Monkeying with the Pirates

So one of my main concerns with this latest update of Bakers Game is the cost. The marginal cost of a solution is practically zero - and so is its utility. This forces the cost per solution downward.

There are other considerations involved beyond a pure profit from Bakers Game, of course. As a technological demonstration it will be a nice feather in my cap. It will tie a lot of disparate programming elements together to make a nice personal challenge. I can use it as a geek shibboleth at parties. However the costs have to be kept down.

The main problem with costs will be piracy. Bakers Game has already been hacked and is available on various and sundry Chinese hacker sites. Some of them charge 99 cents up-front for the cracked version (sigh). If any idiot can download a cracked version and dump a boatload of solver requests against my EC2 instances my utilization spikes and my wallet empties. Securing the requests with encryption is pointless - it would restrict me to US and Canada sales only (stupid export restrictions), and the Chinese would simply drop some coin to acquire the key. I would see one sale and then a million solver requests.

So if the set { app , phone , user } cannot be trusted, there are only two things left to trust. I can trust myself and the servers I setup.

The user will purchase solution credits via Apple's In-App purchase. The app sends the receipt over to my servers - and my servers can establish their own channel to Apple to verify that the receipt is valid. If the receipt is valid the user is credited - and the credit amount is stored on my servers. Sure, the user gets a copy - but the official record is on machines under my control. The app then receives a randomly generated token from my servers for each purchase, and this token must be sent for any request.

What this means is that some enterprising hacker group will purchase solver credits and embed the resulting token into their cracked version. Anyone who downloads their cracked app, though, plays in the same sandbox as EVERY OTHER pirate. My problems are solved - I'm selling solution credits rather than unlimited access. The more pirates the faster the credits are expended for ALL of them. But it's also fair if one of the pirates opts to go legit - the purchase of credits generates a new token sent only to that phone!

More posts on the architecture will follow, but meanwhile ... keep coding!

The monkey breaks the silence

So it's been quite awhile since the last post. Let's remedy that!

It's time to update the Bakers Game application. There were around 1,000 folks who downloaded version 1.0, which was absolutely fantastic for it being my first app. This has increased to around 4,000 for version 2.0 - with around a 65% conversion ration (updates from version 1.0). Interestingly, there are still some updates trickling in even today!

Upping the game brought bug fixes, more game boards, a cheat mode, and card animation. So it looks a lot like the other card apps out there no, except, of course, my app is still free and ad-less! And there are still very few solitaire games available that guarantee a winnable board. I find this strange, as it is not all that difficult to build such boards. I spent about $20 on Amazon EC2 - surely Big Company Inc can swing that!

So version 3.0 has to bring an even bigger change to the table ...

*** SHOWING YOU HOW TO WIN! ***

Let's be honest - there's more power in my 2nd generation iPod Touch than ever there was on a Commodore 64, but still nowhere near enough. Heck - there isn't even power on my 2.8 Core2 Duo except that I traded memory for speed - an option not available on a simple iPod, and not available even on the new iPad. However, there is an "always-on" Internet connection - and Amazon AWS services cheaply available.

The present planned architecture is going to use Amazon's Elastic Beanstalk to run the front-end processor, reserved EC2 instances for processing, SQS to move requests from the front-end to the processors, SNS so that the components can tell each other of jobs & solutions, and S3 as a backing store. The app will simply submit a request to the front-end, obtain an estimated callback time, and check back periodically.

Expensive? Hardly - the entire thing should weigh in at less than $100 per month.

Profitable? Hardly! All prices eventually get pushed down to just over their marginal costs, and the marginal cost of solving a board is INSANELY low. That said, I haven't run a market analysis so anything is possible.

DDOS attacks? Amazon should take care of that for me. It's doubtful anybody's going to start up their own EC2 instances to assault mine.

Piracy? Heh heh heh - bring it on! This one I've got solved - to the detriment of anyone using a hacked Bakers Game. I'll post more on this one because I think it's an excellent Akido throw to be executed in software.

Time to start coding ...