Hi,
I know this is a strange place to ask security related questions about streams, but I figured who would know more than people who bypass this stuff everyday
I'm looking into some minimal security for some streams and I was reading up on swf verification. The streams in question are RTMP and are run off of Flash Media Server 3.0+
My understanding of swf verification is that you copy your swf files and place them in the swffolder and enable swf verification. Then every time you connect to a stream it checks to see if it is from the same swf, based on filename and size?
I'm using Flowplayer, so in my mind all someone has to do is look what version of Flowplayer the site is using and then ploop it in their site and it should be a valid swf. Even if I was using my own custom swf, isn't is possible to download swf files?