Software Development

It has been I-don’t-even-know-how-long (that is: an eternity) since I last offered any of my apps for purchase outside of the App Stores.
GimmeSomeTune was donationware (handled by PayPal), but there was no licensing, so that doesn’t count.
For a software-bundle (I can’t remember the name, and I don’t believe it’s around anymore), I created a non-updatable version of ScreenFloat 1.x that customers received, yet also without licenses, so that doesn’t count either.
I think the only app I ever really sold properly and had a license scheme for and handled sales myself was flickery, which I sold from my website through PayPal before the Mac App Store arrived.
But once the Mac App Store hit, I transitioned all my apps to it pretty much right away.
It’s just so convenient: no license creation, no license verification (apart from receipt validation, but that has become more convenient recently), easy updating, no handling of payments, invoices, refunds, and the potential of getting featured to lots and lots of users.

Why do it, then?

Besides all that, it was high time I set up a way to also sell my apps outside of the Mac App Store.
Without a licensing system for my apps, I’ve been unable to participate in software-bundles and/or collections. Lots of companies and corporations cannot purchase apps from the Mac App Store due to policies. Individuals who want to purchase my apps for work are unable to do so because of those same policies. I also am unable to give individual discounts to customers when need be.
And while I am a strong proponent of the Mac App Store, I also believe in giving people a choice. Customers should have the choice of purchasing my apps on the App Store, or directly* from me. *: I don’t handle any of the payment and invoicing myself, that’s done by my Merchant of Record, Paddle.
Also, it certainly cannot hurt to have an alternate route to sell my apps.
What if the Mac App Store goes belly-up? Not likely, but still, I’d go belly-up along with it.
What if Apple doesn’t want my apps anymore? It could happen (it has been close before), and then I’d be screwed.

All that is just a long-winded way of saying: it makes sense to have some redundancy. A second way of selling my apps. One I have a bit more control over.

Now, I did slack off on this for a long time. I’ve been getting requests to participate in bundles for years (!) and still couldn’t bring myself to set it up. I don’t know why. I guess I thought my time was better spent working on my apps instead of backend stuff.
But then there were all these recent inquiries from companies, and users affected by policies of companies, who cannot purchase apps from the Mac App Store. For some reason, there’s been an uptick there, and requests have become more and more frequent.
So I hunkered down and finally started looking into all the things that needed to get done so I could sell my apps outside of the Mac App Store as well:

  • Decide on a Merchant of Record
    (crucial for the “selling” part)
  • Come up with and implement a license key scheme
    (crucial for legitimating purchases of my app)
  • Freshen up my PHP, HTML and JavaScript “skills” and integrate my backend with the merchant’s
    (crucial for everything)
  • Implement a way for the app to update itself
    (pretty much standard nowadays)
  • In that vein, implement a safer way to download files than just a plain file-straight-from-server download
    (so the app can verify the update is legit)
Getting a Merchant of Record or Payment Processor

A “Merchant of Record” is a company that handles payments, invoicing, refunds, taxes, etc for indie software developers and other businesses. Payment processors “just” handle the payment part, but you’re pretty much responsible for everything else.
There are actually quite a few to choose from: FastSpring, PayPal, Paddle, Stripe, and Gumroad, just to name a few.

  • PayPal I didn’t want to use because I remember its API from back in the day and it just gave me headaches. I’m actually amazed I pulled it off for flickery way back when. Also, and I might be wrong about this, but, I believe it still doesn’t handle taxes and stuff for you, and I just won’t do that myself anymore.
  • Gumroad seemed to me like more of a hobby thing? Anyway, I couldn’t see myself selling software through them.
  • FastSpring is a popular choice, loved for its extensive feature set.
  • Stripe seemed out of my league. Like, it’s a fancy masquerade ball, and I’m in the dark corner wearing sweats, eventually getting asked to leave because I make people “uncomfortable”.
Put the Paddle to the Metal

So I went with Paddle. I don’t feel frowned upon here in my sweats. And in my calculations, it seemed a bit less expensive than FastSpring. Plus, I’ve heard good things about it. The API is well-documented* and their support seemed… supportive.
Why’s there an ominous asterisk next to “well-documented”? I’m glad you asked!
There’s Paddle Classic, and as of recently, there’s the new Paddle Billing, with a completely different API.
Guess what this idiot (read: me) did. Yup, I spent 3 days looking into and partially implementing Paddle Classic, only to find out it’s no longer available for new signups. Fun!
Hey, Paddle, I have a suggestion: Instead of that tiny, friendly light-blue indicator at the top of the Paddle Classic API documentation page that you can easily overlook and even dismiss, why not make it a big, red, bold-letter banner? That would have saved me tons of time.
Instead, I sat there wondering why none of my test-calls from the Paddle dashboard worked. (Side note: Debugging remote PHP scripts is a freaking pain. Especially the way I do it – which might be the wrong way.)
But that’s alright. Every story needs its ups and downs. Why not begin with a down outright? Who knows, it could be all uphill from here!

For selling through Paddle, you need their approval. They take a look at your website and make sure everything’s on the up-and-up regarding your Privacy Policy, Terms of Service, payment flow, checkout and whatnot.
The entire process was fairly straight-forward. It might have helped that I’m already selling my apps through the Mac App Store, so they could see that I’m serious about my endeavors. For my Terms of Service I looked into the websites of other indies selling software through Paddle, which I thought made sense, since they’re already approved by them.
It took about three weeks with a bit of back and forth to get the approval, but that was no time lost, since I used it to start implementing the correct API on the backend.

Scheming up a License Key

A vital part of an app sold outside of the Mac App Store is requiring the user to have a license key in order to keep using it past its trial limitations. If you don’t have that, anyone could just use your app without paying for it. That’s fine for freeware or donationware and the like, but for an app you want to sell, it’s counterproductive.

Obviously, you want to be the only one able to create these license keys. Back in the day, for flickery, I had a very traditional format: a 32-odd-character dash-separated string, like FLKRY-ABA1-ABA2-ABA3…
It was just a salted MD5 hash of a certain order of transformed and salted md5 hashes of the customer’s name and email. In the app, the user would enter their name, email and the license key and flickery would re-create the license key itself from the supplied info and see if it matches up with the one the user supplied. If it did, the app was registered, if not, then not.
In order to forge a key, one would have to know the salts, the transformations and the order I used to create a valid key. Someone with a lot of time on their hands could eventually figure it out and create a key generator. Or hack the flickery binary and figure it out that way.
The salts were actually more pepper than salt, as they were hopefully secret. As a side note, I don’t think the license generation was ever cracked. The app itself was, though.

I’ve decided to go a different way this time around. The license now is a cryptographically signed payload (signed using a private key), consisting of the user’s data, app information and transactional data. All the app does is use the corresponding public key to verify the signature. If it’s valid, it can proceed with further activation steps. If not, something’s wrong with the license. As long as the private key actually stays private, there’s no feasible way to forge a license at this point in time.

I also wanted to make sure a license can only be active on a limited number of Macs or user accounts at a time, and have a way of blocklisting license keys infringing on my Terms of Service.
This is also where license types come into play.
There’s the “personal license” for individuals, which can be used to activate the app a limited amount of times (on any Mac or user account);
and the “commercial license”, which can be activated on a single Mac, but used with an unlimited amount of accounts on that Mac – a “seat” license.
With managing and limiting the activations comes the need to unregister individual copies of an app, or reset the entire license, so you can free up a slot to activate the app on a different Mac or user account. More work on the backend!

Consequently, in order to activate a copy of my app with a license key, an internet connection is required. But you also need an internet connection to download the app in the first place, so I don’t see a downside there. And there’s no always-online requirement. Only once in a while, the app will demand a connection to make sure the license and its activation are still good.

What was important to me about all this though is that none of the user’s information, not even the license key, is stored on my server. Yes, Paddle stores user data, because they have to. But I didn’t see the need to have user data be present on my server as well. It holds only the information it absolutely requires to activate, deactivate, reset, re-issue and refund licenses.

Most of this is handled on the backend, which took most of my time to implement and test. Even though I have been using PHP (with MySQL for database integration) on and off over the years, I’m by no means “fluent”, so I repeatedly had to consult different guides to figure out the best practices, and how to code safely, for everyone involved. JavaScript I’d never really used before (but had to for the Checkout pages), and HTML with CSS, well… my checkout pages are as pretty as they’re going to get, to put it bluntly.
But I learned a lot. I like doing server/website stuff for some reason. Maybe because it’s not my area of expertise, and I get to understand the workings of the internet a little bit better and learn so much. It just has a certain allure I can’t explain.

Next Time

In the next part, I’ll go over the integration with Paddle, and my backend implementation. I hope you’ll join me!

Read more

As a sort-of follow up to my post about Apple’s macOS Engineers running out of places to put new permission dialogs in, I had a thought, because, I do have those from time to time.

Here’s what’s up: In macOS, when you want to, for example, create a screenshot app and want it to be able to actually take screenshots, you’ll have to get permission from the user for it. With the upcoming macOS 15 Sequoia, that is going to be upped to two dialogs. One: the initial permission request, and two: a weekly reminder, asking if you want to continue to allow this app to capture your screen.
Here’s where my aforementioned thought comes in: Wouldn’t it be nice if a screenshot app from the Mac App Store was able to, like, take screenshots, right out of the box, without any permission dialogs?
I feel like apps on the Mac App Store should get some perks for being reviewed and vetted by Apple’s App Review.

So here’s my thought, wrapped into a couple of examples, to really drive my point home ad nauseam:
– A developer of a screenshot app that has successfully gone through App Review to be published on the Mac App Store should be able to request a default screen capture entitlement for it, which lets macOS know that no permission dialogs need to be presented, or asked for weekly, at all. It can just take screenshots right after download, because, you know, it’s a screenshot app, and that’s what the user downloaded it for.

– A developer of an audio recording app that has been reviewed by App Review to be released on the Mac App Store should be able to request a default Microphone recording entitlement, so it can record audio right after download, because, you know, it’s an audio recording app, and that’s what the user downloaded it for.

– A developer of an app that uses the user’s current location for core features that has successfully been reviewed by App Review to be released on the Mac App Store should be able to request a default Location entitlement so it can get its work done right after download, because that’s what the user downloaded it for.

Shouldn’t that be sort of the point of App Review?
I kind of understand making apps obtained from outside the Mac App Store jump through permission dialogs (to an extent, I just hate the new weekly permission reminders so much), but I feel like apps obtained from the Mac App Store could appear so much more user-friendly and polished without them, and would definitely make apps obtained from there feel special.

I guess what I’m saying is: Apple, please stop this Tour-de-farce security permission dialog onslaught and give users and developers some credit.

P.S.: I do realize it’s a pipe-dream. With all the ways stuff can be kept from App Review – which has happened time and time again – it’s not a system fit for such an implementation. Which, in turn, draws App Review’s reason for existing into question altogether.

Read more

To start with: it’s difficult, but it can “work”. Sort of.

The star of the show, the MacBook Pro Mid-2012, running macOS Ventura (far right)

Why do this to yourself?

Quite frankly, I didn’t feel like shelling out ~€600 for a refurbished Mac Mini just to be able to test the odd app of mine with iCloud sync. It just seems overkill. And I did have this old MBP lying around, so I thought: why not give it a try?
If all else failed, I’d still have the Mac Mini option, anyway.
And a Virtual Machine doesn’t work, because you can’t log into iCloud / Apple ID in a VM environment for some reason. It could have been so easy…

I’d done it before, too. That 2012-MBP has served me so well over the years, with 6 partitions, reaching from macOS 10.10 Yosemite to macOS 10.15 Catalina, all for testing purposes.

It really speaks to the quality and longevity of these machines. Eleven years old, and still rocking.

Installing macOS 13 Ventura on the MBPMid2012

Getting macOS Ventura (released in 2022) to run on a Mac that’s not supposed to run even macOS 11 Big Sur (released in 2020) is surprisingly easy.
Using OpenCore Legacy Patcher, it was pretty straight forward, with only one *gasp*-I-think-I-just-bricked-this-11-year-old-Mac moment that was resolved by a simple restart (a dialog appeared telling me the installation had to be aborted due to an unknown error, which had no effect at all).
There’s really only one thing that I thought could be improved (complaining on a high level here, since it’s a miracle this works at all in the first place):
You *have* to use an external drive to create the installer drive, you can’t use an internal partition. And you cannot use a partition of an external drive, you have to wipe that drive entirely.
None of my USB thumb drives were big enough (the biggest I have is 8 GB), and all my other drives have more or less important data on them, so wiping one of them was out of the question.
Thankfully, my girlfriend had a completely empty 2TB hard drive handy that she was supposed to use for backups (and never did), so I was able to use that.
Once that was out of the way, it was all just a matter of following the on-screen instructions and waiting. And waiting. It takes a while.

Running Xcode 15 on it

It runs. It compiles. It fails to attach the debugger to the app (the LLDB RPC server crashes). But the compiled app continues running. So, debugging and coding directly on the Mac is impossible.

In hindsight, I think I may have overshot with macOS 13 Ventura and perhaps should have installed macOS 12 Monterey instead with Xcode 14, but I did what I did. It’s done. I’m not doing it over. You can’t make me.

In my case, it’s just as well. All I wanted to do was to test ScreenFloat 2’s iCloud sync with another Mac. And as far as that’s concerned, it’s working perfectly.
It would have been the icing on the cake to be able to debug directly on that Mac, and commit changes back and forth, but what can you do…
I debug on my main Mac, and then commit-and-pull the new code over on the old Mac, and then re-build. It’s tedious, but I can’t really complain. Well, I can. And I am. But I shouldn’t.

Other Observations

I’m making use of the Vision framework in ScreenFloat, and that completely crashes the app on the old Mac. Apparently, there is a reason why macOS Ventura is not supported on these old Macs.

I don’t think you could use this as a machine for work, as I’d imagine you’d run into a lot of little, annoying, and big, terrifying issues. For instance, I imagine Preview would crash a lot, since it also uses the Vision framework for its OCR and whatnot.

For testing apps in development, however, it might work, depending on what it is you’re testing/developing. I had to jump through some hoops (disabling my Vision framework code) to get my app to run. Your mileage may vary.

As a no-cost alternative to a refurbished Mac Mini at ~€600, I couldn’t be more happy.
Here’s to my old, loyal MacBook Pro Mid-2012. It still has some life in it.

Unpacking the MacBook Pro Mid-2012 in… mid-2012.
Read more
Why is Xcode’s popup-documentation tied to the compiler? Kind of defeats its purpose at times.