flex-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik de Bruin <e...@ixsoftware.nl>
Subject Re: Flex AIR iPad App security concerns
Date Wed, 04 Mar 2015 09:49:58 GMT
You may want to check out this technique:

http://www.ghostwire.com/blog/archives/as3-hiding-assets-and-code-by-embedding-swf-within-another-swf/

EdB



On Wed, Mar 4, 2015 at 9:17 AM, Deepak MS <megharajdeepak@gmail.com> wrote:
> Hello,
> We have developed some apps specifically for iPads and there have been
> rigorous testing from security team using some hacking tools. What these
> tools do is they display all the code variables and their values from the
> ipa file that we provide to them. Due to this, our app db locations(sqlite
> files for offline app) and passwords used(to unzip a secured zip file, that
> gets downloaded, using ANEZipFile native extension) are clearly exposed. It
> literally shows all the coding that has been done (still wondering how can
> this be possible from swf and then from ipa).
>
> I'm new to security thingie and have no idea. Can anyone who have worked on
> this kindly  share best practices?
>
> Some screenshots from the tool which shows the variables and values used in
> the app:
>
> http://pbrd.co/1M69vES
> http://pbrd.co/1M69MYB
>
> App is built using Flex 4.13FP15AIR15.
>
> Appreciate your help.



-- 
Ix Multimedia Software

Jan Luykenstraat 27
3521 VB Utrecht

T. 06-51952295
I. www.ixsoftware.nl

Mime
View raw message