For Windows, Mac, and Linux!
ActionScript encryption (or byte-code obfuscation) makes decompiled ActionScript confusing and hard to understand. It's not real encryption, but in the context of code, it might be better. Although actual encryption can make your code entirely unreadable, it suffers from a classic encryption flaw, it needs to keep the decryption-key with the encrypted data. An automated tool could be created to decrypt the code. Once that happens the fully unencrypted, unobfuscated code is in plain view.
With all of that said, this should not be a showstopper. secureSWF implements four very effective ActionScript encryption techniques to protect ActionScript against decompilers that can be applied by several orders of magnitude,
secureSWF manipulates the byte-code instructions in SWF files using techniques to foil, and even crash, Flash decompilers preventing them from generating anything useful, while leaving the Flash application's behavior and output intact. Here is an example where we applied some of the techniques and luckily, one of the decompilers generated something to demonstrate (all others crashed):
private function getNeighbours(i:int, j:int):Array{
var a:Array = new Array();
for (var k = 0; k < 8; k++){
var ni = i + int(neighbour_map[k][0]);
var nj = j + int(neighbour_map[k][1]) ;
if (ni < 0 || ni >= xsize || nj < 0 || nj >= ysize)
continue;
a.push(Cell(cells[ni][nj]));
}
return a;
}
private function getNeighbours(_arg1:int, _arg2:int):Array{
var _local3:Array = -(((null - !NULL!) % ~(undefined)));
var _local4:*;
var _local5:*;
var _local6:*;
_local3 = new Array();
_local4 = 0;
for (;//unresolved jump
, _arg2 < 8;_local4++) {
_local5 = (_arg1 + int(!NULL!));
_local6 = (_arg2 + int(!NULL!));
if (true){
_arg1 = (((//unresolved nextvalue or nextname << !NULL!) + !NULL!)
<< undefined);
_arg1 = (!(!NULL!) ^ !NULL!);
(!NULL! instanceof !NULL!);
var _local1 = (((!NULL! as !NULL!) + !NULL!) == this);
if (!(!NULL! == !NULL!)){
-((true << !NULL!)).push(Cell(cells[_local5][_local6]));
}
}
if (!true){
(_local6 < 0);
(_local6 < 0);
(_local5 < 0);
}
}
return (_local3);
}
secureSWF can do the following to stop Flash decompilers:
loader.load(new URLRequest(
"http://www.kindi.com/getsomething.php?var=" + foo);
loader.load(new URLRequest(?.?(-581, -881) + foo);