Jump to content
  • Advertisement

C++ Releasing closed source on Windows without looking suspicious

Recommended Posts

Over the last week I have released my first prototype for free public download. Great...

However,

It has very quickly become clear that their is a trust issue surrounding releasing my work, and I understand the concern.

I have worked very hard to make the install process simple for the user. Just like games I would install myself, mine offers an installer which guides the user to install the prototype and ensures system dependencies are met. This brings the setup to a single .exe file that can be easily distributed and downloaded.

Here is the problem; although the game page gets attention, more than one person has indicated that they find deployment in this way to look suspicious. What's more, Windows also doesn't help- it too warns it's suspicious.

However, so far it appears that my release through itch.io (indie steam) is being trusted more, but I don't see much difference. Again, at the end of the day, itch is just installing the exe for the user, the only difference is that the user may only see a nice image and an install button through the itch app.

So, what would be a good way to release closed source software which inspires trust in people?

In the past I have had to use code signing for client work, but as far as I can see that just boils down to: If you pay some money, you become trusted. In my experience, there is no review of the code of any kind. Is it purely the alignment with a larger company that makes people trust the itch.io release over my direct download? How can an individual be trusted?

Share this post


Link to post
Share on other sites
Advertisement
19 minutes ago, Yesindiedee said:

I have worked very hard to make the install process simple for the user. Just like games I would install myself, mine offers an installer which guides the user to install the prototype and ensures system dependencies are met. This brings the setup to a single .exe file that can be easily distributed and downloaded.

Considering that your down loaders will be indie gamers, there is no need to pack the dependencies in the installer.

Instead have links to to dependencies on your page. This is how most indie developers work and is what people are use to.

 

You can use zip files if the game isn't that large. Installers are less trusted. You should result to a installer when your raw game is >500mb. Purchasing a trusted installer also helps.

Don't let your game try to download anything unless it's a online game.

 

That's the best I can think of the top of my head. Look around and see how other developers are doing it.

Edited by Scouting Ninja

Share this post


Link to post
Share on other sites

There is always going to be an exe around somewhere though, even if it's just in the zip file? do you think it comes down to anxiety surrounding single file exe downloads?

I currently use innosetup for the setup and as an indie you can imagine one of the issues I have is no money so purchasing stuff isn't really an option. Does money = trust?

 

Share this post


Link to post
Share on other sites
Just now, Yesindiedee said:

do you think it comes down to anxiety surrounding single file exe downloads?

Definitely. Most people will immediately discard any .exe that is just downloaded on it's own. Placing that same exe into a zip makes things more trusted.

It's because most virus and malware is a single exe. People have learned to fear it.

2 minutes ago, Yesindiedee said:

Does money = trust?

No.

Reputation = trust.

The installers you buy have a reputation. There are some installers that also have free versions.

You don't need money, you should just not copy the file sharing system that malware and virus use.

Share this post


Link to post
Share on other sites

I feel the exact same way when I see a single exe, however I feel that way with every exe so it looks like I wouldn't even download my own work.

If this is true it appears that single developers have lost power, and have become dependant on a reliance with middle men.

How could we get that power back without money being involved?

Scenario: I want to release code: I submit it for code review, I get sent a part of someone else's code to review and mine in turn is split and sent to other people submitting code for review. Once all parts of my code have been reviewed I get some sort of trusted status that the community can push as a recognised standard? No money involved, everybody equal?

Share this post


Link to post
Share on other sites
17 minutes ago, Yesindiedee said:

have become dependant on a reliance with middle men.

making a zip file doesn't need a middle man. You can make them yourself and the unpatented ones can be un-zipped by most computers. Or use a free zip system.

17 minutes ago, Yesindiedee said:

If this is true it appears that single developers have lost power

More like we have the power to use 3rd parties. Malware and virus developers work on there own out of legal concerns.

17 minutes ago, Yesindiedee said:

How could we get that power back without money being involved?

It depends on what you mean by money. Time = money.

If you had time you could make a way to distribute files. Build it's reputation and resolve the problem. That is what these installers mostly are, there even exists a view that don't reduce file size.

17 minutes ago, Yesindiedee said:

Scenario: I want to release code: I submit it for code review, I get sent a part of someone else's code to review and mine in turn is split and sent to other people submitting code for review. Once all parts of my code have been reviewed I get some sort of trusted status that the community can push as a recognised standard? No money involved, everybody equal?

You need to build or arrange the system, then you need to maintain it.

Nothing that takes work is free, because taking the time to do it is going to cost you.

Edited by Scouting Ninja

Share this post


Link to post
Share on other sites
5 minutes ago, Scouting Ninja said:

You need to build or arrange the system, then you need to maintain it.

Nothing that takes work is free, because taking the time to do it is going to cost you.

If the game development community saw value in this kind of system for creating trusted status for code, they would give their time for free to develop the system, Open Source. Then a system would be in place that would support the community as equals, irrespective of their finances.

Share this post


Link to post
Share on other sites

It was me first being suspicious!

There were 2 things at play here though

  1. I didn't realise the itch was not your game (never underestimate the stupidity of your audience ;) )
  2. You released no screenshots or video of your game, no tech requirements

Aside from warnings about unsigned software, as far as this kind of thing, it is all about reputation as the others say. The more screenshots / video / explanations / feedback you have, the more trust you get. With none of these, no one wants to risk their windows installation getting hosed.

This is particularly a problem with windows imo as the OS is hopeless at installation / uninstallation issues, so things are more likely to get borked. So zip files are better than install files, no registry hosing, you can see what you are getting / dependencies etc.

On a related note I've found I'm testing shedloads more software now I'm on linux and can sandbox windows stuff in WINE. A virtual machine would probably be good too. Also I'm testing plenty android stuff .. painless install / uninstall etc.

Share this post


Link to post
Share on other sites
1 hour ago, Yesindiedee said:

If the game development community saw value in this kind of system for creating trusted status for code, they would give their time for free to develop the system, Open Source. Then a system would be in place that would support the community as equals, irrespective of their finances.

I don't see that happening. Some individuals might be interested in working on something like that, but I don't think there's a unified, monolithic "game development community" in the sense that you mean and most people expect to get paid for their time - especially if they're indies and/or have families to feed. Game development is a business, after all. The people making stuff for release in their free time (probably a minority of developers due to the way most employee-studio contracts work) are generally doing it as a hobby and would rather work on their own game ideas than something comparatively boring and annoying to support like installation software. The "community" isn't just going to get together and collectively make something for free.

If you want this badly enough, then perhaps you should start the ball rolling yourself and try to get people interested in it.

Edited by Oberon_Command

Share this post


Link to post
Share on other sites

I had never heard of Itch a month ago :D Which is why I would prefer to not have to promote another service in order to distribute software.

9 minutes ago, lawnjelly said:

This is particularly a problem with windows imo as the OS is hopeless at installation / uninstallation issues, so things are more likely to get borked. So zip files are better than install files, no registry hosing, you can see what you are getting / dependencies etc.

I have seriously considered releasing android versions for this reason. Out of interest would you trust a native Linux version more than Windows?

So far I think I am going to go the zip route for my direct download option, it looks to imply the most trust. A shame it wont stop Windows popping up a scary malware warning until i pay for code signing.

12 minutes ago, lawnjelly said:

Aside from warnings about unsigned software, as far as this kind of thing, it is all about reputation as the others say. The more screenshots / video / explanations / feedback you have, the more trust you get. With none of these, no one wants to risk their windows installation getting hosed.

I have been thinking this also. Unfortunately the prototype I released doesn't lend itself to screenshots without spoilers. I am now creating a new prototype and have decided to create video development logs to show the progress of that development to try and create a transparent as possible process.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Advertisement
  • Advertisement
  • Popular Tags

  • Popular Now

  • Advertisement
  • Similar Content

    • By Alexander Winter
      Jumpaï is a game about creating platformer levels and playing them online with everyone. Will you become the most popular level maker or will you be a speedrunner holding world records on everyone's levels? More into casual play? No problem! You can happily play through the giant level database or chill at people's hub. Meet new people, make new friends, learn to master the game by asking pros or ask for people's favorite tricks on level making. Download here: https://jumpai.itch.io/jumpai Discord: https://discord.gg/dwRTNCG   Trailer:      (The following screenshots are older but still a bit representative)  





      Unlike other games of its genre, Jumpaï is about playing levels with everyone in real time. You have the fun to see how other people are playing and get to realize you are not the only one failing that jump!

      The game is currently into development and still have lots to do. I am looking for people willing to help how they can. Developer? Graphist? Play tester? Sound designer? Game designer? I'm welcoming any talent. The project is so big I have a lot of work to do in all areas. Server backend, UI/UX, Game networking, Gameplay and even the website some day. As you can see from the default buttons, the game has been made with LibGDX. This project is a perfect opportunity for you to get better in various fields as well as showing off your skills.

      If you plan to take an important role into the development of the game, we will discuss how you will get paid once the game generates money. Note that I'm not working on the game full-time. I'm studying full-time and working on it is a hobby. The project has started in november 2016 and experiences heavy progress.

      So, are you interested? If so join me on my discord https://discord.gg/dwRTNCG and I'll answer all your questions.

      Additionnal screenshots:
       



       
    • By Shtabbbe
      I've had a game idea for a while, and I wanted to finally try to create it.
      Its a 2D open-world tile-based MMO. The concept is it is one world and multiplayer only, so everyone shares one world no matter region, platform, etc.
      I am having problems finding out what to use to start development, I tried Unity but saw some of the negatives and refrained and now im stuck, could anyone recommend some intermediate friendly 2D engines that can support what I am looking for? Preferably in languages that are or are somewhat like Java, C#, Python, JavaScript, Lua.
      Thanks for your help, im very new at this if you cant tell
    • By chiffre
      Introduction:
      In general my questions pertain to the differences between floating- and fixed-point data. Additionally I would like to understand when it can be advantageous to prefer fixed-point representation over floating-point representation in the context of vertex data and how the hardware deals with the different data-types. I believe I should be able to reduce the amount of data (bytes) necessary per vertex by choosing the most opportune representations for my vertex attributes. Thanks ahead of time if you, the reader, are considering the effort of reading this and helping me.
      I found an old topic that shows this is possible in principal, but I am not sure I understand what the pitfalls are when using fixed-point representation and whether there are any hardware-based performance advantages/disadvantages.
      (TLDR at bottom)
      The Actual Post:
      To my understanding HLSL/D3D11 offers not just the traditional floating point model in half-,single-, and double-precision, but also the fixed-point model in form of signed/unsigned normalized integers in 8-,10-,16-,24-, and 32-bit variants. Both models offer a finite sequence of "grid-points". The obvious difference between the two models is that the fixed-point model offers a constant spacing between values in the normalized range of [0,1] or [-1,1], while the floating point model allows for smaller "deltas" as you get closer to 0, and larger "deltas" the further you are away from 0.
      To add some context, let me define a struct as an example:
      struct VertexData { float[3] position; //3x32-bits float[2] texCoord; //2x32-bits float[3] normals; //3x32-bits } //Total of 32 bytes Every vertex gets a position, a coordinate on my texture, and a normal to do some light calculations. In this case we have 8x32=256bits per vertex. Since the texture coordinates lie in the interval [0,1] and the normal vector components are in the interval [-1,1] it would seem useful to use normalized representation as suggested in the topic linked at the top of the post. The texture coordinates might as well be represented in a fixed-point model, because it seems most useful to be able to sample the texture in a uniform manner, as the pixels don't get any "denser" as we get closer to 0. In other words the "delta" does not need to become any smaller as the texture coordinates approach (0,0). A similar argument can be made for the normal-vector, as a normal vector should be normalized anyway, and we want as many points as possible on the sphere around (0,0,0) with a radius of 1, and we don't care about precision around the origin. Even if we have large textures such as 4k by 4k (or the maximum allowed by D3D11, 16k by 16k) we only need as many grid-points on one axis, as there are pixels on one axis. An unsigned normalized 14 bit integer would be ideal, but because it is both unsupported and impractical, we will stick to an unsigned normalized 16 bit integer. The same type should take care of the normal vector coordinates, and might even be a bit overkill.
      struct VertexData { float[3] position; //3x32-bits uint16_t[2] texCoord; //2x16bits uint16_t[3] normals; //3x16bits } //Total of 22 bytes Seems like a good start, and we might even be able to take it further, but before we pursue that path, here is my first question: can the GPU even work with the data in this format, or is all I have accomplished minimizing CPU-side RAM usage? Does the GPU have to convert the texture coordinates back to a floating-point model when I hand them over to the sampler in my pixel shader? I have looked up the data types for HLSL and I am not sure I even comprehend how to declare the vertex input type in HLSL. Would the following work?
      struct VertexInputType { float3 pos; //this one is obvious unorm half2 tex; //half corresponds to a 16-bit float, so I assume this is wrong, but this the only 16-bit type I found on the linked MSDN site snorm half3 normal; //same as above } I assume this is possible somehow, as I have found input element formats such as: DXGI_FORMAT_R16G16B16A16_SNORM and DXGI_FORMAT_R16G16B16A16_UNORM (also available with a different number of components, as well as different component lengths). I might have to avoid 3-component vectors because there is no 3-component 16-bit input element format, but that is the least of my worries. The next question would be: what happens with my normals if I try to do lighting calculations with them in such a normalized-fixed-point format? Is there no issue as long as I take care not to mix floating- and fixed-point data? Or would that work as well? In general this gives rise to the question: how does the GPU handle fixed-point arithmetic? Is it the same as integer-arithmetic, and/or is it faster/slower than floating-point arithmetic?
      Assuming that we still have a valid and useful VertexData format, how far could I take this while remaining on the sensible side of what could be called optimization? Theoretically I could use the an input element format such as DXGI_FORMAT_R10G10B10A2_UNORM to pack my normal coordinates into a 10-bit fixed-point format, and my verticies (in object space) might even be representable in a 16-bit unsigned normalized fixed-point format. That way I could end up with something like the following struct:
      struct VertexData { uint16_t[3] pos; //3x16bits uint16_t[2] texCoord; //2x16bits uint32_t packedNormals; //10+10+10+2bits } //Total of 14 bytes Could I use a vertex structure like this without too much performance-loss on the GPU-side? If the GPU has to execute some sort of unpacking algorithm in the background I might as well let it be. In the end I have a functioning deferred renderer, but I would like to reduce the memory footprint of the huge amount of vertecies involved in rendering my landscape. 
      TLDR: I have a lot of vertices that I need to render and I want to reduce the RAM-usage without introducing crazy compression/decompression algorithms to the CPU or GPU. I am hoping to find a solution by involving fixed-point data-types, but I am not exactly sure how how that would work.
  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!