Using ES4 to Protect Your Code

It is widely known that if something can be downloaded to a client machine, then it is hackable. Someone who is dedicated enough can rip apart the file and do things like:

• Decompile the application to get at the code.
• Modify the code and recompile.
• Steal the code.
• The person can just extract assets such as images and audio.

There is nothing you can do to guarantee the protection of your file. But you can take measures to make it very difficult for people to mess with. For instance, obfuscating code makes code unreadable.

With ES4 there is something else that you can do to help protect your client-side Flash application. ES4 fully supports a true binary protocol. ByteArrays can be exchanged between the client and the server. Any binary file can be represented in a ByteArray.

The idea is very simple.

• Put the important SWF somewhere non-web-accessible, but where ElectroServer can get at it.
• Have another Flash client (one whose code you can stand to lose) connect to ES4.
• This client then requests the SWF file from ES4. The SWF is streamed to the Flash client over binary socket as a ByteArray.
• When the load has completed, the Flash client uses the Loader.loadBytes() technique (see Flash help) to convert the bytes to an actual MovieClip.

So what does this buy you? Well, now it is is substantially more difficult for someone to grab the SWF file that you are trying to protect.

This is just another layer of security. A person can still intercept the client-bound stream using some other tool and, if they understand the complex ES4 protocol, they can extract the specific SWF bytes.

Obviously you can add another layer of security in here by encrypting the byte stream so that anyone just grabbing the bytes still can't do anything with them, short of knowing encryption information.

Hallmark builds Virtual World with Electrotank

Easter has pasted and HallmarkPark is starting to see more traffic. Couple weeks ago Hallmark released their first virtual world with the help from the Electrotank team, ElectroServer 4, and Electrotank Universe Platform (EUP) technologies. We are still working out some things but what we have accomplished is quite amazing, delivering a project of this magnitude in couple months. Create a character, get rare items, and play games with other players. Who knows you may make some new friends along the way.

Check it out
HallmarkPark

-Robert

ElectroServer Games on the Wii

If you are Nintendo Wii fan then you undoubtedly know that you can browse the web with it. The Wii uses the ever-popular Opera browser. Currently this version of Opera (version 9) supports Flash Player 7 content and older.

You can develop Flash games using Flash CS3 and ActionScript 2 and set the publish settings to output to the Flash 7 player and ActionScript 2. If you make the game primarily mouse controlled then your game will likely translate to the Wii very well.

Check out this great Hot Wheels game that uses ElectroServer and is available on the Wii! Mattel is building an impressive list of Wii-ready Flash games in their Wii Games Arena.

Developing multiplayer games for the Wii using ElectroServer is just as easy as developing a mouse-based game for the PC. Users browsing from their PCs or Macs can match up against Wii gamers. Pretty much all you need to know is this:

• Make the game mouse driven.
• Ouput to the Flash 7 player.

Flash Player Security Changes in FP 9,0,115,0

Adobe has just released a new update with some Flash player security changes. These changes can keep people from successfully using existing applications that load external data (applications that work with older players). Thank you Adobe.

The good news for ElectroServer 3 and ElectroServer 4 developers is that you will likely not be affected by this change. The changes in the security model take pages to explain and can be read here:
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html

To sum it up succinctly - Policy files are always required for socket-driven applications. Since ES automatically serves up a policy file on connection, and since ES4 loads a policy file by default, then ES4 developers should be the only Flashers out there not sweating right now!