Comments on: Flash is secure. http://aralbalkan.com/61 Aral on Flash, SWX, Flex, ActionScript, and life. Tue, 07 Oct 2008 17:14:09 +0000 http://wordpress.org/?v=2.5 By: Aral http://aralbalkan.com/61#comment-69930 Aral Wed, 05 Sep 2007 10:19:38 +0000 #comment-69930 Hi David, That's not what we're talking about when we talk about security. There is no obfuscation or DRM in Flash at the moment, that's a given. By security, we're talking about exploitable security holes within the player. You can reverse-engineer any SWF file and find the paths to used MP3s, FLVs or any other assets. This is not a revelation, it's just the way it's always been. Nothing in a SWF is any more hidden than anything in an HTML page. It's just a little harder to get to it as you need to decompile the SWF bytecode. Many tools (like Burak's excellent <a href="http://buraks.com/asv/" rel="nofollow">ASV</a>) exist that can do this. Hope that clears things up. Hi David,

That’s not what we’re talking about when we talk about security. There is no obfuscation or DRM in Flash at the moment, that’s a given. By security, we’re talking about exploitable security holes within the player. You can reverse-engineer any SWF file and find the paths to used MP3s, FLVs or any other assets. This is not a revelation, it’s just the way it’s always been. Nothing in a SWF is any more hidden than anything in an HTML page. It’s just a little harder to get to it as you need to decompile the SWF bytecode. Many tools (like Burak’s excellent ASV) exist that can do this.

Hope that clears things up.

]]> By: david roma http://aralbalkan.com/61#comment-69900 david roma Wed, 05 Sep 2007 07:32:34 +0000 #comment-69900 security of flash player can no long be guarenteed. a friend of mine recently discovered a way around it, try me, put any mp3 or video (that is impossible for me to download for free anywhere else) in a secure flashplayer and il email it back to you as it is. regards security of flash player can no long be guarenteed.
a friend of mine recently discovered a way around it, try me, put any mp3 or video (that is impossible for me to download for free anywhere else) in a secure flashplayer and il email it back to you as it is.
regards

]]>