dcsimg
A Flash Developer Resource Site

Results 1 to 10 of 10

Thread: security issues in flash

  1. #1
    Hello,

    Could someone please give me some advice on the following:

    I am curently developing an application using flash which absoloutly must remain secure. The application in essence keeps records of information about the users account balance, similar to an online banking system.

    My question is... can the swf be cracked so that the user could alter their individual account balance.

    I have heard rumours of swf hacking programs and this worries me. If this is true, could I protect my files by making the application an .exe file, or even taking it into director and making a shockwave file out of it.. would this be more secure?

    Please someone reply and let me know what you think?

    Thanks!!!

  2. #2
    Modding with Class JabezStone's Avatar
    Join Date
    Aug 2000
    Location
    Grand Rapids, MI
    Posts
    2,008
    I am not completely sure about the security of Flash, but I do know this...

    -an .swf file CAN be extracted from a Flash Projector.
    -an .swf CAN be hacked to view/alter the code.

    From what I have heard here on the boards, a 3rd party tool from Northcode.com called .SWF Studio packages .swf files in a proprietary projector that the common .swf hacking tools cannot penetrate.

    Bottom line, and I'm sure you know this... anything can be hacked. It's up to us to find the best solution for our purposes, but also to realize that we will never be 100% secure.

    Jabez

  3. #3
    Senior Member
    Join Date
    Apr 2001
    Posts
    127
    All you can do is try to make it as secure as you can. Like JabezStone had said, anything can be hacked. All it takes is time.

    Lou C. Fur

  4. #4
    Senior Member
    Join Date
    Oct 2000
    Posts
    178
    It depends if you are writing it as a application, or are you just using it as a client? If you keep the data on the server, and just sent it to the flash client, the you are no worse off than with HTML. The data will not be persistent.

    If you are writing an application, especially one that must be secure, then you best bet, as always, is to use a real programming language.

  5. #5
    Moderator
    The Minister of No Crap

    Join Date
    Nov 2000
    Location
    Philadelphia
    Posts
    2,685
    Along with this topic, I think its easy for us to start stressing over people hacking our work. I have found myself freaking out over this in the past to the point that I spent more time preventing hacks, then actually designing. What has helped me is to just let go of work I do and realize that if some wants the source code, then they'll probably get it. But the next design I do has got to be a million times better than that last one.

    So, basically what I'm saying is beat the hackers by constantly improving yourself. By the time they hack your stuff, you've already made something better.

    Just some random thoughts.

    -scott
    http://www.scottmanning.com

  6. #6
    Senior Member
    Join Date
    Apr 2001
    Posts
    127
    That reminds me of a quote from Mark Twain....

    "Progression is the enemy of the wicked"

    Lou C. Fur

  7. #7
    Moderator
    The Minister of No Crap

    Join Date
    Nov 2000
    Location
    Philadelphia
    Posts
    2,685
    Mark Twain rocks my world.

    -scott
    http://www.scottmanning.com

  8. #8
    Senior Member
    Join Date
    Apr 2001
    Posts
    127
    Originally posted by nocrapchurch
    Mark Twain rocks my world.

    Would this be the same world Bill Gates had ruined?

  9. #9
    Moderator
    The Minister of No Crap

    Join Date
    Nov 2000
    Location
    Philadelphia
    Posts
    2,685
    No.

    Bill gates ruined "the" world as in terms of the world we all live in.

    Mark Twain rocks "my" world as in terms of the world that I live in... my mind.

    -scott
    http://www.scottmanning.com

  10. #10
    Senior Member
    Join Date
    Apr 2001
    Posts
    127
    *notes difference in his handy dandy notebook*

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center