Hi there I want to know how secure Flex is. Is there a possibility to generate the source out of the swf-file? I mean for example if I have my Actionscript and MXML files and compile them to a swf, can I get the source back out of the swf file?
With kind regards
Sebastian
Yes, it's possible using a swf decompiler. They're not perfect and won't always produce pretty code but it is possible.
That means you should not store secrets, like usernames/passwords inside your swf. You also should never trust the swf to calculate important values. For instance, if you were making a bank application, calculate interest on the server and not the client. Or if you're playing a game, don't let the client make any important decisions about the outcome of the game.
If you are in the US, your best defense against this is Copyright law. If you find someone copying your work sending a DMCA takedown notice is a fairly easy thing to do.
You won't get the original flex code back though, you will get everything in actionscript code, sometimes with different variable names (the ones used internally).