Flash :: Help SWF Security

Security
I realise that it not the most secure site in the world but I have organised a static site that has password access using arrays in flash. Simple but Adv.s and Disadv.s from anyone? I have already taken care of the obvious and put all important frames not on the scene timeline (in nested movie clips instead) so that the user can't just right-click and progress the frames to get access.
It is a temporary arrangement but I would like a deeper understanding of the current situation.

Any help and insight would be very useful thankyou.

SWF Security
I just wanted to ask if SWF files are secured? What I mean is that can programmers/hackers get or take a view on the source code by using the swf. Or can hackers determine the variables that are being passed from one swf to another swf or can they track variables sent from swf to databases? Hope to hear from you guys.

Security
Does anybody know how to really protect yor actionscript in flash MX.
It's so frustrating spent so many hours to develop an application and people using swfdecompiler, flasm or etc still your code.

Security
question: how to disable to someone link my flash to another site, or should i said steal?

Security
Can we make our flash movie run on computer only when that CD is inserted in CD rom. it should not run by copying the same flash file on hard disk. it should always ask for cd.

Security
what is the best way to stop people nicking your swf as heard this can happen

thanx

shaun

Security
Ok, so i have my main movie loading external SWFs,,,, now what is to stop people from just downloading the swf,,,, for example,,,,

"www.mysite.com/mainmovie.html"

when u press a button u load movie.swf

so in my directory its ;

"www.mysite.com/movie.swf"
how do i stop people from being able to go directly to movie.swf, or even downloading it ,,,,,i only want the MAIN movie to be able to access it.

thanks in advance

Security?
i've heard recently that SWF decompilers
are running about...and are probably legal

is that true?! then Flash files arent safe anymore
people can change the file's credit to whoever!

and oh yeah, in terms of contect security, which ones
better, java or flash?

anyway, haha i had nothing much to ask ryt now.

Getting By The Security Pop Up
is there a way to prevrnt I.E from asking this each time the page is loaded without haveing the person viewing the page adjust there security settings.

Security
can anyone tell me the importance of putting security/protection on your .swf files?

About Security...
just a n00b question:

is there a way to read the actionscript from a swf?
was just wandering... till now i have used passwords like when i send them to a php script, the php checks if its correct.... but is it safe to just create a password field on the first frame and then the password protected stuff is on the second frame?

sry for sucha stupid question :P didn't find an answer anywhere...

FMS And Security
When I try to connect from a file "client.swf" to a FMS application (eg.

nc.connect("rtmp://www.myServer.it/myApp/room_1") ) the player shows the following message to the user:
Macromedia has stopped a potential unsafe...
The following local ...client.swf
is trying to comunicate...www.myServer.it

Is it possible within client.swf (or in any other way) to trust the domain in which reside the server

application, avoiding the user be prompted?
Thanks in advance
Beaver

Security Is At It Again. Is This Possible?
my program loads a web page and operates on it then displays stuff.

now security dosent allow me to do this if i put this file on a server. any ideas?
i do not have access to the domain i retrieve data from.

Security
I have an AS3 application (SWF) that uses a URLLoader to load an XML file from my own file system, and then uses SWFLoader to load images, swf's, and so forth also from my own file system. This application will run in many IE-based browsers (SlimBrowser, Avant, etc) with no problem as a stand-alone application.

However, with Internet Explorer itself (version 7 or higher I guess) as well as Firefox, it will not run unless I include the directory of the SWF and the other files in a FlashTrustFile. Putting a directory in a FlasTrustFile file means you trust SWF's in it to access both the internet and the local file system. But my SWF is not accessing the internet, so I don't understand why the FlashTrustFile is necessary.

This would be especially problemmatic if I want to show the application to someone else. i.e. telling them they have to set up a "Trust File" just to view it (although I have written a simple utility to facilitate that.)

However this bring me to my second problem:

I tried emaling the SWF along with its related files to myself, and my email browser flagged it as a virus. Even after I downloaded all the files into a new directory, none of my browsers would let me run it. If I turn off virus checking in the e-mail client that solves the problem, but I what do I tell others - "To view this, you have to turn off virus checking in your e-mail client." That would be unacceptable to anyone.

Sorry if the simple solution to all this has eluded me.

Any help?

Security
I'm creating an area on my site for visitors to view several flash slideshow type presentations. These presentations have audio also. My problem is that I don't want these presentations to be cached on visitors PC's and allow them to be distributed without my permission. I could seperate the audio and stream is with the flash presentations but unfortunately my host does not offer this service.

My question is, how can I secure my flash presentations?

- Thank You -

Security
Hiya

Just a quicky, I was wondering about making some kind of shopping cart or shop in flash but dont really know how or anything about this.

Is there any tuts on it or can someone just let me know if its actually secure or not. If not then i wont bother

cheers

Craig

FCS Security
Hi, I have a question.
On my FCS server a user can connect to my rtmp (rtmp://etc..) from localhost, how can I avoid this? I want that only movie on my server can connect to my rtmp...
Thanks to all

Imran Hashmi
www.visionstudio.co.uk
www.seo-professional.co.uk 0044-7969012441

Security In The Swf
Hi,
I'm a designer considering creating a video project with Flash. I've read some of the security threads on the board, but they are way over my head. I will have a simple Flash file with text and a dozen imported FLV video files. If I use the "protect from import" option, will that keep the videos from being stolen from within the swf? Or, is that just a mediocre hurdle that can be easily overcome by someone wanting to dig into my file?
Thanks.
Karen

Security
Is it possible at add security to control who views captivate/shockwave files other than digital rights management?

Security
I have flash application. I use swfkit to convert my application to EXE.
but my question is, data that is transferred between my exe and amfphp isnt secured !?

how to secure this data ? so that it is crypted or something.
if others can hack to this data that is transferred between the client and server, it can do alot of damages for the user whos using client-application

Security In FMS
Hi guys,

I have FMS on my server but I have 2 questions on security ..

First: How can I make a User & Password request when connecting to the server through FME
Second: How Can I allow and deny specific domains from watching the stream

Regards ,,,,,

FMS Security
Hi,

Is it possible to control who can stream to my streaming server?

I have 4 locations in Europe that have a pc with a Webcam and Flash Media Encoder Installed

Each FME is profiled to stream to my FMS and I have a 4 Camera Console Built for Live Meeting Situations. It works fine.

It seems though that the local "IT" guys have figured out the rtmp streaming path and I have seen on FMS on several occasions these guys having their own "Video Chats" just by changing the stream name.

I want to stop this if possible.

Any suggestions or ideas would be grateful.

Security
Greetings all! Is there any way that you can make a flash movie un-copyable. Going beyond right clicking, im talking when you do a screen print, all you see is a grey box or something
I know this happens when you try to screen print streaming media. If this is possible, any tips on how that might be done?

Security In IE?
Anybody seen this ever? -- "Click to activate and use this control" (small alt tag over flash area that IE inserts...)

It seems only to be showing on a few peoples browser (IE) , and Im guessing they have extra security / activeX not enabled???

Please can any one who actually Knows what this is, point in me in how to take this out / tell me what browser setting the user needs to enable / unenable ??
Cheers all - pix

PHP Security
I build a php for a registration form for my website that i developed. Somehow security is one of my top priorities in protecting people information
I read an article about filtering but i'm so confused because i'm so new at php. HEre is the original php code fragment.

Code:
<?php
$to = "whoever email address";
$subject = "Join CCF";

$userName = $_POST['visitor_name'];
$userEmail = $_POST['visitor_email'];
$userPhone = $_POST['visitor_phone'];

$headers = "From: ". $userName . "<" . $userEmail. ">
";
$headers .= "Reply-To: " . $userEmail . "
";
$headers .= "Return-path: ". $userEmail;

$message = "Name: " . $userName;
$message .= "
Email: " . $userEmail;
$message .= "

Phone: " . $userPhone;

if (mail($to,$subject,$message,$headers)) {
echo "output=Thanks for joining. We look forward of having you as a member";
} else {
echo "output=error";
}
?>

Here is the code from the article

Code:

Before submit:

$emailPattern = '/^[^@s]+@([-a-z0-9]+.)+[a-z]{2,}$/i';
if (!preg_match($emailPattern, $emailFieldToTest)){
print 'Please review the email address you entered. There seems to be a problem';
}

After Submit:

function safe( $name ) {
return( preg_replace(array( "
", "
", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:" ), "", $name ) );
}
any ideas?

Swf Security
Hi all. I'm a new forum user here and I have some questions. First the info: I use flash studio mx 2004 pro version. I used the flash xml photogallery tutorial for a company's photo gallery. Which isn't online yet cause they would like to incorperate some security to it. Which I too, would like to learn more about, and how to make the flash files and content a bit more secure.

I know nothing is completely secure when it comes to the internet. But where can I find some good resources and tutorials on how to keep the content secure? I've done some searching around but my searches seem to be coming up short.

What I'd like to do is find out how to A: deny a user from hotlinking B: deny cacheing of swf files and content ( gallery images, & descriptions ) C: deny playability locally.

I've seen some places like wolfgangsvault that even somehow hidden the playlist of their music and location. Which also used a cookie session, otherwise wouldn't work. But I believe they used 8.

If anyone has info on any of this I'd greatly appreciate it. Thanks,

Lone Wolf

Security In Fmx
Sorry if this has been answered, but a search turned up nothing useful. I am looking to incorporate a simple online ordering section to my website, simple as in: it will merely send in an email containing the ordering info, and the order will then be completed as if it were a phone order or something. I hope you can see what I am getting at, but my question is basically this: I could use either a PHP script that would send the email automatically (or i guess, put it in some sort of "order database") or use "mailto" to send a filled out email from the users address. Now, is either method secure enough to send credit card information? if they both are, is one more secure than the other? if neither is secure, is there any way to send credit card information through fmx? thanks for the help!

[AIR]Web Cam Security
I made a small AIR apt, I would like to know what you think.
I will be adding a user system to save users individuals images but for now every one is using the same demo account and overwriting the same images.
read more at my blog.
http://gfxcomplex.com/blog/?p=45

Things I would like to see from you are ideas or opinions, please it will help me in more ways then I can say. Thanks.

things in planing:
1: Add a update version checker
2: Add a user system
3: Add a error system handler
4: Add a camera changing system
5: Add a content management system;

PS: you will need the new AIR beta 2 runtime.

Security
How would one secure information transfered between the flash player and the website?

Bitwise the data?

Security?
just wondered if it was possible to stop users being able to print pages of my site or save the pages on thier computer?

the site is a full flash site

cheers
ASH

Security
I just have found that there is a big security issue with possibility to invoke any public method in any assemble in BIN if I use remoting...

Is there any way not to allow accessing a method in assembly but only aspx page?

How can I protect other objects in my assemblies for possibility to call them from Flash?

SWF Security
I'm wondering if there is some way to prevent my Flash movie from being stolen and put on someone elses website.

I was thinking of creating some actionscript that would call a script on my web server which would return a variable ensuring that the swf was on my server. But then I thought that somone could just link to my file on my server and use my movie in their website as well as using my bandwidth.

So does anyone have a solution?

Security
I am having problems with flash security stuff grrr. I keep getting that window that says i have to set security bla bla.

I have some stream on one web site, i have player on other, i want to ba able to load that mp3 stream. I tried putting

System.security.allowDomain("*");
System.security.allowInsecureDomain("*");

and

allowScriptAccess="always" in HTML but the thing just doesn't want to work, when i test it in FLASH IDE, everything is fine, how to set this up?

p.s.
By the way i need to setup that i can acess local files and files on the web

Security Help
I'm working on a site that have this structure: the fully functional online site, with ASP on one domain site.com and a image server img-site.com that hosts images and SWF files; and a mirror site for tests with ASP on mirror.com/local and images on mirror.com/images.

My question is why this is not working: I set an ASP, loaded from mirror.com/local/hotsite/home.asp, that loads a SWF file successfully from mirror.com/images/hotsite/main.swf. When this main.swf tries to load mirror.com/images/hotsite/video.swf, it fails. Why?

In the end, I'll need to set up img-site.com to allow ASPs from site.com to load SWFs from the former. But security sandbox isn't only needed for different server SWFs to load and pass data? Is there any need to setup security sandbox for ASPs and SWFs?

XML Security
So i fined out that it's possible so open .swf files ant look what in it
So the problem is in my .swf like is link of .xml so anyone can open and look what in this .xml but i what what to happen is there any possible way so security my xml file so no one could see it's link or that's inside it
My .xml file in build in PHP

Security?
Hello.
I bet this was posted before but the search doesn't work, so I'll post again...
Well, I made a flash site. and it had few internal problems that arose from the mistakes I made while I made them (ex. scaling, movieclip messes) so I copied the correct parts and fixed the wrong parts in a brand new FLA.
The old fla didn't produce a security warning in firefox, but the new one does. I don't think the publish settings are different. Does anyone have a idea where to look? By the way, the new FLA had some content off other people's open source AS but those didn't even look for or connect to internet for something. And if you guys need the security dialog, I can post one. However, it says that my new swf needs to access itself, and produces a security warning... :!: :D

Any ideas?

Thanks,
Keehun

SWF Security
I'm in desparate need of software that is able to protect my SWF files once downloaded, in order to stop the user from viewing its contents.
Is there such software avaible out there.

DATABASE SECURITY
In what do I build a database for the verification of the username and password...which stays secure and strong..

Security Problem
Hi,
I have an applet that sends and receives emails and cell phone messages. It works fine, but the problem is that I can see the location of the cgi when I open the swf in a text editor. That is not good at all for security reasons. Is there any way to make those URL's invisible in the SWF?
thanx

Flash Security
We're trying to make a determination of how much of a security risk flash could be within our network if enabled. Can someone give me a run down of how dangerous flash could be?

From what I've read, it seems that with actionscript someone malicious enough could plant a virus or something. Or am I wrong in this interpretation?

Thanks for your help.

Scott Wilhelm
Webmaster
Oswego County BOCES

Security Problem
I've created a game and the buyer decided to offer revards for best players. I don't know how to make a secure data upload from flash to the database.

1. Using an encryption is probably without sense, since ASV can get all used actionscript....???
2. Shoud I send a lot of variables to the server, and check if all sent data is logic and calculate the players score using this var. ???
3. ??? Any sugestions ???

Please help!

Thank you!

PHP Security Suggestions
I made a small interface on my website that will allow users to send me a SMS message via PHP.

It requires the user to enter their name and message then click submit.

I then take this info and send it to my SMS email address where I receive it as a SMS message.

Unfortunately, I published the website on this site and someone hit me with 68 messages this morning with bogus text in the message. I have since removed the PHP file until I think of something better. This question alone may unleash the deviants.

My questions are...
1) Is there a way to make this a bit more secure?
2) Is there a way to require fields to be filled out?
3) If I added an email address field...even if I didn't use it in the PHP and even if the user entered in a bogus email
address...how do I only allow properly formatted addresses?

Any suggestions would be appreciated.
Thanks.

File Security
Alot Of Programs these days are being used to sneak on Flash files and steal codes and images how can I protect my .swf file ??

?? ??

Security Question Re. CD ROM
Is there a script that will stop a swf from playing unless the swf is located on a CD?

I had a script that did this, but it was Director Lingo and it worked there no problem.... But I still need to protect this swf...

Any help would be greatly appreciated!
Thanx

Flash Security ?
hi all, this is for flash 5.

i am creating a new site layout for my site and am using the load movie function throughout the site. i want to add a login area for clients so that they can view hit counts etc. So i decided to have an action script login that rests in an external swf that is loaded when the user clicks on a client button.

1) is this secure ???

2) is it possible to create an swf that can only be opened once loaded into a main swf ???

thanks
protocol

Security For Websites?
Does anyone know where I can find a company that will set up a secure section on my company website (preferably with high level security)?

This can be like a simple log in section that requires a username and/or password. This doesn't have to be done in flash either.

Any leads would be more than appreciated....

Thanx in advance....

Help SWF Security

what is the problem for SWF file won't work in IE?In my All SWF files working in browser as well, but one SWF file not working in browser. What is the problem may be? please send reply

what is the problem for SWF file won't work in IE?

In my All SWF files working in browser as well, but one SWF file not working

in browser.

What is the problem may be?

please send reply