We have a client / server setup and the client is a Flex application. We are afraid that hackers can eavesdrop the client / server exchange and connect to the server with a spoof client.
How do we make sure a client that is connecting to the server is not a spoof client? We can put a private key inside the client for authentication but that can easily be defeated by a de-compiler.
What do you suggest?
Thanks.
