• Advertisement

C++ Releasing closed source on Windows without looking suspicious

Recommended Posts

Over the last week I have released my first prototype for free public download. Great...

However,

It has very quickly become clear that their is a trust issue surrounding releasing my work, and I understand the concern.

I have worked very hard to make the install process simple for the user. Just like games I would install myself, mine offers an installer which guides the user to install the prototype and ensures system dependencies are met. This brings the setup to a single .exe file that can be easily distributed and downloaded.

Here is the problem; although the game page gets attention, more than one person has indicated that they find deployment in this way to look suspicious. What's more, Windows also doesn't help- it too warns it's suspicious.

However, so far it appears that my release through itch.io (indie steam) is being trusted more, but I don't see much difference. Again, at the end of the day, itch is just installing the exe for the user, the only difference is that the user may only see a nice image and an install button through the itch app.

So, what would be a good way to release closed source software which inspires trust in people?

In the past I have had to use code signing for client work, but as far as I can see that just boils down to: If you pay some money, you become trusted. In my experience, there is no review of the code of any kind. Is it purely the alignment with a larger company that makes people trust the itch.io release over my direct download? How can an individual be trusted?

Share this post


Link to post
Share on other sites
Advertisement
19 minutes ago, Yesindiedee said:

I have worked very hard to make the install process simple for the user. Just like games I would install myself, mine offers an installer which guides the user to install the prototype and ensures system dependencies are met. This brings the setup to a single .exe file that can be easily distributed and downloaded.

Considering that your down loaders will be indie gamers, there is no need to pack the dependencies in the installer.

Instead have links to to dependencies on your page. This is how most indie developers work and is what people are use to.

 

You can use zip files if the game isn't that large. Installers are less trusted. You should result to a installer when your raw game is >500mb. Purchasing a trusted installer also helps.

Don't let your game try to download anything unless it's a online game.

 

That's the best I can think of the top of my head. Look around and see how other developers are doing it.

Edited by Scouting Ninja

Share this post


Link to post
Share on other sites

There is always going to be an exe around somewhere though, even if it's just in the zip file? do you think it comes down to anxiety surrounding single file exe downloads?

I currently use innosetup for the setup and as an indie you can imagine one of the issues I have is no money so purchasing stuff isn't really an option. Does money = trust?

 

Share this post


Link to post
Share on other sites
Just now, Yesindiedee said:

do you think it comes down to anxiety surrounding single file exe downloads?

Definitely. Most people will immediately discard any .exe that is just downloaded on it's own. Placing that same exe into a zip makes things more trusted.

It's because most virus and malware is a single exe. People have learned to fear it.

2 minutes ago, Yesindiedee said:

Does money = trust?

No.

Reputation = trust.

The installers you buy have a reputation. There are some installers that also have free versions.

You don't need money, you should just not copy the file sharing system that malware and virus use.

Share this post


Link to post
Share on other sites

I feel the exact same way when I see a single exe, however I feel that way with every exe so it looks like I wouldn't even download my own work.

If this is true it appears that single developers have lost power, and have become dependant on a reliance with middle men.

How could we get that power back without money being involved?

Scenario: I want to release code: I submit it for code review, I get sent a part of someone else's code to review and mine in turn is split and sent to other people submitting code for review. Once all parts of my code have been reviewed I get some sort of trusted status that the community can push as a recognised standard? No money involved, everybody equal?

Share this post


Link to post
Share on other sites
17 minutes ago, Yesindiedee said:

have become dependant on a reliance with middle men.

making a zip file doesn't need a middle man. You can make them yourself and the unpatented ones can be un-zipped by most computers. Or use a free zip system.

17 minutes ago, Yesindiedee said:

If this is true it appears that single developers have lost power

More like we have the power to use 3rd parties. Malware and virus developers work on there own out of legal concerns.

17 minutes ago, Yesindiedee said:

How could we get that power back without money being involved?

It depends on what you mean by money. Time = money.

If you had time you could make a way to distribute files. Build it's reputation and resolve the problem. That is what these installers mostly are, there even exists a view that don't reduce file size.

17 minutes ago, Yesindiedee said:

Scenario: I want to release code: I submit it for code review, I get sent a part of someone else's code to review and mine in turn is split and sent to other people submitting code for review. Once all parts of my code have been reviewed I get some sort of trusted status that the community can push as a recognised standard? No money involved, everybody equal?

You need to build or arrange the system, then you need to maintain it.

Nothing that takes work is free, because taking the time to do it is going to cost you.

Edited by Scouting Ninja

Share this post


Link to post
Share on other sites
5 minutes ago, Scouting Ninja said:

You need to build or arrange the system, then you need to maintain it.

Nothing that takes work is free, because taking the time to do it is going to cost you.

If the game development community saw value in this kind of system for creating trusted status for code, they would give their time for free to develop the system, Open Source. Then a system would be in place that would support the community as equals, irrespective of their finances.

Share this post


Link to post
Share on other sites

It was me first being suspicious!

There were 2 things at play here though

  1. I didn't realise the itch was not your game (never underestimate the stupidity of your audience ;) )
  2. You released no screenshots or video of your game, no tech requirements

Aside from warnings about unsigned software, as far as this kind of thing, it is all about reputation as the others say. The more screenshots / video / explanations / feedback you have, the more trust you get. With none of these, no one wants to risk their windows installation getting hosed.

This is particularly a problem with windows imo as the OS is hopeless at installation / uninstallation issues, so things are more likely to get borked. So zip files are better than install files, no registry hosing, you can see what you are getting / dependencies etc.

On a related note I've found I'm testing shedloads more software now I'm on linux and can sandbox windows stuff in WINE. A virtual machine would probably be good too. Also I'm testing plenty android stuff .. painless install / uninstall etc.

Share this post


Link to post
Share on other sites
1 hour ago, Yesindiedee said:

If the game development community saw value in this kind of system for creating trusted status for code, they would give their time for free to develop the system, Open Source. Then a system would be in place that would support the community as equals, irrespective of their finances.

I don't see that happening. Some individuals might be interested in working on something like that, but I don't think there's a unified, monolithic "game development community" in the sense that you mean and most people expect to get paid for their time - especially if they're indies and/or have families to feed. Game development is a business, after all. The people making stuff for release in their free time (probably a minority of developers due to the way most employee-studio contracts work) are generally doing it as a hobby and would rather work on their own game ideas than something comparatively boring and annoying to support like installation software. The "community" isn't just going to get together and collectively make something for free.

If you want this badly enough, then perhaps you should start the ball rolling yourself and try to get people interested in it.

Edited by Oberon_Command

Share this post


Link to post
Share on other sites

I had never heard of Itch a month ago :D Which is why I would prefer to not have to promote another service in order to distribute software.

9 minutes ago, lawnjelly said:

This is particularly a problem with windows imo as the OS is hopeless at installation / uninstallation issues, so things are more likely to get borked. So zip files are better than install files, no registry hosing, you can see what you are getting / dependencies etc.

I have seriously considered releasing android versions for this reason. Out of interest would you trust a native Linux version more than Windows?

So far I think I am going to go the zip route for my direct download option, it looks to imply the most trust. A shame it wont stop Windows popping up a scary malware warning until i pay for code signing.

12 minutes ago, lawnjelly said:

Aside from warnings about unsigned software, as far as this kind of thing, it is all about reputation as the others say. The more screenshots / video / explanations / feedback you have, the more trust you get. With none of these, no one wants to risk their windows installation getting hosed.

I have been thinking this also. Unfortunately the prototype I released doesn't lend itself to screenshots without spoilers. I am now creating a new prototype and have decided to create video development logs to show the progress of that development to try and create a transparent as possible process.

Share this post


Link to post
Share on other sites
22 minutes ago, Yesindiedee said:

I have seriously considered releasing android versions for this reason. Out of interest would you trust a native Linux version more than Windows?

Anecdotally yes, based on the very little I know about the security model. Providing you don't desire the latest graphics, and can live with optimizing for lower power machines then Android (and iOS) make a lot of sense imo. Far easier to deploy. One of my testers is an expert at installing / uninstalling, and he's 5 years old. :)

Share this post


Link to post
Share on other sites
4 hours ago, Yesindiedee said:

So, what would be a good way to release closed source software which inspires trust in people?

Signing your installer with a certificate will make Windows behave in a more friendly way.

As other pointed out, does it have to be an .exe? Perhaps just .zip is enough for your game?

If you absolutely need an installer try to look into .msi installers - these tend to look more legit than some random .exe.

Share this post


Link to post
Share on other sites

Itch.io definitely is a decent way to increase trust-level of your binaries, mostly due to their sandbox.

But the same goes for any other store front. I trust Steam/Apple/Microsoft to have at least run anti-virus against anything being distributed through their stores. If I download directly from your site, I have to take on that burden myself, and hope my anti-virus software is up to the task.

Share this post


Link to post
Share on other sites

Not sure how useful this is, but I've seen some people upload their apps to a site like https://www.virustotal.com and then link to the generated report.

14 hours ago, Yesindiedee said:

In the past I have had to use code signing for client work, but as far as I can see that just boils down to: If you pay some money, you become trusted.

In theory, paying for a certificate means that your identity is verified. Your installer can be traced back to your business registration details. If you're doing something malicious, the police can track you down. That means you're responsible, and responsibility = trust.

An unsigned app could've been written by anyone, and they can just disappear when it comes time to take the blame. This is probably why Windows prefers installers to be signed.

Share this post


Link to post
Share on other sites
2 hours ago, Hodgman said:

This is probably why Windows prefers installers to be signed

Also note that Mac OS now actually refuses to allow unsigned binaries to be installed without the user manually opening System Preferences, authorising the app, clicking through warnings, and finally entering the administrator password.

As you can imagine, this has a pretty chilling effect on folks installing unsigned software...

Share this post


Link to post
Share on other sites

I'm from china.
Here's my homepage: www.rlzl.net , indie game developers.
I have no ftp-server, all data from other download site.
I will provide a hash and readme file write in:
"Use your antivirus software to do my application scan for virus infections"

Share this post


Link to post
Share on other sites

@dream rz I am not sure how helpful your reply is to the whole conversation.

What @Hodgman suggested is something I would do, I would probably also invest in some time/money into a code signing certificate which is trusted by the usual suspects. Everything else is up to the user.

If I end up downloading stuff, executables, I also just upload them to virustotal.com and see for myself.

Share this post


Link to post
Share on other sites
8 hours ago, rlyeh said:

@dream rz I am not sure how helpful your reply is to the whole conversation.

I had always thought You are all trust "antivirus software". McAfee, Avira Free Antivirus, Kaspersky, ESET NOD32...
Anti-virus software is a necessary part of any security implementation, why do you use “code signing”?
I suppose there must be some discrepancies between us in comprehension.
In our country........sorry, piracy software is everywhere. what is a trusted publisher?
Use more "antivirus software".

Share this post


Link to post
Share on other sites

Aside from code signing which is absolutely the best way to gain trust, no way around it, because it actually ties the piece of software to you / your company and protects it from manipulation, the small things like zipping it along with some documentation / license text / whatever and setting a proper file icon can help a bit. Everything else is building trust over time.

To tell your users to "use more antivirus software" is certainly not the solution, because most antivirus tools do not play well with others (and some like McAfee behave more like malware themselves...).

Share this post


Link to post
Share on other sites

Anti-virus software is only the tip of the spear. It is designed to catch exploits which are already well known, or obviously malicious. It generally isn't very good at identifying software that is malicious in subtle ways.

Signing is more about personal trust. The signature attests that you (or your company) are putting your own reputation on the line, that the software is not malicious. Betray that trust significantly, and folks will stop accepting your certificate.

It's not a perfect system, but it at least provides some degree of confidence that I can find you if you destroy my computer :)

Share this post


Link to post
Share on other sites
11 hours ago, swiftcoder said:

Anti-virus software is only the tip of the spear. It is designed to catch exploits which are already well known, or obviously malicious. It generally isn't very good at identifying software that is malicious in subtle ways.

Exactly.  I have a custom program I wrote for myself that installs a keyboard hook to capture the scroll-lock key so that I can manually call ClipCursor to constrain my mouse on one monitor when I'm playing games which don't do this themselves.

My program is not signed, my virus scanner doesn't have any problems with it at all, and yet I could just as easily use that keyboard hook to perform malicious key logging instead.

I have another hobby project which runs in user mode which can attach to other processes, debug them, inspect or edit values in RAM, set breakpoints.  It communicates with other processes using named pipes.  It seems like this should be a highly suspicious combination to any virus scanner, but no computer I've ever run it on has complained about it.  Kaspersky, McAffe, Norton, CrowdStrike Falcon, and obviously Windows Defender don't care about it.  I wouldn't trust another person's EXE if I knew it called even 10% of the APIs I call.

Edited by Nypyren

Share this post


Link to post
Share on other sites

Signing is not about buying trust, it's about buying traceability. You're preventing someone from adding malware to your executable and distributing it in your name.

Share this post


Link to post
Share on other sites

As a hobby developer I'm also not particularly fond of the signing stuff, as I provide my games for free. So I don't see to shell any money out for anything, esp. not periodically. IMHO this is nothing about trust. Have you personally ever checked the signature of a executable you downloaded?

The suspicious warning works in a way that the number of downloads are weighed against the number of user warnings via feedback, so over time the warning should go away (IIRC this is the "Smart Screen" filter)

 

One method could be to release your game in the Windows store. It's a bit annoying to modify, but you can use C++ just fine. To use the store costs a one time fee (ca. 17€) which I'm fine with.

 

Still, I provide most games from a zip archive, only a select few with an installer (those who cater to rather non technical users)   
 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Advertisement
  • Advertisement
  • Popular Tags

  • Advertisement
  • Popular Now

  • Similar Content

    • By fishyperil
      I'm looking for some references that could help me learn how to program some really basic 2D enemy behaviours.
      I wasn't sure whether to post this here or in the AI section but I think it might be more suitable to be posted here since it has more to do with basic maths than any AI related algorithms.
      Could anyone help recommend some resources (books, posts, videos) that could help me understand how to properly implement the basics of enemy movement in 2d games ? So far I've only managed to get them to chase the player character and to stop moving on collision, but the movement is pretty unrealistic and once the collision occurs the enemies all "pile up" on the player character. I'm doing this in C++ so no guides that explain how to script this using an engine api please.
    • By Swift Katana Studios
      Do YOU play Horror Games; if so WHAT is your favourite and WHY?
      Hello! I want to develop a Horror Game for PC and Consoles, however, I need to understand WHY people enjoy playing Horror Games. 
      Here's a list of Questions:
      What's your favourite Horror Game and Why? What environment scares YOU the most? What Creature/ Enemy scares YOU the most? Do YOU like Maze's/ Labyrinths?  Do you enjoy Puzzles/ Riddles? Thanks for taking the time out of your day to read this topic, I appreciate it!
       
    • By Fleshbits
      Back around 2006 I spent a good year or two reading books, articles on this site, and gobbling up everything game dev related I could. I started an engine in DX10 and got through basics. I eventually gave up, because I couldn't do the harder things.
      Now, my C++ is 12 years stronger, my mind is trained better, and I am thinking of giving it another go.
      Alot has changed. There is no more SDK, there is evidently a DX Toolkit, XNA died, all the sweet sites I used to go to are 404, and google searches all point to Unity and Unreal.
      I plainly don't like Unity or Unreal, but might learn them for reference.
      So, what is the current path? Does everyone pretty much use the DX Toolkit? Should I start there? I also read that DX12 is just expert level DX11, so I guess I am going DX 11.
      Is there a current and up to date list of learning resources anywhere?  I am about tired of 404s..
       
       
    • By Dave Haylett
      Hi all. My project is coming along wonderfully, and am starting to consider alpha deployment, and would like your advice.
      My project need access to 10,000 small PNG image files at runtime, each is only a few kilobytes each, which during development I used to load in directly from a fixed path on my HDD whenever one was needed (obviously not a solution for go-live), using something like this:
      img = new WriteableBitmap(new BitmapImage(new Uri(@screenshotsPath + filename)));
      The image would then be blitted onto a buffer screen, etc. etc. At a time, a few dozen would be being used.
      Now I'm thinking about deployment, and also when I produce an update to my app, there could be more images to add to the folders. So I'm considering the best way of a) deploying the images to the user as part of the project, and b) how to most easily handle updates to the app, whereby more images will be added.
      I have just experimented with adding them all as a Resource (!). This inflated the exe from 10mb to 100mb (not a major problem), increased the compile time from 3 secs to 30 secs (annoying), increased RAM usage from 500mb to 1.5gb (not a major problem either), but means that it solves my fixed directory issue, distribution issue, and update issue, simply by having the files all stuck into the executable. Here's the new code I'm using:
      img = BitmapFactory.FromResource("Shots/" + filename);
      The next thing I was going to try was to mark them as Content > Copy if Newer. This would resolve the executable size and RAM usage (and also the directory issue as well), however it seems that I'd need to highlight them all, and move them from Resource to Content. As an up-front job this isn't too bad, but as I add new images to the project, I'll need to go in and do this every time, which gets annoying, as the VS2015 default is Resource. Also, I'm not sure how this would work in terms of updates. Would something like ClickOnce deployment recognise new PNGs and install them to the users?
       
      I also have 3,000 ZIP files (~500kb each) which also need deploying and updating in the same way. These are currently read directly from my HDD until I can find a permanent solution for adding these to the project as well.
      Can anyone thing of a better way of doing what I'm trying to achieve?
      Thanks for any help folks.
       
    • By PhillipHamlyn
      Hi
      I have a procedurally generated tiled landscape, and want to apply 'regional' information to the tiles at runtime; so Forests, Roads - pretty much anything that could be defined as a 'region'. Up until now I've done this by creating a mesh defining the 'region' on the CPU and interrogating that mesh during the landscape tile generation; I then add regional information to the landscape tile via a series of Vertex boolean properties. For each landscape tile vertex I do a ray-mesh intersect into the 'region' mesh and get some value from that mesh.

      For example my landscape vertex could be;
      struct Vtx { Vector3 Position; bool IsForest; bool IsRoad; bool IsRiver; } I would then have a region mesh defining a forest, another defining rivers etc. When generating my landscape veretexes I do an intersect check on the various 'region' meshes to see what kind of landscape that vertex falls within.

      My ray-mesh intersect code isn't particularly fast, and there may be many 'region' meshes to interrogate, and I want to see if I can move this work onto the GPU, so that when I create a set of tile vertexes I can call a compute/other shader and pass the region mesh to it, and interrogate that mesh inside the shader. The output would be a buffer where all the landscape vertex boolean values have been filled in.

      The way I see this being done is to pass in two RWStucturedBuffer to a compute shader, one containing the landscape vertexes, and the other containing some definition of the region mesh, (possibly the region might consist of two buffers containing a set of positions and indexes). The compute shader would do a ray-mesh intersect check on each landscape vertex and would set the boolean flags on a corresponding output buffer.

      In theory this is a parallelisable operation (no one landscape vertex relies on another for its values) but I've not seen any examples of a ray-mesh intersect being done in a compute shader; so I'm wondering if my approach is wrong, and the reason I've not seen any examples, is because no-one does it that way. If anyone can comment on;
      Is this a really bad idea ? If no-one does it that way, does everyone use a Texture to define this kind of 'region' information ? If so - given I've only got a small number of possible types of region, what Texture Format would be appropriate, as 32bits seems really wasteful. Is there a common other approach to adding information to a basic height-mapped tile system that would perform well for runtime generated tiles ? Thanks
      Phillip
  • Advertisement