The biggest problem I see with the current implementation (iOS 4.x) of Game Center is that there is no way for Game Center users to authenticate themselves to 3rd-party servers. Let me explain from the top. Game Center is Apple’s new games oriented social network and infrastructure on iOS devices. It has a lot of great features like leaderboards, achievements and matchmaking. Once a user creates an account on an iOS device they are perpetually signed in at the operating system level. This is great because it means that all existing and future Game Center games can take full advantage of its features, social connectivity and never have to make users create an account (users HATE creating new accounts) or even sign in again (unless of course they explicitly sign out). From the game developer perspective, Game Center is really awesome. There are a lot of developers (myself included) who do not want to have to:

• Create a complete login infrastructure
• Store and handle people’s passwords safely
• Figure out some sort of account confirmation
• Implement password recovery
• Encourage users to start building YET another social graph on your service/game
• Handle other support related support requests

(more…)

Deadlock is the name for my copy-protection/registration framework that I have been using in Language Aid since version 1.0. It has worked faithfully for me since then and I have have decided to share it with other developers who might be looking for such functionality or looking to bump up their protection a little.

I have long heard many developers argue that most of the time pirates wouldn’t purchase your software anyway and so you shouldn’t bother putting that much effort into fighting it except for the most basic and obvious of protections. In most cases it just isn’t economical. I generally agree with this but the reason that I put so much effort into Deadlock to protect a $20 program was more personal education and entertainment than anything else. I must admit that I had a lot of fun thinking of how to hack the program, come up with a countermeasure, then come up with a circumvention of that countermeasure and then engineer a protection against that back and forth over and over again. I mostly just thought of the kinds of reverse-engineering that I have performed on other software for entertainment and then researched methods to prevent such fun. In the end I thought I had a pretty good setup of minimally invasive mechanisms to prevent piracy for my software.

Deadlock has been refined over the course of Language Aid releases and as of Language Aid 1.1.1 it was built out as its own separate product. I have wanted to refine it and add more diverse functionality to it for a long time. To accomplish this Deadlock needs more clients, preferably applications outside of Aoren Software. In the future I also plan on productizing my payment processing engine (works hand in hand with Deadlock) that makes paying for and registering Language Aid easy, fast and instant (no serial numbers, no confirmation emails, just instant gratification). I wanted to end this post by citing one of the many insightful quips from Bruce Schneier in order to emphasize that security invasion is inevitable and that defenses are simply deterrents. Instead I give you this:

The user’s going to pick dancing pigs over security every time.

— Bruce Schneier

I actually had a very hard time thinking of a name for this project. Nothing really seemed to fit too well or sound that good. But I needed some sort of name for my new project. You have to call it something… I finally settled on “Razor”. What does it mean? Nothing. What does it have to do with the project? Nothing other than now that is what the project will be known by. After not being able to think of a name for a while and itching to just start coding on the darn thing I just picked the name and it has just kind of settled.

Ok, so what is it? On the Google Code page that it is hosted at I wrote:

Razor is a strategy game engine which is oriented around programming the AI of the units rather than direct control by humans. The idea is that human players compete by engineering the intelligence of the units under their control in order to fulfill an objective. The game world is in 3D and will employ some basic physics. Units, AI, physics models and many other aspects are extensible through a plugin system.

Razor is for Mac OS X Leopard only due to leverage of certain Leopard exclusive features such as dynamic loading/unloading of Objective-C, Garbage Collection and more as time goes on.

This is an idea I have had banging around in my head for a long time. Ever since I worked on an AI lab in college where the final semester objective was to program the AI of 5 tanks to play capture the flag against 5 other tanks controlled by one of the AIs of my many classmates. At the end of the semester the class had a tournament in which the prize was an instant ‘A’ in the class and didn’t have to take the final! My lab partner and I won the tournament and even though we both had As in the class at that point, not having to take the final exam was a big time relief at the end of a very busy semester. Perhaps I will make a blog post on our winning strategy later.

Along with that, I have always loved the great strategy involved in RTS games like Starcraft (which in my opinion is the best RTS ever made). I loved thinking of crazy new strategies that would find kinks in established defenses or play with the psychology of the other players. The only thing that prevented me from pulling off my grand designs was the limitations of my own reflexes. Some people just have the twitch and can bounce from scene to scene, keep everything in their heads at once and make lightning fast and precise mouse movements. But if the Korean Starcraft scene is any indicator, these cyber-athletes like gymnasts have a limited lifespan. Once you hit the ripe old age of 22 your reflexes aren’t what they used to be and some pretty young 16 year old is going to take your spot. What I want in some respects is AI programmable Starcraft.

Now the project is only in its infancy and is nowhere near doing anything of significant interest at this point but I decided that I wanted to get the code into an initial functional state that would at least be worthy of initial check-in. Because the project is open source I will be commenting here about the work that I am doing on it, future feature additions and other issues with great openness and frequency unlike my closed projects.

Below is a screenshot of the Simulation Viewer app that you can build and run right now from the source that is posted on the project page. It is not much but it is a start.

I had an interesting thought the other day as I set up my iPhone. When setting up my security lockout number I realized that I didn’t actually know what my bank’s pin number was. This is because my bank pin number is a derivative of another number that I know and my hands just do the right thing as it constructs the derivative of my memorized number. I thought about how this might be useful if someone was ever interrogating me through drugs or sleepiness because I honestly don’t know the answer off the top of my head. I would have to sit there and work through the numbers one by one to construct what the pin actually is. It reminds me of the “Gnilleps” card in Cranium where you have to spell a word backwards. It is fairly difficult for me to do because that is contrary to how my brain visualizes and catalogs the word, but if given enough time I can slowly crank it out.

A few years ago I had a great idea for a business that I thought had great potential. The idea was cryptographic timestamping. A way to prove that certain documents or other pieces of information existed at a certain point in time. It would be a great way to fight plagiarism, establish disclosure or just prove that a certain document has existed from a specific point in time. It would be a relatively low overhead business, technically. All that you would need to do is to put up a couple of servers that would create/store signatures and maintain payment accounts. Customers themselves would be responsible to keep their documents safe but the service when presented with the document could verify it’s authenticity and the timestamp of its origin. Recently I thought about this idea again and started to look around to see if anybody has done anything similar. It looks like http://www.etimestamp.com has beaten me to the punch by about 8 years. The service looks very similar to what I had envisioned with methods for legal verification of the timestamp and everything. It looks to be a quality service with reasonable prices. I may have to take advantage of it sometime.