The very basis of Flash security that concern many content creators is the protection of the intellectual property around websites and other flash powered RIAs. The most common security breach is the easiness to “steal material” from the web (note the quotes).
and it for sure can’t be called “material”.
- Flash Pirates
- SWF Hackers
- So what can you do?
Ok, so this is your common guy. Stealing for them can be as easy as checking their browser cache, or fiddling with FireBug and download SWF files or other assets that might be dynamically loaded from the flash (swf files, images, xmls, mp3s, ….). We all know them, and -let’s be honest- we all have been there.
It’s the size what makes the difference
Then again, nosing around your computer cache can hardly be called “stealing”, and in many circumstances keeping a file at one’s computer for personal use doesn’t harm its author either.
On the other hand one example comes to my mind: Flash Game developers. I have read through the years how some of this developers have seen their games stolen reposted on other sites, and appropriated by others. Something one doesn’t want to deal with specially when the intent for the piece of work was freeware software and the copies are being monetized. In this case we are dealing with more than “stealing” we are dealing with “appropriation”.
Flash pirates are numerous, but they lack in many cases further technological knowledge. They can steal but they can’t modify. That is the labor of other guys…
These are the clever guys. They will bypass any trick you’ve set up, and successfully download your SWFs. Then, if they so desire, they will expose your creations inner core. There are out there a handful of decompilers that will do the trick and they keep up to date with their counterpart the obfuscators.
Sometimes it is a very useful tool for content creators. I’ll explain. I recently found about a set of components that an individual was selling on his web when I opened a SWF file in FlashDevelop. I would have never been exposed to this creations if it wasn’t for the fact that I check the classes involved on the application. This particular SWF file was nothing but a clever use of Google APIs, PaperVision and some commercial components from this site. If you have released a component or other code, you know that once an author encapsulates their flash there is no easy way to claim that some of your code might be there.
OpenSource is a great idea, and probably unavoidable, but for content creators, programmers and artist (they are all the same) this might be a hard road.
Ask yourself first: Do I have to do something?
Flash Pirates can be more or less deceived. Protect your work to a minimum and you will be saving yourself from 95% of your work appropriation. Still worried about the rest 5%? It’s futile. SWF Hackers can be as persistent and methodological as your browser is. If your content is open to be read and interpreted by a browser, it can be too be read and interpreted by a human given enough time.
they will have it.
“Bad enough” is the key here, and I will be posting some tools and techniques to test how far those hackers are eager to go to open your code. But in the end, remember, you learned from other’s code. Be generous and let other learn from you. Spend your time coding the next thing, not protecting what you’ve already finish!.
Thanks for the great informations. I have some questions:
- Is it possible to edit air files?
- Can we encrypt a air file?
Thanks and keep the good stuffs coming ;)