Securing the Web

Adding SSL/HTTPS support to Apache.Digital Gamecraft logo

You may have noticed (or not) that this blog has recently acquired a little padlock icon to indicate that it is “secure”.  You can now access the blog using “https://”; in fact, using “http://” (without the ‘s’) just redirects to the secure page anyway.

Marketing Purpose

This change has been on the task list for a very long time, but it finally became really important when, last July, Google changed Chrome to display “Not secure” next to any web site that did not have a certificate.  Given that Chrome now represents about 60% of browser usage across all platforms, that is not an audience we would ignore.

Fortunately, at the moment, the little indicator in Chrome, and other small reminders in various browsers, are not too damaging, but this is likely just the beginning of more and more dire warnings.  Realistically, there is essentially nothing passed from this blog outside of Digital Gamecraft itself that needs to be encrypted, per se, but readers do not necessarily know that, and they should not be asked to know that, either.

From a marketing standpoint, anything that causes a “customer” (in this case, reader) to have to make a decision (e.g., “Is this site safe?“) reduces the likelihood that individual will continue, which means that it reduces the audience.  Not desirable.

Technical Purpose

In the past (i.e., when this task was first added to the web improvements list), adding support for secure, encrypted communication via SSL/TLS/HTTPS was a complicated and confusing process.  Frankly, this is why it never quite bubbled up to the top of the list and, thus, never got implemented until recently.

Without getting too technical (because I could not, even if I wanted to), SSL stands for Secure Socket Layer, which is a protocol for encrypting communications, and TLS stands for Transport Layer Security, which is a newer version of the same thing.  TLS actually supersedes SSL, but the latter is still used generally to represent both SSL and TLS.  HTTPS is the protocol used to do the actual communication.

The idea is that everything transmitted over the internet (such as this blog post), if not encrypted (i.e., using HTTP), is readable at every server and router along the way.  Encrypting the data makes this (nearly) impossible, so TLS (or SSL) is used, and HTTPS tells the receiving computer that the message needs to be decrypted.  The process of encrypting and decrypting data relies on certificates that need to be obtained from a certificate authority (CA), which is where things were most complicated.

In the “old days” (just a few years ago), you would have to contact a CA to get a certificate, and this process often required providing lots of information to prove who you were before (always) paying an annual fee for a certificate.  There are different types of certificates with various levels of verification and you can still spend upwards of $500/year on a certificate, or even $150/year or so for certificates no better than certificates you can get for free.

Implementation

You read me correctly: FREE.  Over the past few years, the cost of low-end certificates (enough to be considered “secure”) has dropped to the point of now being free and automated.  In particular, Let’s Encrypt is a certificate authority “run for the public’s benefit” that provides free certificates.

Additionally, the automation provided by Let’s Encrypt and EFF’s Certbot makes this fairly simple to do.  After the fact, knowing how easy this was, I am somewhat embarrassed that I did not do it sooner.  So, here is how I did it…

I started at the Let’s Encrypt site, read a little bit, and then was directed to the Certbot site, which (on the main page) just asks for your web server and system type.  Caveat: We run our own servers here, so I have full shell access to the system; I do not know how much more difficult it may be trying to do this through a web interface.

Because we are using Apache running on Ubuntu (Xenial) to serve this site, I ended up on this Certbot page.  First, I updated my system, just to start with the latest components, and then I just followed the (5) steps in the Install section.  If you have ever installed Linux software from a command line, the process should seem quite familiar.

Next, I typed in the first command under Get Started:

sudo certbot --apache

I answered the few questions (asked only once) about, as I recall, contact information and whether I wanted to be added to the EFF mailing list (emphatically not).  The meat of the program produces a list of domains served by the Apache installation and allows you to select which ones you want to serve as HTTPS.  After that, it asks whether you want to redirect all HTTP traffic to HTTPS (recommended), which seems to be working flawlessly.

In our case, we have quite a few domain and host names all serving one of a relatively small number of sites.  I initially did just one site (https://sophsoft.com), which worked a charm, but I ended up recreating that certificate and including all of the other host names that serve up the same pages (e.g., www.sophsoft.com and sophsoft.info).  I then repeated the process separately for each discrete site.  Voila!  Done.

Actually, the installation process, when finished, gives you a link to SSL Labs testing page so you can verify the security of your page.  All of our pages were given Overall Rating: A.

As noted in the Automating renewal section, the certificates are only good for 90 days (gift horse and all that), but it looks like there is a cron job that can be installed to automatically renew.  I admit that, until I started writing this paragraph, I thought that it had been installed already, but it looks like I will need to do that myself.

Final Adjustments

We did still have one or two pages (OK, the whole blog 🙁 ) that initially served up encrypted pages but still showed a broken padlock, indicating lack of security.  This can be caused by residual HTTP references in a page, which result in only portions of a page being secure.  Often, image links are still insecure, so they need to be fixed.

In our case, the blog needed the canonical address to be updated to HTTPS in the settings, the custom theme had a reference to an image file accessed insecurely, and many of my actual blog posts made explicit HTTP image references.  It really only took a few minutes to find and fix the issues, but there was a little sleuthing involved.

Conclusion

Sooner or later, and I imagine sooner, web pages that are served up without encryption will be the outliers and will have an increasingly diminished reputation.  I would be quite surprised if Google’s search ranking algorithms did not already favor HTTPS pages.  Given that the cost has now dropped to nothing and automation makes the process pretty easy, it seems like an obvious improvement for any business that values its web presence.

Elite Game Developer Needs More Paying Work

Don’t bury the lead.

Game Developer for hire

Digital Gamecraft: What I Do

I will make your game idea into a real product.  I will make your existing game much better.  I will instill a sense of fun into your team.  I will imbue your code with quality.  I can help get your project shipped to customers.

This game developer is seeking additional work.

I generally work on a contract basis, but I can also do hourly or even full-time salary, as needed.

What?

  • Game development (Windows, macOS, Android, iOS, Linux, online, …)
  • Programming (C++, C, Objective-C, Java, C#, PHP, JavaScript, …)
  • Software Engineering (API design, UI/UX, mobile, AR, networking, AI, …)
  • Project Management (agile, leadership, standards, marketing, quality assurance, …)
  • and much more (from concept through customer support)

Who?

My name is Gregg Seelhoff, and I have more than 30 years experience in the game industry.  I have worked on more than 30 published products, usually in a principal role.

  1. Peruse my current résumé.
  2. Check out my LinkedIn profile (especially the recommendations).
  3. See my online portfolio.
  4. Read the archives of this Gamecraft blog site (since 2004)
  5. Just ask (in the comments, or via email to seelhoff@sophsoft.com).

Note that I have many talented colleagues upon whom I can call, especially for art and music, to form a team of the necessary size for nearly any project.

Where?

Here.  I can travel to almost anywhere in the world, and I have clients all over the United States, but I am most efficient (and prefer) working from my comfortable home office.  That said, I will relocate (and have) for the right opportunity.

When?

I am available immediately.  My time is booked to about 25% of capacity right now but that can change quickly.  Act now, while I am still available for additional projects.

Why?

Love and money.  I love what I do and I need to have enough money to keep doing it.

 

Seriously

If you want to have a top quality game developer on your team, or you have a game project that needs to be created or improved, contact me now.

 

New Old Home Office

Michigan development at full strength.

This week we completed some basic remodeling of the main Digital Gamecraft™ headquarters.  After three years splitting time with Los Angeles, California, we have again consolidated here in East Lansing.

Before we piled too much equipment into this office, we took the initiative to clear it out, remove the nasty linoleum tile floor, repaint the walls bright white (from beige) to increase brightness, seal the floor to insulate the office from external odors, and install proper carpeting to muffle the ambient noise from multiple systems running in a limited space.  With the addition of another bright lamp, this space is now very (i.e., even more) comfortable and conducive to productivity.

Of course, over so many years, we collected lots of equipment that is not as necessary, or downright obsolete, and (I hate to admit) an abundance of cables running every which way, including some that were no longer connected to anything on one or even both ends.  Now we are reloading the office with only the necessary, convenient, and/or inspirational items (and the best ones, in the case of duplication).  At the moment, it is still a little spartan with just the fundamental development systems, but we will build it out for better efficiency as we perform our primary programming tasks over the next month or so.

Meet the working stations

We have a few different stations set up for development work:

Windows and Android station (dual-boots Linux)

This primary development station currently handles Windows and Android development, as well as Linux, Unity (desktop), Unreal Engine, HTML 5, or almost any other platform for which we build products.  It is positioned in the optimal location for seeing outdoors and minimizing reflections (to reduce eye strain).

Mac and iOS station (dual-boots Windows)

This secondary development station currently handles Mac and iOS development, as well as Unity (mobile), and other platforms when on the road.  It, too, is positioned for reduced eyestrain, with minimal reflections and a direct view outdoors.

Relaxation station (in progress)

This station facilitates development by giving an opportunity to relax and break away from direct problem solving, which often gives the unconscious mind some time to work the problem, or to simply blow off some steam.  This pinball machine is a Williams Fun-Fest, an electromechanical (EM) model produced in 1973, which is fully playable, but slowly undergoing some restoration.  It has been accompanied by an original arcade Galaga machine from 1981, but that cabinet currently needs a replacement CRT or board.

This room also houses our primary server, which is headless, and a mobile device station consisting of two multiple device docks capable of charging 15 mobile devices (including Apple Watch) simultaneously, though we still need to charge the iPad Pro pen separately.

Older makes way for newer

In the course of setting up and making room for the latest equipment, we find that there are older systems and devices to be retired from ongoing development.  In this go ’round, the following were retired:

  • Apple Mac Mini PPC
  • iPad (original, still on iOS 3.2)
  • iPod touch (2d generation)
  • Android 2.2 (Froyo) phone
  • Ouya
  • Microsoft Xbox 360

Some of our peripherals may be retired as well.  Our duplicate X-Arcade Tankstick, as well as the older Dual Joystick and (separate) Trackball devices, are destined for storage.  Our Microsoft Sidewinder joystick and Logitech/Momo steering wheel/pedals, force-feedback devices, will stay.  We have 4 printers, 3 scanners, and 2 external optical burners (all useful) to optimize, and we have extraneous monitors, speakers, and various network routers and switches to stash.  I guess we will retire the fax machine, too. 😉

Efficient usage of resources

Now that the remodeling, consolidation, and configuration of the office is (essentially) complete, we find that we have some extra time for external development projects.  In these slow, summer months, we are booked to only about 25% of maximum capacity.  If you have (or know anyone who has) need of a massively experienced game developer or team, please check out SophSoft, Incorporated at sophsoft.com.

Of course, we have (literally) 32 more game projects prioritized for development under our Digital Gamecraft brand, plus a separate productivity product (to be announced), but I would love to discuss how we can help you make your vision into a published reality.

Looking Forward to 2018

Happy New Year! 🙂

Digital GamecraftThe Roman calendar started in March (Mensis Martius), so by that measure I am not too late.

OK, so we are already two months into the Gregorian year, and this is only my second post.  Frankly, those of you who know me personally will appreciate that I often have a lot to say, but when it comes to setting aside time in my busy schedule to write it down, well, my preference always tends to actual development (and my task list reflects that preference).

So, SophSoft, Incorporated and Digital Gamecraft have been acting like a duck, appearing calm and quiet on the surface, but paddling like crazy under the water.

Yes, we have been ducking. 😉

That said, we have been doing a great deal of development work on a few fronts.

What We Have Been Doing

Recent development work has been divided pretty clearly into three categories:

  1. SophSoft has been continuing our long-term association with Goodsol Development, and there are a couple of products in the pipeline for release in the near future and, of course, more to come thereafter.  There is a major release scheduled for March 21st (stay tuned), followed shortly by our two products, the first of which is already “in the can”, and the other being completed now.
  2. Digital Gamecraft is going to be releasing Demolish! Pairs for Android soon, in conjunction with the refresh of Demolish! Pairs for iOS, which is currently in progress (as required by Apple).  Another game is prototyped and approved for full production once that simultaneous release is (successfully) completed.
  3. I have been leading a team, the Advanced Concepts Group, at DAQRI, to produce AR (augmented reality) software for enterprises (Professional Grade AR™), including the majority of the Worksense™ productivity suite, as well as the development tools necessary to build applications for the DAQRI Smart Glasses®.

With more than a dozen products actively developed already this year, not to mention also properly purchasing our Michigan home/office during the same period, perhaps that will put some perspective on my lack of blog progress.  Now…

What (else) We Will Be Doing

In addition to the work mentioned above:

  • SophSoft has another (unannounced) product designed and in the early (prototype) phase.  It is a slight departure from other projects we have previously done, but it should be groundbreaking.  The first version is scheduled for release in “late Q3”.
  • Digital Gamecraft has a planned and prioritized list of game projects to undertake, with four more expected to be developed during 2018.  However, we should probably emphasize the “agile” nature of this schedule.
  • With DAQRI, there are several exciting (but, alas, non-game) projects scheduled throughout the year and into 2019 and beyond.  I am not at liberty to reveal any of these plans, of course, but I have seen the future of industry.

Personally, I have two close family weddings and a big family reunion all scheduled during the summer (in three different months), so I should be increasing my air miles, too.

Conclusion

Everything is looking quite positive, and after Looking Back at 2017, I fully expect 2018 to every more productive and fulfilling.  In fact, composing this blog post reminded me why I should be doing it more regularly: it helps me increase both my enthusiasm and my focus.

Looking Back at 2017

Overall Performance Grade: C-

Digital Gamecraft / SophSoft, IncorporatedIt has been more than four years since we have done a proper ‘Year in Review‘ post and, frankly, it will be still longer before we do a proper one.  However, we should take a look back on the previous year and take an honest appraisal of our performance and the work we have done at Digital Gamecraft and SophSoft, Incorporated.

Overview

Excluding politics, 2017 was not a terrible year for us, and for the most part we moved in a positive direction, with no catastrophic setbacks.  However, it must be noted that our ostensible performance was disappointing.  While we made big strides with internal development, we did not publish enough product (nothing directly from Digital Gamecraft) and did a poor job of communicating and marketing.

When one is spinning plates, it does not take much loss of focus to allow things to come crashing down.  Right now, SophSoft is as “streamlined” as it has been since 1994, so with fewer manhours to utilize, we tend to focus on the crucial issues (e.g., paying bills) and the tasks that we perform best and enjoy the most (i.e., development).

What Went Wrong

Because I gave us a below-average grade, we will start with the negatives for 2017:

  • We did not publish any Digital Gamecraft products (or even updates).
  • One of our Demolish! Pairs products was removed (forcibly) from the App Store.
  • Our primary web server crashed (hard) in the summer and we are still recovering.
  • Time spent in Los Angeles is far less productive than East Lansing (for reasons).
  • The current US Government is attempting to destroy this country for generations.

What Went Right

Now, we can end this with the positives about 2017:

Conclusion

Ultimately, being disappointed with shipping an average of more than one product update per month is probably a good thing; however, we can definitely do better, and that will be the subject of my next post, Looking Forward to 2018.

Dead Server was Dead

The Gamecraft blog hiatus is now over.

Digital GamecraftBack in the summer, our primary web server died.  When I say, “died”, I mean that it completely lost power suddenly and never came back on again.

Fortunately, we had a much more powerful server already online ready to take on the new hosting responsibilities (having been acquired to do just that).  Alas, the transition was planned to be a slow rollout, not an under-the-gun quick turnaround.

Resource prioritization

There were some services provided by the late server that needed to be replaced and restored post haste, so those clearly had priority.  However, the number of employees here skilled to handle server administration duties can be counted on the index finger of my left hand.  We took care of the emergency issues as soon as possible, and then we triaged services that felt like high priorities but which could actually wait.

Restoring this site was one of those lesser items.  The measurable ROI (return on investment) for the blog was negative, it takes a significant amount of time to manage and provide content, and the readership was dropping far below its peak.  In fact, we had been cutting back on the number of posts out of necessity.  On the other hand, we had as much contract work as we could handle, one product needing some critical attention, and a new project in danger of falling further behind our planned (albeit arbitrary) schedule.

After getting over the initial emotional reaction and making the decision to wait to restore the blog, it became easier to keep pushing that effort further into the future.  Not only did we save (well, postpone) the immediate time requirements, we also saved the time it takes to write original content and maintain the site.

As an interesting bonus, traffic to our Facebook page increased by 1600% shortly after the server went down.  However, that boost was short-lived.

The intangibles

I surmised that the unexpected boost to Facebook views, which trailed off reasonably quickly (especially since we have not posted an update there in a long time), was actually an influx of blog readers checking to see whether we were still “alive” as a company.

We were very much alive, just too busy (and short on resources) to restore the blog.

Additionally, there were a small number of items that came up which we would have liked to communicate to our readers, but given that such a post required the initial time investment to revive the blog, many of these were simply dropped or forgotten.  We have also had three (unannounced) product update releases during this “hiatus”.

Finally, however, I made the call to relaunch the blog when we had a lull in time-sensitive work, combined with a number of upcoming announcements in the next few months (not to mention a growing concern about the impression left by a landing page).

As is so often the case with such tasks, once the decision was made to go ahead and get it done, it took less time than feared and embarrasses me to have procrastinated so long.

We are back

Now, the Gamecraft blog is back, and we have lots of posts to make and, as noted above, expectations of news to announce in the coming weeks.  Of course, because of the abrupt and complete failure of the previous server, there are still a few niggles that have to be worked out of the system, and a few changes to be made, but that is always the case.

Welcome back, readers!

35th Anniversary!

SophSoft has been in business for 35 years as of today.

Digital GamecraftOn Wednesday, January 13, 1982, thirty-five years ago today, Sophisticated Software Systems was officially founded.  That company was later incorporated as SophSoft, Incorporated (because that domain, sophsoft.com, was still available).

Five years ago, I wrote a post, 30 Years in Business, giving more information.  You can also see the About SophSoft and Digital Gamecraft page (and sidebar).

Over time, some years have been more productive, and some have been more “interesting” than others.  Notably, back on the 25th anniversary, I actually posted about the results of our annual off-site meeting, rather than the major milestone; in that vein, I will keep this celebration limited and generally mark the occasion with more development. Still…

SophSoft, Incorporated is the oldest indie game development company in the world!

Ha!  Beat that. 🙂

Fifteen Years with Goodsol

We have been working with Goodsol Development for 15 years now!

Goodsol DevelopmentOn this date back in 2001, SophSoft, Incorporated made our first software delivery to Goodsol Development.  Since that time, we have never stopped working together, producing the best solitaire software ever created.

I posted about this collaboration 5 years ago in my post, 10 Years of the GDcard Library.  We have continued our progress since then, adding an entire line of iOS products and 400 more games to Pretty Good Solitaire Mac Edition, along with much more.

For fun, I thought that I would take a look at some of the numbers:

To save everybody a little bit of math, this means that, on average, we have delivered a new product version once every 10 days, and we have added a new game of Solitaire every two days, for the entire 15 years.  Amazingly, the number of delivered versions for Pretty Good MahJongg and for Pretty Good Solitaire Mac Edition are currently exactly the same: 88 of each.  [Spoiler: PGMJ will take the lead with a macOS Sierra bug fix.]

In lieu of anniversary gifts 🙂 , just tell your friends about our excellent products!

SophSoft Relaunch

SophSoft, Incorporated jumps back into the fray.

SophSoft, Incorporated - custom game developmentAfter a respectful (and necessary) period of readjustment, while SophSoft, Incorporated and Digital Gamecraft™ added a second office on the west coast, we are making our public reappearance.

It has, admittedly, been a while since I have made any concerted effort to market our development services or published games, or to comment on industry events.  Instead, I have retrenched to focus on our core concerns: key clients, business organization, and (of course) financial stability.  Having made significant progress on all fronts, it was time for us to again perform those functions that go beyond simple maintenance to actually growing the company.  To that end, I am not only committing time to this effort but getting more assistance in areas that I can efficiently delegate.

Here is a quick roundup of the news (past and upcoming):

SophSoft, Incorporated

Over the past year, we have continued our previous development work, most notably for Goodsol Development, with whom we have been working for 15 years (later this month); there have been several releases in that time, and many more are still scheduled to be shipped (for Windows, Mac OS X, and iOS) during the rest of 2016.

We have added to our collection of mobile devices (iOS, Android, and Windows) for development and testing, as we have continued to improve our knowledge and experience on all three platforms.  (I can neither confirm nor deny reports that Apple Watch, Android Wear, Apple TV, and Android TV are included in our forthcoming lineup.)

As a departure from games, development is underway on a new line of productivity tools that aim not only to enhance our bottom line, but also (actually, primarily) to significantly increase our internal efficiency and organization.

Digital Gamecraft

We have continued to support (albeit not promote) Demolish! Pairs for iOS, while we have been making progress on an Android edition.  This progress on a new platform for Demolish! Pairs has gone from fitful to steady, and it is now increasing in velocity.  We have some new marketing prepared, including an online playable version (in HTML5).  Expect new features and new platform announcements fairly soon.

In addition to that title, our next game is already under development.  This one will be the first of our “Gamecraft Classics™” series of classic board and card games, and it represents an early step along our roadmap of upcoming titles in five major genres, as well as a few experimental (‘one off’) titles.  All of these games feed into our SophPlay™ System for robust game development, strengthening its foundation.

Finally, plans are in place for renewing and enhancing our presence on social media, expanding from Facebook, Twitter, and Google+ into more places for community.  Follow us via these links now and experience the resurgence as it happens.

Still More…

As noted, we now have offices in both East Lansing, MI and Los Angeles, CA, and it has been a chore getting our infrastructure working (together) in both places.  Now that we have stability, we are enhancing our capabilities with new, faster servers.  Although the switch-over and retirement of older hardware is still in progress, users should experience more responsiveness and better reliability (if not now, then within a couple of weeks).

As ‘no battle plan ever survives contact with the enemy‘ (in this case, the challenges of limited resources and product discoverability, primarily), there is no doubt that our goals are ambitious and our priorities will change.  However, as an entrepreneur, I find that merely maintaining the status quo is more stressful than risking failure.

Summer Slump

Mobile games may not play by the same rules.

We have now entered summer (in the Northern Hemisphere, anyway), which is traditionally a slow time for sales in the game industry.  The explanation over the years has generally been that this is a time during which people take vacations and spend more time outside, so they spend less time at the computer or game system and play fewer games.  This certainly makes sense for desktop and console games, but in this day of increased use of mobile devices and handhelds, the traditional explanation may not hold (as much) water.  When one of your game systems (i.e., phone) travels with you everywhere, it makes sense that it would get used as much as usual; in fact, it is likely used more in places like airports, the back seat of a car during a long drive, and the hotel room after the swimming pool has closed for the evening.

Of course, if summer shifts play to mobile games, where the (dubious) profits are marginal, at best, this is still likely to result in an overall slump for companies who support more than one type of platform.  Nevertheless, I expect that consumer behavior changes differently in the summer with respect to mobile games.  I would hope for extra game purchases in preparation for a vacation or while waiting during travel.

Interestingly, our limited data (with a little squinting 🙂 ) can fit that scenario.  Since the holiday weekend at the end of May (Memorial Day in the United States, Late Spring Bank Holiday in the UK), downloads have changed.  At the start of that weekend, we saw a spike in downloads which mostly persisted through the (holiday) Monday, after which they essentially flatlined for a few days.  Then, last weekend, we had another (smaller) spike on Friday, Saturday, and Sunday, then (now) back to zip.  Alas, our total download counts are too small to draw definitive conclusions (or even be statistically significant 🙁 ), and it has only been a couple of weekends.  (Our sales do not definitively correlate with downloads.)  Also, many schools around here are still in session, so we are not really into the heart of summer vacation season either, though the weather is definitely much improved.

Demolish! Pairs 1.11Operating more on the assumption that mobile sales may persist through the summer, and the knowledge that sales really need to improve, than on the need for experimental data, we have decided to put Demolish! Pairs on sale for 50% off throughout the month of June, and we have likewise discounted all IAP products in Demolish! Pairs FTP similarly.  Sure, it may skew the data, but in a good way. 🙂

As a reward for reading this blog post (assuming that you have done so in a timely manner), I will tell you that we are approaching the 1 year anniversary of the Demolish! Pairs release, and to celebrate, we plan to make the game absolutely free for one day only, on June 18, 2014.  You can download the game on that day (two weeks from today) and keep it forever.

“There’s a hole in the cat bag!”