dcsimg
A Flash Developer Resource Site

Results 1 to 16 of 16

Thread: Flash MX source files unsafe??

  1. #1
    Junior Member
    Join Date
    Apr 2002
    Posts
    2

    Thumbs up

    I received a seminar email that boasts being able to crack into any Flash MX source files. Is this really true?

    Here's the quote:

    "You’ll discover the secret techniques hidden in any Flash movie that inspires you. You gain immediate access to every hidden element of a Flash movie including their coveted Action Script source code which you can cut and paste for use in your own movies."

  2. #2
    Arckid - Curving the Web
    Join Date
    Dec 2000
    Location
    India
    Posts
    1,412
    yeah ... u got to know this today?

  3. #3
    Registered User
    Join Date
    Feb 2001
    Posts
    184
    Opening a Flash MX source file is easy - you just doubleclick it.

    Maybe you mean "crack open a .swf file" ?

  4. #4
    Senior Member
    Join Date
    May 2001
    Location
    Peoria, Arizona
    Posts
    1,889
    Why would anyone get access to your fla files? I think you worry more about the security of your network / computer than a single or a group of file(s).

  5. #5
    Moderator enpstudios's Avatar
    Join Date
    Jun 2001
    Location
    Tampa, Fl.
    Posts
    11,282
    SWF Browser from livetronix can view your AS, steal your sound, pics, just about everything.

  6. #6
    Junior Member
    Join Date
    Apr 2002
    Posts
    2

    To clarify

    I meant to say the compiled file. The livetronix appears to do it with version 4 and 5 but will it do it with MX.

    The primary concern is protecting company intellectual property.


    Is there an obfuscator available?

    Find it hard to believe Macromedia would provide a programming environment without a way to protect your work.

  7. #7
    NerdInside's Avatar
    Join Date
    May 2001
    Location
    Penguin Island
    Posts
    3,439
    FlashToolset 1.1 will work with Flash MX. Sound, MC's, everything BUT actionscript. It can even remove the password protection from the files. ActionScript Viewer will view ActionScript from 1, 2, 3, 4 and 5 but I'm not sure with MX.

    If you think its unsafe, then don't use it. What is safer? Java? Just placing an image in a HTML page? No, Java can be decompilied and an HTML can be stolen so easy.
    [Edited by NerdInside on 04-11-2002 at 05:24 PM]

  8. #8
    Senior Member
    Join Date
    May 2001
    Posts
    1,838

    Re: To clarify

    swf file is an open file format.

    If your Flash MX swf is published with "compression" option unchecked, it is nearly the same as Flash 5 swf. Action viewer, flasm can handle it easily.

    If the MX swf is in compressed form, it can be uncompressed with gzip algorithm. Then every thing in it can be peeked.


  9. #9
    Senior Member
    Join Date
    Oct 2000
    Posts
    310

    Re: Re: To clarify

    fyi

    this is discussed in the:

    Macromedia Flash MX Security Whitepaper

    avaliable at :

    http://www.macromedia.com/desdev/

    (i dont have the exact link handy right now).

    mike chambers

    mesh@macromedia.com


  10. #10
    Junior Member
    Join Date
    Nov 2001
    Posts
    23

    Re: Re: Re: To clarify

    i found the MX security whitepaper:
    http://www.macromedia.com/software/flash/whitepapers/

  11. #11
    I have seen the products mentioned above extract my Actionscript in Flash 5, so I'm sure it's a matter of time
    before the same can be done for MX. As the white paper says:

    In essence, any data, variables, or Actionscript code compiled into a Macromedia Flash movie or projector should not be considered secure.
    But does anyone have an idea of how the software works? I would imagine that with a bit of work you could scramble your code, put it in odd places, #include it or whatever to get around these apps.

    Anybody know?

  12. #12
    Senior Member
    Join Date
    Jul 2000
    Posts
    126
    #include has no effect on the generated SWF - it is only a convenience in the Flash authoring environment.

    You might be able to fool some tools by writing the ActionScript bytecode directly using one of the SWF generation libraries (requires major programming skills) - but any ActionScript compiled by Flash is easily decompiled.

    Until the tools catch up to Flash MX one thing you can do is put code in #initclip blocks. That places the code in a place in the SWF that is unique to MX.


  13. #13
    Junior Member
    Join Date
    Nov 2001
    Posts
    23
    swf is an open format:

    http://www.openswf.org/

    thats the reason why anybody (with knowledge) can write software that writes or interprets swf-files.
    open software has great advantages.
    but there must be a workaround, i didn´t thought about this before i read this thread.

    anybody an idea?

  14. #14
    Junior Member
    Join Date
    Nov 2001
    Posts
    23
    open software has great advantages.
    »open software« has also great advantages, but i ment »open formats«

  15. #15
    Junior Member
    Join Date
    Feb 2002
    Posts
    5

    resolved

    Our actionscript protector is under beta-test.
    It prevents swf files from being hacked by "SWF Browser", ActionScript Viewer 2.0/2.5, "SWF Decompiler", swfdump etc.
    It will be kicked out soon

  16. #16
    Junior Member
    Join Date
    Nov 2001
    Posts
    23
    any links? i´m very interested.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center