We have implemented the SecureToken parameter, but its very easy for people download the SWF and then get the token from there. Then, they surface our site using RTMPDUMP. We have tried to obfuscate with a 400usd license from SecureSWf with no luck, people still can hack the JWplayer somehow. Is there any other wowza security that we can implement, we have a free site, so no user/password are good for us. I feel wowza is really really unsecure so far.