I finished up my 360 presentation on Encrypting Flex, Protecting Revenue, and Making Cash yesterday. I’m quite pleased with it. It’s fairly slide-light and demo-heavy which is what I enjoy when going to 360 sessions.
I’m going to be showing a number of different encryption techniques, looking at several obfuscators, and showing what an cairngorm modular app looks like (in development) when each module is encrypted and protected from decompilers. I’ll also go over a couple of techniques to protect your revenue stream from an application, and also a couple of ways you/your company can make additional cash or save time and money (which is pretty much the same as making cash).
If you weren’t quick enough to get tickets, too bad, so sad…All sold out! I believe they’re at least going to have screencam and audio from my talk. If I get ahold of it, I’ll post it here afterward along with my code examples. See you at eBay.
I work as a contractor for Simplified Logic, one of the sponsors of the 360 Flex San Jose event. I’m going to be speaking along with David Bigelow in the presentation entitled Making Money with Flex. At SLI, they use their nitro-lm (license management) product to track and control usage and licensing of an application. It also has notification features so you can get an e-mail when one of your customers maxes out licenses, isn’t using your software for some reason, or any number of other significant events. Another aspect of the software is to protect your code from decompilers using a public/private key encryption algorithm.
Given that there is only limited time to present, what areas do you think we should focus on? The business case stuff, license management and tracking, or a deep-dive into encrypting flex applications?
I’m working on some new types of SWF file encryption to demonstrate at 360 Flex San Jose. If you’ve read my Inside RIA articles, you know that the main technique used by NitroLM to encrypt swf files is to create a wrapper application and load/decrypt the real application using a SWFLoader. The problem with this technique is that it’s a little bit kludgy and adds deployment complexity. It also has some difficulty in AIR in that if you wrap an <mx:Application> inside an AIR app, you won’t be able use some of the Native AIR functionality.
I’ve been dilligently working on a new technique for encrypting modular applications. Basically, you’ll write your flex or AIR app as you normally would and break up functionality into modules loaded by <mx:ModuleLoader>. You could also put pretty much all of your code in a single module if you wanted to. Then, when you’re ready to deploy, just comment out the <mx:ModuleLoader> tags and replace them with <nitrolm:EncryptedModuleLoader> tags.
There’s a few other steps including encrypting the module SWFs with an AIR application called AssetEncrypter, but the process is much more straightforward than the wrapper technique. It’s also much easier for the developer to code because they don’t have to deal with the keys and decryption themselves. All of the complex functionality has been done for you in the <nitrolm:EncryptedModuleLoader>
Here are my 3 articles for InsideRIA on Encryption in Flex applications.