If you’ve slaved away over a hot keyboard creating the latest and greatest Flash application, only see it or derivatives of it surfacing all over the web, then you have been hit by someone using an SWF decompiler who has decompiled you SWF file and repurposed the content for their own needs; be it ActionScript, Sounds, Images or Structure.
To say its annoying is an understatement when it’s a personal SWF file, but what about when the content is for a commercial enterprise? The ramifications here could be far reaching and demand separation of content and business logic from design elements if the SWFs are to be presented to a public audience via the internet. So what can you do against this type of plagiarism to protect your files?
There are several options available as follows (not a definitive list):
– Use Server Side ActionScript (SSAS)
Exactly the same concept as Flash MX / MX 2004 ActionScript apart from the fact the ActionScript resides on the server and is referenced via several different methods; this can become expensive as you will need access to an installation of Flash Communication Server.
– Use SWC files in Flash MX 2004
Create compiled code in the form of .SWC files which will allow further protection of SWF source information.
– Use Code Obfuscation
There are several tools that you could use in addition to Flash MX to obfuscate your SWF files that would make the SWF decompilers unable to reverse engineer them easily, but this has inherent problems. As soon as a new version of the obfuscating application is released, this is usually countered by an updated release of the decompiling application, so you end up constantly chasing your tail.
I’ve been unable to find any decent obfuscating software to stop decompiling basic Flash MX 2004 SWF files, but here’s a command line obfuscator that may be one to watch in the future when it’s finally released in it’s final format hopefully for ‘2004.
Flash plagiarism is serious and annoying when you are on the receiving end of it, but there are many advocates of the open source Flash format specification who would argue otherwise.
Certainly, when you wish to view client side code within web pages everyone has at some point used ‘View > Source’ to see how something is done, but I disagree with plagiarizing others work on any level.
I’ll be updating this thread as i recieve more information or there are more Flash community updates on SWF protection.
sgrosvenor
