Wednesday (1 Oktober) – The Last speaker day!
He gave a demo about things to remember when coding in Adobe Flex. What pitchfalls there are and what classes to extend when building components. For example always extend the UIComponent class en override certain functions you need, like the update functions.
This is the person behind the google analytics air application. He discussed his vision about what you should track and that there where people using information that is not reliable. He also showed us some projects he is working on and ideas he made.
One idea was to gather al sorts of information of visitors and making use of flash, for drawing regions. Where region 4 was good and if where things drawed in other regions, than people where not finding what there looking for and he knew there was kind of a bug or his menu was not logical.
This session was very usefull, it was about ‘stealing’ someone other swf to just check how they build something. It was a sport for him to decompile swf files and putting them back together, not for abuse, but for educational purposes only.
It showed me that securing you swf files is just plain impossible to do. There are ways to do things, that made it harder to see, but that would mess up your code, so when deploying to a live enviremont you really can’t see what is wrong. This was called obscuration of your code, there are different ways of doing this, by framework or buy ing actual software.
He also talked about Byte Code and how to ‘read‘ this, so you know what value or variables it should or could be. He than ‘hacked’ the swf file for Adobe Express, and managed to rebuild some classes for the filters in that program. He also decompiled a swf file from someone, who had made a change in his debugging so he could log in easy. He forgot to remove debgging code when uploading to a live invirement.
Basicly you could decompile the swf and see a statement that checked, if your where a admin or standard user. He then saw that he used a email adress twice for logging in. He tried and indeed logged in by entering his email twice.
There was one program that maked sothink crash when trying to decompile, what will likely not last very long.
You can find the presentation slides here.
Koen de Weggheleire
Talked about bitmapdata and how to manipulate bitmaps with actionscript 3 and saw some of his work.
He showed us an impressive demo where he was writing code for reading QR in Flash. It can contain a message, more or less like a bar code.
A very cool session where he showed his work from the past 8 years and shared his experience, imagination and creativity with us. Check out his website here.