[osflash] Obfuscators
Mark Winterhalder
mark13 at gmail.com
Sun Jun 1 05:17:20 PDT 2008
On Sat, May 31, 2008 at 5:52 PM, chris duke <drakkonx at gmail.com> wrote:
> As an avid user of Amayeta for obfuscation of CD based content I can say I
> don't consider it encrypted. If its the case I can truly encrypt my swfs
> (that are delivered on CD) based in AS3 I'd really like to know how thats
> done.
There's nothing stopping you from either using one of the encryption
libraries or implement your own. You'd have a loader SWF that decrypts
your actual content and then uses Loader.loadBytes() to display it.
However, there are two problems with that approach. One is the classic
DRM problem -- you need to deliver the key (and the decryption
algorithm) somehow, and rely on obfuscation to hide it from the
attacker. The other is that as an attacker, I wouldn't even try to
find the key and guess the algorithm, but rather look for the
loadBytes call and manipulate the SWF to relay the decrypted content
somewhere else -- so the call to loadBytes would need to be really
well obfuscated.
Mark
More information about the osflash
mailing list