Archive for December, 2009


Out walkies

Why yes, there has been a dearth of posts recently, you may have noticed. And there will be for a couple weeks yet; not because of particularly insanely overcommitted deadlines which is the usual reason you see gaps here, but because we’ve gone out walkies over the Christmas season which we figured was about as downtime as things would get around here in the foreseeable future.

So let’s play “Where’s the Troll?” shall we? Here’s a snap from a couple days back at a vista which is regarded as veritably iconic for the region, so if you’re impeccably well cultured you should be able to identify this right off. Hint: the iconic view of this particular place is generally a shot taken at high tide, so it looks like it’s floating. But at high tide you can’t get a shot of you standing in front of it. Well, we suppose you could swim out, but that would be a pretty funny-looking picture.


So, our no-doubt Well Traveled Readers, where in the world is the Troll, do you think?


Bork3D Engine

Here’s another option for you if you want to do a 3D game and are leery of the closed source options: Bork3D!

Do you have an iPhone game project that you want to get off the ground quickly? Get a substantial leg-up by building your project on a proven foundation, the game engine that drives Anytime Golf: The Bork3D Game Engine.

The Bork3D Game Engine was built for mobile platforms. It actually has it’s roots in Rude Engine, a high-performance graphics library for Pocket PC, Symbian and N-Gage. Performance and scalability is considered in every corner of the Bork3D Game Engine. If performance is a criteria for you, seriously consider this engine.

But this isn’t a complete game engine by any stretch of the imagination. We don’t want to over-sell you. If you want in-game content creation tools, a scripting language, and you basically want a cookie-cutter game made for you, you’re looking in the wrong place. This engine is for people with some programming experience and the drive to make something that stands apart from the crowded iPhone game marketplace.

Yeah, we could live with that, especially with this feature list:

You get all the source code. Approximately 15,000 lines of C++, not including support libraries. All code is thoroughly documented in Doxygen format.

OpenGL ES abstraction layer. The Bork3D Game Engine provides an abstraction layer for graphics rendering so that your draw calls can be easily ported to other graphics APIs.

Debug-rendering API. Need to figure out where something is? Debug renderer to the rescue.

Component-oriented game object system. Game objects are designed to be easily extensible.

High-performance static and boned mesh rendering system w/ tool pipeline for 3dsmax, Maya and Collada.

Decorator system for rendering billboards. Includes primitives for in-game placement of decorators.

Texture manager w/ tool pipeline. Load and unload textures in PNG and PVR format. PVR is the preferred format for iPhone textures.

Tweaker for changing game variables via a web browser. Edit game state in real-time for rapid iteration times.

User interface widgets w/ abstractions for handling iPhone user input. The UI system is fairly primitive but it’s enough to build most game UIs.

Font renderer w/ tool pipeline for generating fonts. Includes Unicode support.

In-game profiler. Performance matters, find out where your bottlenecks are with the provided instrumentation system.

Audio system for sound effects and background music. Supports AAC and MP3 streaming audio and WAV for sound effects. Mikmod integration is also available on request at no additional charge.

Integration with the Bullet Physics SDK.

Unit test framework.

Bork3D Game Engine Developers forum. Get help and chat with other developers using the engine.

For the price of

If you or your business earns less than $100,000 per year you qualify for the $49 per developer Indy License. The Professional License is $199. (See the license agreement for exact details). Don’t let the price fool you. We’re just undercutting the competitors to get your attention.

there’s pretty much no downside here, yes? Soon as we have a 3D-required project, we’ll definitely check it out!

h/t: idevgames!


Tip: Keychain vs. Pirates

So you’ve no doubt heard ad nauseam about the problem of piracy of App Store-sold apps, and you may remember our opinion that it’s just not worth going to a lot of time and effort trying to stop it directly.

However, we’re certainly interested in ways to structure your development to avoid the problem, and in-app purchase you also may have heard is an excellent way to approach that as it has not been cracked in the general case. And now that it’s available to free apps, the trial then in app purchase model looks like an excellent one to adopt; we’ll be trying that out soonish.

The problem is, to the accomplished cracker it won’t take too long to figure out how you handle the enhanced functionality within your code. Longer than running a script over the binary like a raw App Store purchase, yes, but that just means there’s more mad leet skillz brags for them there. So you need something that’s really challenging. And from this dev forums thread, here it is:

My first attempt was to make use of the SKPaymentQueue restoreCompletedTransactions. I had it all working and then discovered that calling this results in the user being prompted for their iTunes account password. The user experience wasn’t nice. And then on top of that the returned restored transactions don’t have the original transaction receipt. I wanted to compare that against the original one I was storing after the original purchase. So much for validating that the user has made a legitimate purchase.

Then I started to think about encrypting the data in the NSUserDefaults but then I’d have to deal with export regulations.

Then I remembered the keychain. The GenericKeychain example app shows how to store a user’s password in the keychain. And the password is encrypted, even the backup from iTunes onto your computer is encrypted. And the keychain survives the app being deleted and reinstalled.

So that’s what I’ve done. When my app processes an in app purchase I store a flag as a password in the keychain.

Unless the hackers and jailbreakers have a way to crack iPhone keychains my app should be safe. I’ve done a few other tricks to obfuscate my code so no naïve searches of the app will result in critical strings representing the keychain identifiers being found.

Yeah, that should slow them down pretty darn good. I wouldn’t bother going too deep with the ‘other tricks’, but since the code for this approach can be found in the GenericKeychain sample app; with a couple addings of kSetAttrAccount where kSecAttrGeneric is used in KeychainItemWrapper -init, you can simply call to store in the keychain

KeychainItemWrapper *wrapper = [[KeychainItemWrapper alloc] initWithIdentifier:@"some key" accessGroup:nil];

[wrapper setObject:@"private value" forKey:(id)kSecValueData];

[wrapper release];

and to retrieve it

KeychainItemWrapper *wrapper = [[KeychainItemWrapper alloc] initWithIdentifier:@"some key" accessGroup:nil];

NSString *value = [wrapper objectForKey:(id)kSecValueData];

[wrapper release];

So yeah, that looks like a pretty solid security model to use in general, and very likely worth its little effort to slow down the pirate hordes!


App Store Data Mining

Those clever sparks over at MobileOrchard are at it again: there’s a fascinating new series in progress on App Store data mining which is worth checking out. Two articles in it so far:

App Store Data Mining Techniques Revealed – Part 1

The App Store is a treasure trove of data. App Store data can help you pick a category/segment, track trends, find the right price point, chart the total number of apps, track the rate of app approval and much more…

As is almost always the case, this is best explained with an example. I’ll use a straightforward example to: let’s calculate the average selling price (ASP) for the top grossing apps…

Part 2: Scripting App Store XML Downloads

In part one, we used a proxy as a man in the middle to save a copy of some interesting data from an iTunes session to disk. Using a proxy is handy for ad-hoc data mining tasks. However, for recurring tasks, it’s handier to leave the proxy and iTunes behind and grab the XML directly. This article will show you how…

So hey, if there’s something you want to know, there’s how to go get it!

And while we’re on the subject of MobileOrchard, we’d like to draw to the attention of your holiday spirit their current blegging campaign, which leading by example we’ve kicked in $50 to — hey, the amount of their content we nick for posts here, that’s the least we could do!

OK, so what actually got us to shell out was looking at all the goodies on offer for your donation, and noting that $50 was significantly less than the cost of Accessorizer and the eddit icon set both of which we’d been meaning to get around to buying sometime; and that’s just the start of it. So skip the high-minded sentiments or sense of obligation, if your tool chest needs rounding out the $50 is a great deal on its own merits!


BYU Open Source List

Here’s a great list of open source projects for Cocoa and Cocoa Touch, maintained by the BYU chapter of CocoaHeads.

We do try to keep tabs on useful open source projects, but there’s a number in that list that are new to us. Share and enjoy!

h/t: StackOverflow via The Flying Jalapeno Lives via iPhoneFlow!


Malware Primer

So, ever wondered just exactly what personal information you can harvest in your app without running afoul of the approval process? Well, here is your primer on How To Easily Violate iPhone Privacy. We kid, we kid. We know you only want to know for defensive purposes, just like us.

Nothing really shocking or even particularly surprising there, with one possible exception — apparently the keyboard cache is readable from a well behaved (by SDK compliance, we mean here) program and contains every word you ever typed in a non-password field, in order to help autocompletion apparently. Yes, we can see how that should probably be a blocked off system service. Other than that, it’s stuff like reading your address book and tracking your location which it should be pretty obvious to you would be easy to do, but hey give it a read in case there’s some surprises…

… or just download the “SpyPhone” code from github which demonstrates exactly what a going rogue application can collect!

h/t: slashdot!


Sarah Melody

Well, it’s been a while since we had news of a successful troll — rejection-free first try acceptance, w00t! — release in the App Store; so why yes, today we have one for you, the first fruits of our association with local whiz kids Appnovation Technologies. Great folks all around over there so be sure to check them out for your Drupal and Alfresco projects. Or iPhone, of course. Like today’s App Store debut, a promo piece for budding Ontarian chanteuse Sarah Melody. Sort of our apology to all you non-Canadians for that whole Celine Dion thing.


Yes, yes, it’s yet another Trollwerks product featuring cute girl pictures. You’re just sorta taking that for granted by now, aren’t you? It’s all pure coincidence, we swear. Any-ways, there’s music snippets with iTunes links, YouTube streaming video, and various social media integration, all wrapped together with full motion video sequences, working nice and smooth even on a 1G iPod touch. So if you’re at all into the bubbly pop/rock thing, or you just want to gaze in awe at our spectacular production work, grab it — hey, it’s free! — and pick up a song or seven to help demonstrate just what a great marketing tool free iPhone apps are, hmmm?



Google App Engine 1.2.8

In case you missed it, Google App Engine 1.2.8 has just been released.

Just so happens that we’ve been getting right into learning Google App Engine and Python its language of first choice the last few days — over which you’ve no doubt noticed a dearth of posts — for the server side support needed for the latest project being beaten out of raw opcodes down here in the Trollwerks foundries; and why yes, yes we’ve been most favorably impressed with both.

Point the first: If there is anywhere, on any platform, a web service development setup that even approaches App Engine Launcher on Mac OS X, we certainly have never heard of it. Code in tandem with your client in Xcode, get everything sorted with the marvelous console support, and deploy live with one click once satisfied.

Point the second: The System Status Dashboard and all its goodies are likewise far and beyond anything else we’re aware of for monitoring, tuning, and debugging your deployed web service.

Point the third: The pricing is attractive — particularly for developers, because the free quotas are far more than you have any reasonable expectation of using during a development cycle.

And we could go on for a while, but you get the idea. For convenience and elegance of developing a small to medium web service to support your iPhone app, we don’t think there’s anything else even worth considering.

And if all this sounds interesting, we have a further recommendation for you — buy the just released Programming Google App Engine book by Google engineer Dan Sanderson:

No, don’t keep reading, go buy it. Now. Using it these past few days we put together our little web service from scratch, including cron jobs and using the funky datastore, without referring to the actual documentation. Not once. We did have to do some bits of searching around to get ourselves up to speed on the various Python language constructs, but less than you’d probably figure; there were clear explanations and examples for at least 95% of what we wanted to do. So although there are other GAE focused books out there, we say you don’t even need to bother reviewing them; this one took us from all but absolute zero knowledge of either GAE or Python to a deployed and working service in a matter of mere hours.

So our enthusiastic — nay, heartfelt — appreciation to Messr. Sanderson for a fine job well done, and our likewise hearty recommendation to you that Google App Engine familiarity would be a useful addition to your skillset!


Here is an excellent looking list of GAE links:

Google App Engine: The Ultimate List Of Resources