Hi Folks,
I'm pleased to announce that MetaScope (the world's
coolest Lua-based
screensaver & Google Hack) is officially available for
download at my new website
image searches on
Google and 4 other search engines. Okay, enough
shameless promotion. :)
I thought I'd talk a little bit about
the shareware distribution and anti-
piracy measures behind the new
website, since other Lua programmers may
find it of interest, and it may
generate some discussion.
I learned, years ago, when working on The Palace
(an Internet Chat system
I created in 1994) that a software product isn't
just the program - the
executable file. It's a whole bunch of things:
The client software, the
server software (if any), the website that sells it,
the community that
visits the website, the ordering system, and so on.
I realized that when
thinking about the product, it is more helpful to
me, the developer, to
think about the entire system as 'the product', rather
than obsessively
focusing on the 'executable' (the software that the user
downloads),
which is really only a small part of the whole system. It's
easy for
programmers such as myself to fall into this trap.
So in setting up the KrazyDad website, which
currently has one product,
"MetaScope," I have created a
'whole software' distribution system which
consists of a number of
components. Metascope is my first product, but I
intend to (over the
next few years) release a number of fun little lua-
based software toys on
this website using the same system, differing
only in the script-components.
Here's a few key parts of the system:
1) Lua-scripts & C++ Engines
All the software toys sold by KrazyDad are (or will
be) written in a
combination of C++ and Lua-Script. All the
"high-level" code is written
in Lua. The C++ Executable is
basically a high-performance OpenGL Sprite
engine which runs the
script. This is similar to the Palace model in
which the
palace-executable is basically an engine which ran
forth-like "iptscray"
scripts, but more extreme - far more of the
'functionality' (and most of
the anti-piracy stuff) resides in the Lua
script. The C++ engine will
tend to be the same from product to
product, with certain capabilities turned
on or off.
2) Cross-platform technologies.
The C++ engine relies on a number of cross-platform
technologies. These
include Lua, OpenGL, JPEG, PNG, ZLIB, CURL and FMOD (a
sound engine). About
95% of the code is ready for porting, and it
should be fairly simple for
me to make Macintosh and Linux versions (once I
get a little free
time...). In the case of the Palace (which was
originally written on a
Mac), only about 50% of the code was
portable.
3) A server for delivering 'registered'
scripts.
The 'free trial' that you download contains a
script with limited
capabilities. When you register the software, the
demo-script downloads a new
script from my server. The new script
contains additional functionality. Because
of this method, a software pirate can't 'unlock'
the demo by adding a few NOPs to
the EXE file.
4) All the scripts
are precompiled, compressed with zlib, and encrypted
using the user's
identification information and registration-code as an
encryption
key.
This way, if a particular script is copied, I can
see where it came from.
Also, if someone attempts to tamper with this
information, their script
will cease to function, because it can't be
unscrambled.
I am NOT saying that this system is 'tamper proof'
- it is simply harder
to tamper with than your typical shareware program
which can be fixed by
inserting a few NOP instructions. Much of the
code that is responsible
for security is contained within the scrambled Lua
script, rather than
inside the C++ engine. This makes it somewhat
harder for a hacker to
"decompile" and modify.
I am considering using a modified version of LuaLib
that scrambles the
order of compiled tokens, so that an 'off-the-shelf' Lua
decompiler can't
be used (Don't know if there any off-the-shelf decompilers
out there,
but I imagine so...).
- Jim Bumgardner