As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Project Darkstar was the topic of the monthly JavaSIG meeting down at the Google offices in NYC last night. For those that don't know (probably everyone), Project Darkstar is a framework for massively multiplayer online games that attempts to take care of all of the "hard stuff." The basic idea is that you write your game server logic in such a way that all operations are broken up into tiny tasks. You pass these tasks to the Project Darkstar framework which handles distributing them to a specific node in the cluster, any concurrency issues, and finally persisting the data.
Apparently doing this kind of thing is a much different problem for video games than it is for enterprise applications. Jim Waldo, who gave the lecture, claims that MMO games have a DB read/write ratio of 50/50, whereas enterprise apps are more like 90% read, 10% write. He also claims that most existing MMOs keep everything in memory exlcusively, and only dump to a DB every 6 hours of so. This means if a server goes down, you would lose all of the work since the last DB dump.
Now, the project itself sounds really cool, but I don't think the industry will accept it. First, you have to write your server code in Java. The client code can be written in anything (Jim claims ActionScript 3 is the most popular, follow by C++), but the server stuff has to be Java. Sounds good to me, but I really get the impression that everyone in the games industry hates Java.
Second, unlike other industries where developers prefer to use existing frameworks and libraries, the guys in the games industry seem to like to write everything themselves. Not only that, they like to rewrite everything for every new game they produce. Things are starting to change where developers are using Havok for physics, Unreal Engine 3 as their platform, etc., but for the most part it looks like everything is still proprietary.
So, are the guys at Project Darkstar just wasting their time? Can a general framework like this really work for complex games with the performance that is required? Even if it does work, are game companies willing to use it?
Edit: This was written before Oracle bought Sun and started a rampage to kill everything that does not make them a billion $ per day. See the comments for an OSS Fork. I still stand by my opinion that stuff like that (MMO Middleware) is realistic, you just need a company that doesn't suck behind it.
The Market may be dominated by few large games, but that does not mean that there is not a lot of room for more niche games. Lets face it: If you want to reach 100.000+ players, you're ending up building your own technology stack, at least for the critical core. That's what CCP did for EVE Online (StacklessIO), that's what Blizzard did for World of Warcraft (although they do use many third-party libraries), that's what Mythic did for Warhammer Online (although they are based on Gamebryo).
However, if you aim to be a small, niche MMO (like the dozens of Free-to-Play/Itemshop MMOs), then getting the Network stuff right is just insanely hard, data consistency is even harder and scalability is the biggest b*tch.
But game technology is not your only problem - you also need to tackle Billing. Credit Card only? Have fun selling in Germany then, people there want ELV. That's where you need a reliable billing provider, but you still need to wire in the billing application with your accounts to make sure that accounts are blocked/reactivated when the billing fails.
There are some companies already offering "MMO Infratructure Services" (i.e. Arvato's EEIS), but the bottom line is: Stuff like Project Darkstar IS realistic, but assuming that you can build a Multi-Billion-MMO entirely on a Third Party Stack is optimistic, possibly idealistic.
But then again, entirely inventing all of the technology is even more stupid - use the Third Party stuff that you need (i.e. Billing, Font Rendering, Audio Output...), but write the stuff that really makes or breaks your business (i.e. Network stack, User interface etc.) on your own. (Note: Jeff's posting may be a bit flawed, but the overall direction is correct IMHO.)
Addendum: Also, the game industry does license and reuse engines a lot. The most prominent game Engines are the Unreal Engine, Source Engine and id Tech, which fuel dozens, if not hundreds of games. But there are some lesser-known (outside of the industry) engines. There is Gamebryo, the Middleware behind games like Civilization 4 and Fallout 3, there was RenderWare that is now only EA-in-House, but used in games like Battlefield 2 or The Sims 3. There is the open source Ogre3d, which was used in some commercial titles. If you're just looking for Sound, there's stuff like FMOD or if you want to do font-rendering, why not give FreeType a spin?
What I'm saying is: Third-Party Engines/Middleware do exist, and they ARE being successfully used since more than a decade (I know for sure that id's Wolfenstein Engine was licensed to other companies, and that was 1992), even by big companies in multi-million-dollar titles. The important thing is the support, because a good engine with no help in case of an issue is pretty much worthless or at least very expensive if the developer has to spend their game-development-time with unneccessary debugging of the Engine.
If the Darkstar folks manage to get the support side right and 2 or 3 higher profile titles out, I do believe it could succeed in opening the MMO market to a lot more smaller developers and indies.
Sounds like useless tech to me. The MMO world is controlled by a few big game companies that already have their own tech in place. Indie game developers love trying to build MMO's and sometimes they do, but those games rarely gain traction. Larger companies breaking into the MMO world would probably license "proven" technology, or extend their own.
Game companies reuse vast quantities of code from game to game. Most/many game companies have developed their own tech internally, and use it on every game they produce. Occasionally, they will do something like replace their physics code with a 3rd party physics engine. If their internal code base (game engine, design tools, internal pipeline) starts to age too much, or become unwieldy, they might switch to one of the big game engines like Unreal. Even then, major chunks of code will continue to be re-used from game to game.
From what I can tell, video game companies do not reuse most of their code, because if they do it implies that their new game is just a rehash of an old one.
Um... if you're referring to the long tail of video game companies, maybe. Within a company that has had a series of successful games, there is usually some modicum of reuse. Major hardware changes can result in ditching a lot of work, but it really depends on the company.
It sounds like fun to design and code, but I think it ultimately comes down to useless abstractions (to steal from Joel).
It's very common for games to reuse "game engines," even those from third-parties. This sounds like another step in that direction.
I think it's a great thing to do.
Developers not having to worry about all these things that project darkstar takes care of, and it's very easy to use.
But it's not all about just getting it to work and not having to learn everything about internet-communication, It's also about performance. Project darkstar has been under development for over 2 years and it keeps getting better,faster and more robust.
I think it will be hard and probably not worth the time to write these things when aiming at a specific game, when technologies like this can be used instead. And you also get nice information during runtime telling you where in an application there's a cause of slowdown or deadlocks so you can improve that.
I don't work in the games industry, but it sounds to me like this will do the same thing for video games as the Quake and Half-Life engines did. That is they will promote getting young developers interested in the industry and promote development of indie games.
From what I can tell, video game companies do not reuse most of their code, because if they do it implies that their new game is just a rehash of an old one. Everyone wants a cool new physics engine, better graphics, new ways to play the game. Most video game engines and frameworks are made for a specific scenario and thus are not very bendable to other situations.
Maybe Darkstar will get it right though, but I kinda doubt it, since generalizing only works for so much.
Related
I need some guidance in terms of the technology stack to choose for simple small business websites. I've had experience in .NET and Java for the back end. Occasionally worked with some Wordpress sites. I never did much development in PHP and so never was a big fan of Wordpress. But I always have people around me that want a website for their small business or just family and friends. At this point, I'm thinking do I just give into the who LAMP stack and start learning it as I don't see any open source good/easy solutions in Java and .Net or I should say that there are options but not sure if they can be a good replacement for
Wordpress. Ideally I would like to keep developing in Java.
I already have so much on my plate that I want to learn and adding the LAMP stack just makes my goals even difficult.
Any advice?
Thanks
For most sites, you don't need to touch L, A or M.
What little PHP (if any) you'll need to set up a normal WP site for a small business, personal homepage, blog etc pp, I'm sure you won't have any trouble dealing with.
Almost all database interaction is (or should be...) done via WP's functions, so you don't even need to learn about MySQL's intricacies.
I say go for it. I've never liked PHP or WP either, but it's just so easy to get something running with WP, and it's very hacky, inviting you to build something that just works. I wouldn't choose WP if somebody asked me for a solution that he wishes to use continuously for the next 20 years, but honestly, most sites I see get relaunched every 3-5 years.
Plus the WP eco system is huge, there are lots of plugins (of variable quality, granted), so lots of things are already solved and just a few clicks away from being deployed in your site. And it's not made for developers but for users, so developers usually have no problem quickly getting things done.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
Let's assume that after a few years of work I would have a 3D game ready, that can be downloaded by millions of people worldwide, it would be a game running on a client-server model.
As far as I understand anyone can look at other people's source code if they possess the .jar (the client one in this case). What are the risks of other people having a client .jar?
The checking part (anti-cheating) will be done on the server side anyway, so I doubt there will be much risk here, but I'm just wanting to have a good view of what can exactly happen, so to be more precise I'm asking the following questions:
What can be done to protect, let's say, client.jar from other people reading the code?
What is the harm that even if people would have full control to the client.jar source code, could be done to the game itself in a singleplayer environment?
What is the same harm that could be done in a client-server multiplayer environment?
What is the harm that could be done to me/my business on a personal and/or legal level?
What could if other people decide to copy the game, okay I know this can also happen if others just build their own game 1:1 mirrorred to my game.
I thought about putting it up on gamedev, but I think it's better suited here as it is directly about a programming language - Java - and an abstract programming problem.
On this one, I should emphasize that all opinions are my own and do NOT necessarily reflect those of my employer.
No, they can't look at your source code if they've got the jar. They can decompile it into equivalent source code, which will be significantly harder to read but can be figured out... just as they could dis-assemble object code (which would, admittedly, be a bit harder to figure out). Code obfuscation will indeed slow them down, but the folks who would do this are used to dealing with that too. Java is more vulnerable than some other languages to being reverse-engineered.
Copy protection generally works only to keep honest people honest. Luckily, most folks are at least moderately honest. The dishonest treat it as a free puzzle included with your product. You can slow them down. But realistically, you can't stop them unless you use specific kinds of hardware-assisted security (basically, running critical parts of the program inside a separate encapsulated machine) -- which tends to drive the cost up and/or annoy people enough that they avoid your product. Most companies have instead moved to a model of requiring that code be registered in order to get upgrades, support, online services, or whatever... and to either pricing it with the assumption that some piracy is going to occur, or pricing low enough that pirating it just isn't worthwhile.
Or, for commercial code, going after the pirated copies in court. For serious code, most companies are very aware that they have much more to lose by allowing a pirated copy onto the premises than they can save by pirating; I've seen employees fired on the spot for making a pirated copy at work.
In fact some companies have made "pirating" part of their business model. "If you got this program from a friend, and you like it, please consider sending us money to support the developers and/or buying an upgrade to the current version." Surprisingly, for good products, many folks are perfectly willing to pay voluntarily. Not everyone, but it helps.
Addressing your questions about alteration of the code:
I AM NOT A LAWYER, AND YOU SHOULD CONSULT ONE FOR THIS QUESTION, but my best understanding is that you have no new liability. If they mess up the code, that's their fault and their problem.
In a singleplayer environment, all they can do is mess with their own copy. If they break it, that's their problem. If they cheat, they're only cheating themselves out of the gaming experience they paid for.
Multiplayer is a much larger problem; if they reverse-engineer the game they can mess with your databases and other player's experience of the game. The only way to solve this, as far as I know, is to design your servers to (a) only allow the client to do things which can't cause much damage, and (b) watch player actions to try to detect abuse and kick abusing players out of the system. It's annoying, but it's the reality. And if you can show that you've made a reasonable effort to do this, it should guard you against any possible liability at this level.... but again, I AM NOT A LAWYER and free legal advice from programmers is like free programming advice from lawyers...
Building their own game mirroring yours: If you can detect that they're accessing your servers, that's legally actionable. If you've got something as simple as Tetris or Minehunter then you're going to get knock-offs and unless you're willing to go after them in court there isn't much you can do about it except by offering upgrades and so on to registered players that the knock-offs won't get. if you've written something complicated, then for the effort of duplicating yours they could create their own so this is less likely to be a problem than pure piracy is.
And as far as industrial-level piracy in the far east etc... Again, there really isn't a good answer.
If you find a solution that actually works, THAT should be your product; the world will beat a path to your door. But in the long run, I really don't think it's possible; all you can do is slow them down and use copyright and license agreements, and build a loyal enough fan base that they'd rather work with you than against you.
What can be done to protect, let's say, client.jar from other people reading the code?
Obfuscate the code, it makes reading the code harder but not impossible.
What is the harm that even if people would have full control to the client.jar source code, could be done to the game itself in a singleplayer environment?
They'll have control over everything (change anything they like), I have no idea how would that effect your game, business wise. but many games offer ways to change the game environment and that makes the game more desirable by players.
What is the same harm that could be done in a client-server multiplayer environment?
It will make it easier to reverse engineer the game protocol and you'll start having [BOTs] instead of real players play the game, besides any constraint imposed by the game UI will be rendered useless.
What is the harm that could be done to me/my business on a personal and/or legal level?
Depends how you monetize and in what country do you operate (local lows). I think you should consult a legal expert on this one.
"anyone can look at other people's source code if they possess the .jar" - this is not true. You can create special jar with the source code, but you are not obliged to do so in order to run a program. The program may contain only "binary jar" - that is, containing compiled java code and/or resources, no source. Corrected: since binary code can be decompiled back to java code (for example, with http://jd.benow.ca/ ), it will be important to obfuscate or encrypt the compiled code ( google for JODE, RetroGuard, etc.)
What can be done to protect, let's say, client.jar from other people reading the code?
you can create "thin client", that does nothing, but downloads the main code from the designated server. Of course, you'll have to protect traffic and use such key authentication that makes it impossible to trick client into using fake server.
What is the harm that even if people would have full control to the client.jar source code
that assume you don't give source-code level control to anyone
What is the same harm that could be done in a client-server multiplayer environment?
bots and DOS-attacks at least
What is the harm that could be done to me/my business on a personal and/or legal level?
it depends on concrete implementation and business model
What could if other people decide to copy the game, okay I know this can also happen if others just build their own game 1:1 mirrorred to my game.
If your client program is reverse-engineered, than hardly you can protect it from copying. Otherwise you should implement such network protocol, that makes copy impossible/useless.
I'm thinking of writing a new web-based game, and wondered if anyone had any suggestions on which platform I should opt for.
The game will be 2D sprite based, but will need to maintain a decent fps rate (there'll probably be up to 20 things moving at once). It'll all be controlled via the mouse.
I use .NET daily, so Silverlight seems a natural choice for me, but I want to make sure as many people can play it as possible...
Can Silverlight games be developed straight out of Visual Studio (I have VS 2008), or do I need additional software (and does it cost...)
What limitations does Silverlight have in terms of .NET version (can I use .NET 3.5 for example?)
What physics engines can I use?
Would Flash be a better choice? Are there free development environments for it (that are any good)? (I don't care about learning curve)
Is Java still an option?
So I just wanted some feedback on what's the best thing for me to use for a simple 2D web-based game.
EDIT:
can you provide more information? is
this single-player/multi-player? what
kind of genre? will there be a lot of
classical UI involved (lots of forms
with lots of button/checkboxes,
datagrids etc.)? will there be a lot
of animation and effects?
Single player game, with "attack waves" of enemies
enemies are only thing that move, player just points and clicks
no classic UI, just clicking on buttons (no lists / dropdowns etc)
minimal animation and effects, only graphical requirements are movement of enemies (which will require little animation)
I'm also interested in web-based 2-d games. I personally favor silverlight because:
I'm already familiar with c#/.net.
It has a lot of capabilities, even if it's not as many as full-blown WPF. I hear that LINQ alone is awesome for games. Local storage may also be a plus. There is a rich selection of controls you can use for the gui portions of your games. Honestly, WPF loses to silverlight in terms of interesting controls.
It's totally free. You need to download the silverlight toolkit for VS, but that's no issue.
One cool thing is that you can do full-screen displays. I also found it is fast enough (on my core2 duo laptop) to handle a decent amount of objects. The fact that silverlight is going to be a big part of winmobile 7 is also a good point (though we'll have to see how that turns out).
There are a number of silverlight games out there so you can see the possibilities.
http://www.silverlightclub.com/
http://silverlightgames.org/
http://www.silverarcade.com/
I suppose the main negative is portability and making people install "yet another plugin". Flash obviously has the broadest user base, but if your game is decent enough, people probably won't mind installing the plug-in. It's a painless install.
In terms of physics engines, FarseerPhysics that TomTom mentioned is most popular.
There is one other thing that I thought was really cool and compelling: http://www.codeplex.com/silversprite. From the website:
Run XNA games without code changes in Silverlight 3. SpriteBatch based graphics only, no 3D. Since the game compiles into straight Silverlight code, it will run anywhere that Silverlight can. [emphasis added]
The XNA-in-Silverlight approach is potentially really good (especially for more complex games that you might want to try profiting from) because that also opens you up to Xbox with minimal porting effort. However, I don't have any experience in that, so I can't comment further.
Edit in response to the OP's edit:
Since your game sounds even more simple than I had imagined, if you don't mind the learning curve or potential difficulties with doing a pure HTML+CSS+Javascript approach (which may in fact not be so great), I'm going to say maybe that's the best route after all. That's because of portability.
That said, I'm lazy and don't care if a few people miss out on my game, so I'd just stick to silverlight. =P
If you want maximum playability do it with all HTML and javascript and don't even use canvas and then the game will work basically everywhere, including mobile. You can balance what extra work that might cause you against developing for Flash or Silverlight and having a very limited mobile audience. You can check out processing.js as well.
If you want to go the HTML + javascript way, you can take a look at processing.js. It's a Javascript port (by John Resig) of the Processing language.
Pros:
Totally free.
Easy syntax.
Portability. No plugins.
Cons:
Still under development, some Processing functions (like the 3D functions) aren't ported yet
Also, check out John Resig's tower defense game in Processing.js.
IMHO Java is still an option, in particular JavaFX (http://www.javafxgame.com might be a good starting point).
However, your experience with a language/technology is probably more important than the choice of platform, so you should choose .NET (given that none of the suggested alternatives stands out so far).
As stated by Benny, Silverlight is a great platform if you're already familiar with .NET, and most of the tooling you need is built into Visual Studio (VS2010 has a built-in designer but the current RC version doesn't support the upcoming Silverlight 4).
One cool feature of Silverlight is its ability to utilize the GPU. This should provide a nice performance boost. I don't know if Flash offers this.
The Silverlight runtime is very small (under 5MB). And you can easily enable out-of-browser support, so that your game may be launched from a desktop shortcut, for instance, without the need for launching the browser (and being online). Silverlight 4 adds the ability to use elevated privileges (this gives you access to the native network stack instead of the sandboxed browser stack). With SL4 you also gain webcam support, if that's important to your games.
Silverlight MAY need additional tooling for Visual Studio, but this is a free download. Basically 2008 was made before silverlight, so you need to download the tooling for it.
Silverlight runs on a limited version - read the documentation.
I would in geneeral advice to go .NEt 4.0, Silverlight 4.0, Visual Studio 2010 - those are aruond the corner and you wil ldevelop longer han a month anyway.
Java - no sorry, why. I mean, theoretically yes, but if you are a .NET person, you have more knowledge there, siverlight is XAML (WPF similar experience, always nice). Why should you giv all that up for using Java?
Flash - DAMN, NO ;) Seriously ;) You dont want to deal with that unless you have to.
Physics engine - no idea. Need to check. Not sure there is a lot for it. Did you google? http://www.codeplex.com/FarseerPhysics comes up first.
I think it is a good approach. Silverlight is a small download to start - so, I dont think you loose too many people by it. I would do it.
I intend to make some software to be sold over internet. I've only created open-source before, so I have really no idea of how to protect it from being cracked and distributed as warez. Bearing in mind that I know like two programms that aren't either cracked or not really useful I decided that the only more or less reliable way may look like this:
Connect to a server and provide licensing info and some sort of hardware summary info
If everything is fine, the server returns some crucial missing parts of the program bound to that certain pc along with the usage limit of say 2 days
That crucial stuff is not saved to hard drive, so it is downloaded every time the program starts, if the programm runs more than 2 days, data is downloaded again
If the same info is used from different computers, suspend the customer account
What do you think about this? It may seem a bit to restrictive, but I'd better make less sales at first then eventually see my precious killer app downloaded for free. Anyways, first I need some basic theory/tutorials/guides about how to ensure that user only uses a certain Java app if he has paid for it, so please suggest some.
Thanks
I work for a company selling protected Java software.
I won't comment on the scheme for user authentication, but I can comment on the online license check.
Don't make it even "work for two days": that's how I pirate most software... Virtual Machine set "back in time" and externally firewalled so that it doesn't "phone home" anymore (that is: only allowing it to contact the server once, to get the trial key), always reimaged from the point where the software got freshly installed and bingo, the 30-days trial (or two days trial) has become a lifetime trial. Why do I do this? To learn how to better protect our app of course ;) (ok, ok, I do it just for fun too)
What we do in our commercial Java software is to check the license at every startup.
We've got hundreds of customers and nobody ever bitched about it. Not once. We generate a unique class at each run, which is different at every run, which depends both on things unique for that launch on the client side and on things generated once on the server side.
In addition to that having the app contact your server at every launch is a great way to gather analytics: download to trial ratio, nb average launches per trial, etc. And it's not nasty anymore than having an Urchin/Google JavaScript tracker on each webpage is nasty.
Simply make it clear to people that your software performs the online licence check: we'got a huge checkbox either on or off saying: "Online licence verification: OK/Failed". And that's it. People know there's a check. If they don't like it, they go use inferior competitor products and life is good.
People are used to live in a wired world.
How often can you not access GMail because your Internet connection is down? How often can you not access FaceBook or SO because your Internet connection is down?
Point is: make as much computation as possible dependent on the server side:
licence check
save user preferences
backup of the data generated by your app
etc.
Nobody will complain. You'll have 0.1% of your user complain and anyway you don't want these users: they're the one who would complain about other things and post negative feedback about your app online. You better have them not to use your software at all and complain about the fact that it requires an always-on Internet connection (which 99.99% of your target demographic and hence they won't care about the complain) rather than actually have them use the app, and complain about other things related to your app.
Regarding decompiling, .class can usually be decompiled back to .java unless you're using a code flow obfuscator that produces valid bytecode but that it impossible to be generated from .java file (hence it is impossible to get back a valid .java file).
String obfuscator helps make it harder to figure out.
Source code obfuscator helps make it harder to figure out.
Bytecode obfuscator like the free Proguard makes it harder (and produce faster code, especially noticeable in the mobile world) to figure out.
If you're shipping Windows/Linux only then you can use a Java-to-native converter like Excelsior Jet (not free and kinda expensive for startups, but it produces native code from which you simply cannot find the .java files back).
As a funny side note you'll see people trying to mess with your online server... At about 30 beta-testers we had already people (which we know where part of the trial) trying to pirate our online servers.
I am sorry to turn you down, but first you should have an idea of what you want to build; then you should prove that your idea not only works, but is also loved by users to the point where they want to pirate it. Thirdly, you have to make sure that the time you are investing in making it "secure" is actually worth the value of the application.
If you sell it for a dollar, and you only sell ten copies, and you spent 100 hours making it secure, you do the math and tell me if your time was worth that little money.
The take-home message here is: everything can be cracked or copied. At the end there are much brighter people than us doing this (iPhone cracking, digital TV, games, etc) and nobody found the silver bullet. Only thing you can do is make it harder to crack your application (often at the expenses of usability, ease of installation, and by cutting corners for some use scenarios). Asking yourself if it's worth the hassle it's always a good starting point.
Don't bother.
The gaming industry has been battling piracy for decades. Online multiplayer games with a central server typically require a subscription to play. That model is fairly resistant to piracy. Pretty much all other games are heavily pirated, despite innumerable attempts at DRM.
Your app will be cracked and pirated, no matter what language you write it in and what tools you use to prevent it. If your DRM actually works, the people who would have pirated it still won't buy it. Furthermore, legitimate users will prefer other products that don't have intrusive DRM. If there are no competing products and yours has any market to speak of, someone will create one.
Unless your application is specifically web based your users will find it to be a huge hassle to require an internet connection in order that they might access the product. What you are suggesting will work, unless it gets broken, like all DRM systems do. I understand the want to protect your intellectual property, but with many companies as examples, these systems are usually broken or the product does much worse because of them.
I have really no idea of how to
protect it from being cracked and
distributed as warez.
First, you'd be better choosing a language besides Java, if this is a concern. This is why C++ is still alive and well in the commercial apps world. Unless you are going to use an actual Java compiler to native exe, I'd reconsider Java for IP protection reasons.
For that matter, even C++ isn't impervious to cracking, but IP prorection vs. cracking are two separate, important concerns.
That's a really tricky task, especially with something running in a VM.
I would say you might be thinking in the right direction. Obfuscating it to make it reasonably hard to modify might prevent people from circumventing the built in licence checks.
However, ultimately, if your application is self-contained, it will always be crackable. If you can build it so that it uses services you provide, than you can probably command it's use.
To paraphrase a Mr Jeff Atwood, it is better to make it easier for your customer to pay you than it is to crack your app. In other words, I think you are attacking the wrong problem. Make buying your product REALLY easy and then your customers won't feel they need to go to the effort of cracking it.
I would have a look at the backlash from the game Spore before deciding on a licensing scheme. They had it phone home, and only allowed so-many installations, etc. etc. etc. Spore was supposed to be their "Killer App" and it really had a hard time simply because of the licensing. You say you are willing to have fewer sales than see people using it for free, but you may want to be careful what you ask for. I was really looking forward to spore (and so were my children) but I never did buy it because of the DRM scheme.
No matter what you do, it'll be cracked in very short order especially if the program really is worth anything.
If you do go with a licensing scheme, make it simple and usable so you are not punishing those that have actually paid for your software. Also, I would avoid any phone-home style checks, that way your customers will be able to continue to use the software even if you don't want to keep paying for that domain 3 years from now.
I see a specific weakness in your example, besides the comment most people already put in that DRM is hard(impossible) to implement and often simple to circumvent.
In your second point:
If everything is fine, the server
returns some crucial missing parts of
the program bound to that certain pc
along with the usage limit of say 2
days
This 2 (or X) days limit will most likely be extremely simple to circumvent, this would just a few minutes to find and patch (crack).
If you really want to have a DRM model the only reasonable way to go is to put at significant part of the application as a web service and require constant connection from the users.
Before you try any of this, be sure to read Exploiting Software and you will think twice before trying to do DRM.
I think, given the context, the most effective form of protection for now would be the limited demo/license key approach: it would give people time to fall in love with your application so that they are willing to pay for it, yet prevent casual copying.
Once you know that your app hit it big, and that crackers provably siphon off a significant portion of your possible earnings, then you can still add additional checks.
Another thing to consider is where your app is going to be used: if it's something people would put on the their laptops to use on the go, network connectivity is not a given.
That is some of the harshest DRM I've ever heard of, your users would hate it.
Also, keep in mind that there are a lot of good Java decompilers out there due to the nature of the language and someone determined enough could just find areas of the program dealing with your DRM and bypass/disable it then recompile it (according to this a recompilation would be unrealistic)... so you would even have to go out of your way to implement your code as complex as possible to prevent a hacker from being successful. (Which could be done with one of those code obfuscation tools they may have out there.)
As long as it's an Internet application, you could restrict it in that manner. Short of cracking the program, this would work fine except for replay attacks.
For example, if I can capture the traffic that is going to your server, and simply replay it back to my program each time, I'm still good. For example, I could create my own "web server" and ensure the program hits that instead of your server.
You should read "Surreptitious Software" from Collberg and Nagra. This book is really good to help you understand how software protection mechanisms work (such as Code obfuscation, watermarking, birthmarking, etc...).
As lorenzog said, total security doesn't exist and software security is like a constant race between software vendors and pirates.
You should use cheap obfuscating transformations (so the overhead they incur isn't killing the performances) to prevent as many attackers (remember most of them are script kiddies) as possible to "steal" your killer algorithms or any secret data.
If you're willing to push the security further you can birthmark your algorithms and watermark your copies in order to find who leaked your creation. But even if you do, this doesn't mean your software is 100% secured. Plus the time you'll spend adding these mechanisms might not be worth the effort.
These concepts are really well explained in the book I mentioned before which is worth reading.
If I had enough reputation points, I'd vote this question down. Commercial software protection is a waste of time, money, and effort for many reasons. Concentrate on making a piece of software worth buying. If your software is popular enough to maintain wide seeding by pirates, you're probably successful enough at that point that you won't even worry about piracy. Anyway, crackers crack software protection mostly for fun. The stronger your protection, the better the challenge it presents and the more they want to crack it. Your best effort will cost you thousands, take months, and be cracked in only days.
I've just gotten a new job and will be focusing a lot more on Java development. I figure I'll do my business stuff (Web) during the day, and then do a bit of playing after hours (Game Dev).
It's been forever since I've been active in any sort of Java game development community; is there a good central source for such information? Source demos, frameworks, books, that sort of thing?
Thanks!
IVR Avenger
You could do worse than investigate the Light Weight Java Games Library (LWJGL).
Also JOGL.
Also FengGUI for 2D interfaces in OpenGL (think a themable Quartz 2D Extreme in Java).
www.jmonkeyengine.com
a java game engine;
One thing that I liked about jmonkey is that it had decent resources for getting the project to build using several combinations of tools. I think you'll find the demos are adequate as well.
Killer Game Programming in Java by Andrew Davison
Some of the content is a few years old (but mostly still relevant) and he just added a new chapter in June, so the site is still active.
I would also take a look at Project Darkstar. The project deals with distributing actions and messages between game client(s) and game server(s), essentially dealing with client-server gaming backend. It also has a good forum for different integrations with different Java frameworks for GUI.
If you're looking at Java Applets, in my opinion, the best overall resource is Pulp Core.
This deals with the common problems you'll face with Applets, in particular with loading. In addition it abstracts you from problems like animation timers, client sound issues. The applets work without any installation other than Java - which for me is a very high requirement.
See the example game and the Bubble Mark score. I'm not affiliated with them in any way but I have delved into the source before!
Don't be put off by Java Applets. They have a bad past but the present is different. Installation is faster, startup more than acceptable, and the environments are no longer so polluted by Microsoft's deliberately bad VM. Java currently has a 75% adoption rate but for gamers you will typically get a much higher percentage (over 95% of new visitors to my gaming site have Java already installed).
Some useful resources that may help you:
This
page has a bunch of great links about animations and game tutorials.
Interactive
book by the creator of Pulp
Games
Swing and the EDT - unfortunately a
must know.
gamedev.net and devmaster.net are pretty much the two game development resources; language-agnostic, maybe leaning towards the C++ side, but it's all the same thing no matter what language you express it in.
Unfortunately those two sites just don't cut it for me. I would really like to see a GOOD game dev website. Maybe it's just me but it seems like everyone's working on their own thing and there really isn't any good central repository for, like, everything. I love the concept of gamedev.net's articles section, but many are outdated now and don't seem to be kept up. It's a shame, really. Stackoverflow is my best game dev resource right now.
Also check out the questions I've asked in the past, and my favorited questions (if you can see them). I keep a very close eye on tags related to java and/or gamedev here all the time (thus what led me to this question :) ).
Check out the java gaming forums. http://www.javagaming.org/ They are quite active, and seem to have experience developers that probably can point to the latest in javagaming tech.
Also, here are some engines I know of for 3D games.
jpct www.jpct.net small jar file and relatively fast, supports both software and hardware (OpenGL via LWJGL or JOGL) rendering. Not open source, but the developer answers questions promptly. By the way, I'm not the developer of jpct.
Also, jmonkey engine as posted before, very mature engine.
There are others like Xith3D, 3DzzD, but I would say jmonkey is the largest right now.
If you're looking into 2D content, I would say check out PulpCore or Slick 2D.