Flash Obfuscators
One of the major concerns of using Flash to develop serious applications is that the code is not safe from decompilers. All the images, sound, and ActionScript code created can easily be "ripped" or copied out of the Flash movie. There is no definite solution to this because the Flash format is open, to encourage more developers to integrate Flash support into their own products.
People can make money off someone else.s work and pass it off as their own. One.s intellectual property can appear on very questionable websites. Therefor it.s nearly impossible to create a commercially viable product using pure Flash. The business and security logic is completely exposed to the public.
There are a lot of tools used to decompile Flash movies, but there are also some methods and techniques that can be used to foil these tools and protect the work product.
While developers tend to consider that decompilers encourage plagiarism, there are also a lot of people who claim that Flash code should be viewed and shared freely just like the HTML source of a website. The truth is that a lot of learning is done but studying Flash files and the ActionScript code.
To protect this code there are ways to obfuscate it and hide it from decompilers. Products especially created to do that can scramble the variable names and text references from the ActionScript code into strings that are difficult to reverse engineering. It is not a 100% full protection but it sure discourages the user from figuring out the base code.
The MDS Message-Digest Algorithm and the TEA encryption algorithm are used to encrypt passwords hard-coded in the Flash movie and can also be used to encrypt Flash text.
Another method is based on scrambling the ActionScript into machine-readable source code by replacing the variable names and identifiers with a scrambled sequence of letters that makes it very difficult to reverse engineer the ActionScript.
A Flash movie normally relies on branched instructions and a consistent flow. Those who are comfortable using assembly programming can obfuscate the Flash movie by manipulating the execution sequence of instructions and create irreducible loops.
More recently Flash MX 2004 from Macromedia incorporated support for the compiled components and the SWC format. Compile code modules can be created with built-in code hiding.
In these conditions it is recommended not to rely on client-side Flash movies to store important information. The business logic should be kept on the server side and the ActionScript obfuscated in order to create commercial Flash-driven applications well protected and secure.
Obfuscation Tools: