Results 1 to 4 of 4

Thread: SecureToken and SWF decompilation

  1. #1

    Default SecureToken and SWF decompilation

    Hello

    We have implemented the SecureToken parameter, but its very easy for people download the SWF and then get the token from there. Then, they surface our site using RTMPDUMP. We have tried to obfuscate with a 400usd license from SecureSWf with no luck, people still can hack the JWplayer somehow. Is there any other wowza security that we can implement, we have a free site, so no user/password are good for us. I feel wowza is really really unsecure so far.

    Thanks

  2. #2
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    Are you using rtmps or rtmpe? Take a look at the new Security Overview article:

    http://www.wowza.com/forums/content....urity-overview

    Richard

  3. #3

    Default

    I'm using RTMPE. I was thinking they might be getting the token using wireshark or other method once the code left the SWF.

  4. #4
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    The Security Overview is a thorough look at the options, except a custom security layer. For example, expiring links as in this Wowza customer's post:
    http://www.wowza.com/forums/showthre...(all-methods-)

    We don't have any Wowza examples like that because the point is to make something up. Of course your options are more limited without user authentication.

    Richard

Similar Threads

  1. question on .swf files
    By Screener in forum General Forum
    Replies: 3
    Last Post: 04-13-2012, 08:38 AM
  2. SWF Verification
    By ViperBR in forum General Forum
    Replies: 1
    Last Post: 11-25-2011, 06:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •