnMXhppcIuTpEqhah+QiO+4LeGaw2JOJYN8S0 xhh0w7IR
psfCA/45JtDpa9/tQgq35WfVKBCJJWDJuHAz/w3VWY51XqiJiIaPlT8Pg/9AoIKw
TWox4Cm3beuXfarXDNAD+tQgdIQoncB7Yp2HeAtcWqLaRMZK6C JFibFrWoTm/L5S
qKFraSUgrjrdqUBJK4Ombx+v/8Op3QRZayzBvTefXdkOL0RtYbQadGVzdCAoaGVs
bG8gYWxsKSA8YUBiLmNvbT6IXwQTEQIAHwUCQxecigUJAeEzgA QLBwMCAxUCAwMW
AgECHgECF4AACgkQJWppQwQ1lxaaHACfQ7s/Vcnw41aySDjFpB9FB2syU7wAoI7o
O4d/5QdrKZEbX5zVQD/hQc2guQENBEMXnIwQBADhBuMVlvBJOEgXjdBA6eGTvfJm
OHJVWRbJpu30hC+8/6amuW6GGJmkhKB0B3DdwH7Ea1vB09g8aMYBN4cH84ei6wjs
ZjTPTsVyiLLkl6nTqV0czIzJjlR21pc8foiMvLywXkLvwW/78EFDgloPfOPSq+zz
1XnBjKk9MLNC57Tj+wADBQP/eokyw/r/Fyq7p3DHYf7iIgsvwtvDUIHR2uX6Sv4h
iKgJSqn8tfJ4igy2S/7sy1HN0Qa1qmpVgVRbPFd7tNRXbnSvR+j23FU06LFQfd9D
F9ocaXmDY9VwYcStq/l0q74+Qvtdsr35Dr5KCB8/zS7SV/g66S91JjEXXWn4ynH4
ylKITAQYEQIADAUCQxecjAUJAeEzgAAKCRAlamlDBDWXFiezAK CxGeB+9lE1TXxf
pIagdWllpVw4+wCgiMyD4wTjpNRhQr/PddHx+GYYEvY=
=flLl
-----END PGP PUBLIC KEY BLOCK-----
";

myScript.Encrypt = function(){
if( itEnabled){
this.validate(pubKey);
trace(" We have lots of jobs could do upon Flash! ");
}
else {
this.beCareful();
}
}

There is an MD5 actionscript algorithm here:

http://www.secureplay.com/product-docs/MD5-Message-Digest.htm

I should also note that is 'very very bad' practice to include the encryption key inside the .swf file.

I'm just curious, I'm not well versed in software security... if your scripts are obfuscated, can't they still be stolen?

Of course they can, an obfuscated script still functions correctly if you rip it out of a movie. Only problem is that if you want to make changes to that script, its pretty difficult because obfuscation renames variable names and functions and renames the references to them, so you end up with function names like dsjifishdfkd() which doesnt really explain much does it? however the same function with a name 'doSendtoServer' actually means alot more and it would be easier for a programmer to change the script as he can understand the flow.

Obfuscation should be the lowest level of encrypt methods early last century especially world war years. Any kinds of algorithm could be rip off if there's enough numbers of mainframe servers and enough time (days to months) but usually in commercial use, MD5, PGP or so are safe enough.

Interesting. I guess what I'm wondering, is I don't believe I've ever written any code thats really needed to be obfuscated... it's not like the code is so revolutionary that I want to protect how it works so others won't know it... it's more that I would want it to not be stealable at all. For instance, take a simple XML photo gallery. What is the point of obfuscating all the script, when the gallery can still be stolen and used? XML galleries have been done many times, there's nothing secret about the code I'm using... I just don't want people stealing my functional web application, thus not having to pay me to use it.

I suppose it would make modifcation of the gallery much harder/impossible... and if I was able to work some sort of security measures in the script it would make hacking them out much harder...

I can see there is a big interest in encrypting code and that is not for little projects or tutorials of course but bigger applications, which are possible nowadays with flash.

I am creating a graphic-animation program for children, where they can import pictures, have squares, triangles, can draw lines of different thicknes and animate everything with each item have its own animation speed. Then they can save everything and they can save several files. It's like a flash program but with simple features. It is a big project and I don't want the next mother&*%$#@ to steel the code and create the same.

By the way does anybody know if projector files can be cracked as well?
I tried it with the program I am creating using gordon (trial version) but I get only the code from the fla file not the xternal .as class files and flare does not show any scripts.

I think (not so sure) external .as files are much easy to find. It's a simple URL without any protect, only when hackers find your URL link, maybe script from your .fla, maybe using sniffer to find whether there is a HTTP request to a URL, or from a cache server.

External .as files are only used at compile-time, you don't need them on your server.
After compiling, they are just like any other piece of AS in your .swf, aren't they?

Yes they are compiled into the movie.

I have mac and I checked my movie with flare. Flare will print all the scripts however not in the same way as the coding. The interpretation of the scripts is very different from the original scripts and is based on the MX syntax (Register class). Flare cannot interpret projector files only swfs. For a hacker using flare it will be difficult to interpret the scripts.

Then i tested Gordon 1.5 and gordon does not list any of the external class scripts only what is in the movie.

Anybody knows something about other compilers? These were free so it could be that the commercial compilers are much more powerful.

Thanks for the discussion by the way even this is not dealing with Flash 8. :)

Oh sorry I was wrong thinking about .as files. "Only the code necessary for the application is included from the library of external files."

Actionscript Viewer 4 can decompile Flash Projectors.

Thanks for the information and sorry for the strange way this thread went.
I already sent my wish to MM a couple of weeks ago.

Now back to the original thread.

var flash:String = "great";
var version:Number = 8;

function Yeahhh(){
trace("FLASH "+version+" is "+flash);
}

The fact that there is already so much out shows that it will probably be a success and $$ for MM :D