DevJuice
Latest
DevJuice: Kamcord offers in-game recording API
Kamcord is an iOS solution that enables your users to record and share game play from inside your app. Available for both Cocos2D and Unity3D, developers can compile in the supporting framework (hosted at Github), register a developer key, and start shipping apps. Kamcord expand to Android later this year. The framework automatically records video and audio, so users won't have to engage the feature manually. It offers standard social networking integration for sharing over Facebook, Twitter, You Tube, and Email. The API is free for the foreseeable future, according to the developers. They have raised a seed round of $1.5M from top investors including Andreessen Horowitz, Google Ventures, Tencent, Marissa Mayer, and others. Matt Zitzmann, co-founder of Kamcord, told TUAW, "We haven't publicly disclosed our business model or monetization plans. To give you a feel though, we plan to use the video content to help drive downloads to mobile games in the future. Many of the distribution channels on mobile today are not driving high quality users to games. We want to help change that." You can find out more by visiting the Kamcord site, watching the video that follows, contacting the company on Twitter, or sending email to hello@kamcord.com.
iOS 6.1 Beta 5 now available for download
Numbuh. Five. Is. Alive. (Yes, people, Short Circuit.) iOS 6.1 Beta 5 is up and ready for download, just days before Beta 4 is due to expire. Go grab your copy at the Apple developer site and, as usual, make sure to read the yellow release notes with the exclamation point. Hat tip to Mike Bullard
DevJuice: Preview your icons
Sharing icons by email and Dropbox never really captures the way each image will appear on-screen. That's why developer Michael Burford and his brother created a web page mock-up solution that automatically adds an iPhone background and styles the icons to match the way they display on-device. He built a PHP/CSS toolset that you can place on a web host to serve icon previews. The script detects your browsing platform, so the previews look right on both iPhones and iPads. You can download the tools from his web page. Make sure to stop by and read his full write-up for details about installing and using these.
Dev Juice: Tokens 1.1 released, TUAW-exclusive promo
Tokens is a brilliant little app that enables devs to track promo codes they submit to websites for review. We looked at the app a few months ago and fell in love with its features. Now, the developers are celebrating their 1.1 release with a sale that starts tomorrow morning. The TUAW-exclusive tracking code found here will offer the app to the first 50 customers at just US$9 each, $20 off the normal price. This TUAW-only offer is in addition to the 50 sale licenses they're offering to the general population. The new version of Tokens offers the following enhancements, among others: Manual import of promo codes generated outside of Tokens, so you don't lose track of items you generated yourself. A new "+" button for adding tokens. (Previously, there was a grid of "available" tokens, which I found confusing.) A share button that appears over each token when you hover your cursor. A new "copy" menu item, letting you copy token details without having to hunt around for the functionality -- a feature that initially confused the heck out of me, and that's better implemented in this version. Developer Oisin Prendiville tells me there are plenty of further features in the pipeline for 1.2 and beyond. As this update shows, he and his team are actively listening to their user base.
DevJuice: iTC Daily Reports delivered to your inbox
Wevito's Daily Reports, which offers a 30-day free trial followed by a US$4.99 one-time payment for lifetime service, scrapes iTunes on your behalf and sends daily email updates to you. To make this work, you entrust Wevito with iTunes Connect credentials. Admittedly, you do not have to pass along your primary password. You create a team member with access only to sales data. Visit the iTC site > Manage Users > iTunes Connect User, and add a new user. Limit that person's role to Sales. This is a pretty standard practice for nearly any application or service that uses iTunes Connect data. Next, sign up at the Wevito site, providing the iTunes Connect user name, password, vendor ID and contact email. Each day, the automated system generates a spreadsheet listing products, units moved, revenue per unit and total revenue. Wevito plans to add support for update statistics but cannot provide iAd revenue data due to Apple API limitations. I mostly worry about the safety of your shared credentials. At the time I tested (just this past Friday), Wevito had no privacy policy in place and no secure certificates. Since then, CEO Adam Eisenman wrote to me saying, "We installed a Trusted CA SSL Certificate and it's working fine. We put together a pretty extensive Terms of Service page, and a Privacy Policy page." Upon visiting the page today, I still did not see the encrypted connection confirmation in the Safari address bar that I expected to and I don't see any guarantees about the level of protection on my data. This site is clearly a work in progress and Eisenman seems both friendly and responsive to feedback from users. Wevito is based in Panama in Central America. Competitors include Distimo, App Viz, AppFigures and AppAnnie. Update: Dev reports that the site is now updated with enhanced security and will display the proper certificates in Safari.
DevJuice: Stanford iTunes U course on iOS dev launches free textbook
If you're a fan of the highly popular Stanford iTunes U course on iOS development (CS193P), you'll be happy to learn that an official companion text is now available on iBooks. iPad and iPhone App Development covers the latest release of Xcode and the newest Objective C enhancements. Approximately 300 pages in length, this is an iPad-only (i.e., iBooks Author) text. The book supplements and updates the iTunes U videos for Xcode 4.5 and iOS 6. It is available in all 50 iBookstore countries. Best of all, it's free.
DevJuice: Parse jumps to OS X Mountain Lion
If you love Parse, you'll be happy to hear that the company just released an OS X SDK. Parse helps you store, sync and push data, enabling you to build server-based apps in the cloud without having to bring your own infrastructure. The new OS X API supports Mountain Lion development and you can check out the iOS/OS X guide for details on how you can store objects, access social media accounts, create "GeoPoints" and provide push notifications. There's a QuickStart guide that helps you get going in Xcode. Parse offers a free account with up to 1 million pushes per month ($0.07 per 1,000 pushes over that amount) and a "pro" account that supports collaboration, and higher storage and API request calls volumes. I am not personally a Parse user but it has very good buzz as a service.
DevJuice early look: Create slick framed product shots with Promotee
Update: The app is now live in the Mac App Store. TUAW readers can order from the vendor directly with a 20% discount using TUAWPROMO. I normally don't cover apps too early before they're released but I couldn't wait to post about Promotee. It will shortly be going into Apple review, so expect to see it in about a month. From the fine folks at Netwalk, Promotee lets you drop pictures into framed tableaus, enabling you to build promo images from your app's screen shots. It's tremendously easy to use, and developer Tom Nys tells me they'll be expanding the art over time. The app currently supports most recent iOS devices, Macs and several Nexus models. They plan to launch at US$4.99. For your fiver, you'll get a tool that creates simple, elegant product art in seconds. You can find out more about the app and its launch status by pinging Netwalk by email or leave your email in the "stay informed" section of the Promotee page.
DevJuice: Ray Wenderlich releases new iOS 6 learning book
Ray Wenderlich is a really nice guy and a good instructor. His site RayWenderlich.com offers a huge number of tutorials suitable for new and experienced iOS developers, written by his in-house team of experts. (Update: Ray just wrote me and asked me to emphasize that, so I bolded it.) Now, he's releasing a self-published e-book called iOS 6 by Tutorials. A 1500-plus-page PDF, this book compiles all those tutorials into a single reference. At $54, it's not exactly cheap, but if you already love the tutorials on his site, this reference is worth the price compared to the work you'd have to put in to figuring it all out yourself. The full source code is included.
DevJuice: 6 tips for tightening your pitch video
As a developer, you're probably aware that selling your app can be just as important as creating your app. Today, one of the regulars in #iphonedev asked me to take a look at his pitch video. Intended to sell the idea of his app to possible reviewers, blogs, and other media, his first attempt demonstrated many common pitfalls. After discussing these with my editor, we decided to run a DevJuice to offer some recommendations. What follows are six tips to help you create tighter video pitches. Use these suggestions to help tune your product videos before you send them off to bloggers. You can view both the before and after versions of the video at the bottom of this post. "Tender Loving Care" by Trilobyte Games will launch on Tuesday for $13.99. It runs on both iPad and iPhone (iOS 5 and later). 1. Be brief. I felt his initial video was too long. Nearly two minutes in length, he forgot a key fact about communication. Squirrel. Many busy reviewers have the attention span of a toddler, if that. Instead of spanning two minutes, I suggested he cut his video down to 30 seconds. 2. Find your hook. Another issue was his message. Buried deep in his two minutes was one really good hook. I recommended he bring that out, punch it big time, and then stop. If you watch the videos that follow, see if you agree with me as to what, exactly, that hook was, and why it was effective. 3. Focus on the message. He made a really common mistake that I best characterize as "you think viewers will be as enchanted with the moment-by-moment playback of your game as you are." His first attempt contains a fairly long game excerpt, which I found distracted from his message rather than supported it. His updated video allows the reviewer to follow up and test the games hands-on, rather than trying to engage with it as a static video playback. I believe hands-on testing is always a better way to appreciate game play. I don't suggest you skip game coverage entirely, mind you -- but you should just offer enough to engage interest and no more. The viewer should get a sense of how the application operates, but doesn't need a blow-by-blow introduction. 4. Communicate your successes. He failed to sell a really important strength of his company. I'll call this one: "play your winners." His company is rather well known for another game. I recommended that he punch that game somewhere in his presentation, along with the name of the rather well-known actor who appears in the game. 5. Avoid passive voice. I recommended that he drop the buzzwords and passive voice descriptions, and offer more engaging descriptions to the viewer. More often than not, the problem stems from a "good enough" mentality. You lead with your first attempt. Take a break. Go back after a while and listen to your script, then edit it. You have nothing to lose but your "is"-es. 6. Guide the viewer. Finally, I recommended that he conclude the video with concrete information of what to do next, should someone be interested in following up. It never hurts to lead a potential reviewer by the hand after engaging their interest. Agree with these points? Disagree? Drop your opinions in the comments. Before Video: After Video:
DevJuice: Regular Expressions Cookbook enters 2nd edition
Regular expressions are a staple of development. A grammar for matching forms to text, regular expressions are used in Apple development for use with predicates, in validating text entry and more. O'Reilly just released a new edition of Jan Goyvaerts' & Steven Levithan's "Regular Expressions Cookbook" (US$50 list price, $30 street price.) Revised and expanded, the book offers a wealth of common regex use-cases, from numbers to URLs, email addresses to post codes. It's primarily a reference book, so don't expect to sit down with this book on a warm and cozy night. It's the book that you put on your shelf and pull out whenever you need to look up a few specific patterns. I grabbed the first edition of this book at an O'Reilly Foo camp retreat a few years back. The second edition offers the same well-indexed quick help as the first one. If you already own the first edition, the second may not exactly be a must-buy except for completionists. The table of contents and book material are largely the same. If you haven't picked one up yet, however, then this is the regex reference you've been looking for. Here are a few other regex online resources you may find handy: The Regular Expression Library site has indexed thousands of regular expressions from contributors around the world. Go to Regex Pal to test your regex expressions via an interactive JavaScript tool. Use the txt2re generator to build code that extracts elements from source strings that you provide. It supports output in C as well as several other language destinations.
So, your beta just expired. Now what?
You're an iOS developer. Your beta just expired. Now what? Here's a simple cheat sheet for anyone feeling lost at sea. Download a gm copy of iOS 6 for your device. You'll find it at developer.apple.com/ios. Connect your device to iTunes. Locate it in the sources list, the blue-gray list at the left of iTunes. It appears under DEVICES>. Option-click (or Alt-click) Check for Update. A file browser window appears. Navigate to the "ipa" firmware update file you downloaded. Select it. Agree to whatever is asked of you. Apple will check your device for upgrade and then apply it. Wait. Your upgrade should proceed "in-place" without overwriting your data. If it fails for any reason, you may have to perform a full restore instead.
Dev Juice: Five things you'll want to know
Yesterday, Apple introduced the iPhone 5 and the fifth generation iPod touch. Last evening, Apple invited developers to submit iOS 6 apps. Here are five tidbits developers will want to know. The new Default image is called Default-568h@2x.png. The base size is 640 x 1,136. Once the image is added to your Xcode project, you can build for the new device. If you've been taking advantage of iOS 6's [redacted]layout, the porting should be near-instantaneous. If not, well, have fun. Make sure your key window stretches to the entire device screen. Your GUI should work as gracefully at 568 points as it does at 480. A tool like Hidden Memory's Resource Helper (US$9.99) helps you review the image items in your project. It locates which elements have not been fully specified at all screen scales. For example, you may not have provided all four icon sizes (for the iPhone family with and without Retina, and likewise for the iPad family). Or an image may only be provided for normal resolution, and you forgot to provide the @2x version. Resource Helper offers a great way to profile and inspect your image resources. MultipleQUE's Shipit ($2.99) can help reshape app images to customizable destination sizes. It's not an especially well-designed product and it doesn't know how to respect "fit to size" while retaining aspect. I'd welcome any alternative suggestions readers may have. Be sure to submit screenshots for all devices you will support via iTunes Connect, including the iPhone 5. This one bit me last night as an auto-reject. Ouch. Update: Michael Howard points out that "When updating, seems like the option to add iPhone 5 screenshots doesn't even appear until after you've submitted." I thought that was what happened to me but discounted it as my having not filled out the form thoroughly. Good to have confirmation. Watch out for emails stating "The status for the following app has changed to Missing Screenshot." This should not affect new app submissions. I just checked in iTunes Connect and was properly prompted for all aspect types for a newly created app. Update: iPhone 5 now appearing in iTC metadata for updates too.
DevJuice: Talking with Tim McMorris about royalty-free soundtracks
Several weeks ago, a developer sent a video as part of his TUAW product pitch. The app itself was interesting enough but I was blown away by the video's music. It was smart, it was contemporary, and it had excellent production values. So I started to google to find out more about this music and discovered Tim McMorris and Audio Jungle. I've written in the distant past about purchasing royalty-free tracks for use in products and videos, but back then it was an expensive option with limited vendors. The track I fell in love with (Give Our Dreams Their Wings to Fly) cost just $14 to license in a video. That's an amazingly reasonable price for nearly any software developer who's building a product demo reel. Instead of thinking of licensing music as an expensive obstacle, it transforms that decision into an "of course I can afford that" mandate. Canada-based McMorris, currently the #2 seller on AudioJungle, writes, "I believe that the right music can make your project and the wrong music can break it." He agreed to sit down with TUAW to discuss music sales, AudioJungle, and picking the right emotional soundtrack. TUAW: Tim, thank you so much for agreeing to discuss your music with us. Tim: It's my pleasure! Thank you for the opportunity. TUAW: How did you get into the royalty-free music business and why aren't you in iTunes focused on selling normal albums? Tim: Since childhood music has been my greatest passion, even an obsession. My first instrument was a ukelele at the age of 5! Over the years however I became fascinated with the music in movies and on television more then what was on the radio. I have always been a behind the scenes kind of person and though I've played in various bands and still perform live today, my greatest passion is composing for film and TV. Before I was doing this as a career, it was simply the dream to one day write for film and television that led me to selling royalty-free content. My first major attempt at selling royalty-free music was on the website AudioJungle.net where I began building my portfolio two years ago. I noticed at the time, that on a whole there wasn't much royalty-free music online that was accessible or affordable. Many of the production libraries that did exist were stale, dry and used sub par content. AudioJungle, though fairly small at the time, seemed to be on the right path to changing that trend and I quickly became interested. I thought I had a lot to offer and wanted to bring the production value that you hear on albums to the royalty-free market and make it affordable and more accessible to indie filmmakers and developers as well. The gamble paid off, and in those two years I have sold more then 11,000 commercial licenses worldwide. While I continue to write content exclusively for AudioJungle, I am also hired quite frequently for custom work and still release a fair amount of music for non-commercial use to digital stores like iTunes and Amazon. TUAW: How does your TV and film background influence your creative process? Tim: My creative process has always remained the same and has been quite simple – do all that you can to inspire the listeners. While styles of music change, this philosophy doesn't so I don't believe writing for TV or film influences this one way or another. TUAW: What is different in terms of time and energy about creating these tracks versus a normal song? Is there a different way of telling musical stories? And how do your songs escape being just "background music"? Tim: Like any composer / producer, I have my own strengths and weaknesses. In terms of time and energy, this really depends on the style of music, the duration and how inspired I am throughout the project. In terms of turn around time alone, it is generally easier for me to complete a folk, rock, or pop song then a full orchestral piece just because of what is involved in the recording process - however sometimes when extremely inspired I can have a full orchestral piece composed within a day or two. For me, the greatest thing about AudioJungle is the freedom I have to write what I want to write, when I want to write it. While doing freelance work is great and pays exceptionally well, the creative process can be strained by continual revisions, tight deadlines and tough clients. There are many different ways to telling a musical story. Instrument selection, time signature and tempo have a huge deal to do with this. Above all however, good song writing and high production value is what makes a song escape from simply becoming "background music". TUAW: What kind of advice would you give for anyone building a product video for selecting music? How should people evaluate and choose tracks for use in commercial productions? Tim: The best advice I can give here is, if possible, select something that inspires your audience. If the music inspires the listener they will pay attention to what your showing them whether its a commercial on TV, a video online, or a film. A song needs to grab their attention, even if there is a voice over in your production! Yes, it really does make a difference. Also, don't be afraid to go a little outside of the box and try something new. Just because your competitor uses a certain type of music doesn't mean you need to. Innovation is often times the greatest key to great success. I believe many video productions flop simply because they didn't choose the right type of music or take a little bit of a risk on something new. Depending on what is needed however sometimes inspirational music (not uplifting music but speaking of any music that inspires) is not needed. For example, if you are creating a commercial for pest extermination you simply want to select music that accurately portrays your product and still gets the attention of the viewer. No need for some fancy song, just an accurate one. TUAW: Can you explain what people are (and aren't buying) when they hit the purchase button on the AudioJungle site? What can developers do with the music? And is there a difference between creating a product video and using audio inside, say, a game or other application? Tim: On AudioJungle.net, the most popular genre or category is corporate / motivational. Beyond this cinematic music as well as logos and indents do quite well. Sound effects also do well on AudioJungle. While not every category is as large or as selling as the ones above, it doesn't mean that there aren't phenomenal pieces of music in the other categories. There are a lot of hidden gems waiting to be discovered there! As for what people are not buying, generally, music with lower production values. There are (at the time of writing this) 3438 composers and producers of varying degrees of talent on AudioJungle. This naturally means there will be music of better sonic quality then others. Beyond this, songs that aren't thought out and geared towards specific uses don't tend to do well. Some authors offer shorter versions of their songs, or loop-able versions while others do not. This can be a big selling point for certain people. There are many things that affect sales but at the end of the day it always goes back to good song writing and high production values. When it comes to licensing developers and content creators can do a lot with the music, however what they can do depends on the license they purchase. A regular license which goes for around $11- $14 will allow you to use a song in a single application. This application could be a YouTube video, a video game, background music for a podcast – the list goes on and on. Songs can be altered (by the buyer) to fit your project needs. The other option that exists right now is an extended license which is needed when you plan to resell a product containing the piece of audio. An easy way to remember things is that if you are going to be making a profit in any way from your project, you will need an extended license. The extended license is $70 for a song over 2 minutes. Reselling a song on it's own is prohibited. For all the info regarding licensing however, please see AudioJungle.net. The bottom line is that AudioJungle.net is the place for excellent royalty-free music and sound effects at amazingly affordable prices. If you've never been there before, the content and selection is out of this world compared to the alternatives out there. If you do stop by, I hope you will look me up! TUAW: I want to thank you again for talking with us. I know a lot of developers who read this blog will be inspired and excited about the kinds of products you're offering. Tim: It's been fun and thanks again for the opportunity! Happy creating everyone!
DevJuice: PaintCode offers resolution independent design
PaintCode (US$99.99) is a vector drawing app that generates Quartz and Core Graphics Objective-C (and C#/MonoTouch) drawing code. First released this March, the app was inspired by Apple's introduction of the Retina iPad. It allows developers to create resolution-independent art that adapts to the physical and geometric differences between devices. It's somewhat similar to Opacity (which I'm told it is no longer under active development), but with tools that specifically target Apple's latest technology. For example, PaintCode includes a Retina preview button that lets you visualize how the art will look on higher-density displays. Supporting both OS X and iOS code generation, PaintCode was actually developed using its own tools. Clocking in at just 2.3 MB, the app bundle's slim form factor is due to the vector graphics powering its interface. PaintCode allows you to build nuanced graphics, as you can see in the gallery at the end of this post. It is aimed at both designers and programmers. It's interactive tools mimics other popular vector-based editors. You build your design in a visual layout screen, and the supporting code appears at the bottom. You choose whether the code is generated for OS X, for iOS, or C# (for Monotouch development). What's more, you can generate either ARC or Manual Retain/Release output. PaintCode's developers have spent a lot of effort creating tools tied into the way people craft applications. For example, it's possible to build color swatches and gradients that are based off a core color. Update the root color for a family, and all the members who were derived from that base color update as well. It's a very nice feature. Another great feature is PaintCode's support for frame-based layout. Anyone familiar with Interface Builder's struts and springs tools will be able to recognize how PaintCode items resize with respect to a parent frame. If you're working with text, you'll appreciate PaintCode's ability to convert strings to Bezier-based text paths. This allows the results to resize as needed, or you can add effects like gradients to the derived paths. Admittedly, PaintCode is a pricey application, retailing for about a hundred dollars. When I kicked its wheels, I found the tools relatively easy to use -- although I was given an interactive tutorial before testing it out, which certainly helped. I did encounter a few glitches along the way, which is to be expected for a tool as new and specialized as this, but quitting and restarting the app cleared up my problems. I was impressed by the overall tool, and can see it being valuable for anyone writing across devices. This is especially true if Apple, as rumored, introduces even more new iOS device form factors this autumn. PaintCode, with its vector-based art that paints with respect to points, not pixels, offers a way to build resolution independence through code. It's a tool that continue to evolve as PaintCode's customers drive its feature set. Developer Peter Krajcik told TUAW, "We want to cover all the possibilities of Apple's APIs, but we base our feature set on our user requests and the customer demand." Krajcik discussed some of the new features that will debut in the upcoming 1.2 release. The refreshed app will introduce groups, blending modes, group clipping, SVG import, and enhanced shadow control. It's just entering beta now, and should ship within the next month or two, depending of course on the whims of the App Store. PaintCode's site offers a trial version to test out before buying, lots of examples and tutorial videos, and a wealth of documentation. %Gallery-162730%
DevJuice: placekitten and other handy placeholder sites
What do you give to the dev who has everything? How about placeholder kittens, compete with their own API? placekitten.com provides on-demand placeholder art at the resolution you specify. For example, you could ask for a 625x225 image by submitting a request to: http://placekitten.com/625/225 If kittens aren't your thing (don't tell Steve), you can check out placedog.com instead. The API is the same, but with a canine slant. For ursine lovers, there's also placebear.com. Other sites with less kawaii include Placehold.it, Lorem Pixum, and FlickrHoldr.com. For a while, apparently, there was also a disturbing "sheenholders" site, but it appears to have gone away. One of the more flexible APIs comes from dummyimage.com, which allows you to specify background color, foreground color, and text to generate a string-based image, e.g. http://dummyimage.com/300x400/000/fff&text=HELLO Speaking of placeholder content, I'm a big user of Lipsum.com, a lorem ipsum-style text generator. A number of humorous spoof sites have recently launched including Bacon Ipsum, Cupcake Ipsum, Samuel L. Ipsum, Hipster Ipsum, Swearum Ipsum (NSFW), Trollem Ipsum (NSF TUAW readers), and Bogan Ipsum (NSFW). For HTML content (perfect for developing web views) there's Fillerama and HTML Ipsum. These sites provide HTML-formated filler elements. The former one lets you choose from various geek sources (like Futurama, Dr. Who, and Dexter). The latter offers basic HTML elements including lists, tables, and forms. #next_pages_container { width: 5px; hight: 5px; position: absolute; top: -100px; left: -100px; z-index: 2147483647 !important; }
DevJuice: Beeblex offers in-app purchase validation services
The security of iOS in-app purchases is a hot topic after an IAP hacking server was launched last week by a Russian developer. When The Next Web talked to Alexey Borodin, he told them he's since turned the service over to an unnamed third party -- and, as of that conversation, he'd collected only $6.78 in donations to cover his costs. While we strongly advised users to steer clear of this theft-of-service hack, that doesn't solve the problem for developers waiting on Apple to come up with a fix. In the interim, indie startup Beeblex may provide a validation workaround for developers. Some background: The underlying framework for all IAPs in iOS is StoreKit, covered in depth in my iOS Cookbook. Every successful StoreKit purchase transaction contains a receipt. This receipt, which is sent in raw NSData format, corresponds to an encoded JSON string. It contains a signature and purchase information. Apple strongly recommends that you validate all receipts with their servers to prevent hacking and ensure that your customers actually purchased the items they are requesting. You POST a request to one of Apple's two servers. The URL you use depends on the deployment of the application. Use buy.itunes.apple.com for production software and sandbox.itunes.apple.com for development. The request body consists of a JSON dictionary. The dictionary is composed of one key ("receipt-data") and one value (a Base64-encoded version of the transaction receipt data). I normally use the CocoaDev NSData Base 64 extension to convert NSData objects into Base64-encoded strings. CocoaDev provides many great resources for Mac and iOS developers. A valid receipt returns a JSON dictionary. The receipt includes the transaction identifier, a product ID for the item purchased, a unique ID, the bundle ID for the host application, and a purchase date. Most importantly, it returns a status. A valid receipt always has a 0 status. Any number other than 0 indicates that the receipt is invalid. Simply checking for the status may not be sufficient for validation. It's not too difficult to set up a proxy server to intercept calls to the validation server and return JSON {"status":0} to all requests. What's more, the receipt data that is sent along with the validation request can be easily deserialized. For that reason, always use receipt validation cautiously and as part of the overall purchase process, where it's less likely that proxy servers can override communications with Apple. Enter Beeblex. They just launched a free IAP validation service for iOS apps that, according to their marketing text, "verifies IAP receipts against Apple's servers" using time-limited tokens and strong encryption to limit IAP purchase end-runs. Encryption prevents "man in the middle" attacks; time limited tokens prevent replay attacks. Together they make it much less likely that a simple proxy could successfully spoof an IAP reciept and fool your app into providing something for nothing. It's an intriguing option. The advantage seems to be that Beeblex provides a server component for apps developed without one. Still, I'm not sure I'd want my apps to rely on a third party service when any service interruption could create a large angry user base. I wonder how Beeblex will pay for the bandwidth necessary to facilitate this service, and what would happen should they get hacked. Hacking could be a big deal, because it'd circumvent potentially hundreds or thousands of apps, instead of just one. [Update] Marco Tabini, one of the Beeblex developers, writes, "One thing that I wanted to point out is that we have, in fact, thought about the possibility that our service may go down by building methods inside the SDK that would inform the app of transaction failures due to networking errors. Of course, you are completely right that we need to show that we can grow and maintain the service, and we have a lot of work ahead of us in this respect. We'll do our best!" I'd probably feel a lot more comfortable buying from a well-known quantity than relying on a free start-up. Urban Airship doesn't appear to provide this kind of service. I gave them a call and a sales guy said it's not an option. [Update] CEO Scott Kveton replied to my email saying, "Yes we do IAP receipt verification." He adds a note from his team: "This is not really a security problem. It's long been known that you can put your own root CA on iPhones, and at that point you can basically do anything as a proxy. The people being bitten by this on the IAP side are only those that are not doing receipt verification with Apple out of band via a server, which is something we do in our IAP product as a standard. If you do out of band receipt verification, this fails and nothing is purchased/granted." My feelings on IAP and piracy are this (in no particular order): Developers use IAP too much, and often without regard for the user experience. Requiring IAP in apps for kids is, in my opinion, evil -- it should be strongly discouraged by Apple policy. If your app requires IAP to bypass gameplay segments, your game design needs some serious reconsideration. Focus on providing good experiences for your paying users instead of fighting piracy. If your anti-piracy protections tick off even one paying customer you have lost the war. Trying to fight piracy is a losing proposition with one exception. The one exception is scalable server support. If pirates are killing your servers, either find another app to build or try to limit the impact of unpaid customers. Don't save IAP unlocks in plain text files. There are keychains and other more secure solutions available.
Devjuice: Installing command line tools (or not)
Oliver Drobnik over at Cocoanetics has posted another really great how-to write-up, this time about Xcode and command-line tools. He shows you how to access apps from inside the Xcode bundle by using xcrun, and how to set your default Xcode install (via xcode-select). That's especially useful in these days of beta-versus-production Xcode releases. It's a handy little write-up, very worth checking out.
DevJuice: Test Studio for iOS
Telerik's free Test Studio for iOS offers an exciting new tool for developers. It allows you to record and execute automated tests in your mobile apps and websites. Users can also use the tool to provide feedback to your team as they test. Telerik worked closely with Apple to get this app into the iOS App Store, and it provides an astonishing utility to anyone who develops. It allows you to run tests in separate apps that you create. It also works with stand-alone websites. To make your app Test Studio-compatible, you do need to compile in a small static library so Test Studio can see it on your device or in the simulator. Website testing works straight out of the box. The test suite is aware of all installed applications that have been prepared for use with these tools. In the testing mode, you create a series of validation sequences. These sequences consist of interaction events, which you can record directly from your app, and verification tests, which you specify in the built-in action editor. These tests ensure that user interactions match certain expectations that you set. A special-purpose menu, which appears directly in-app, lets you pause, add tasks, and review the steps that you have already taken. Anyone who's used a UI recording tool will be familiar with this kind of interface. Nicely, the menu can be easily flipped out of your way if it obscures things you need to work with. A lot of work has gone into making this suite usable for developers. This app works in the simulator as well as on devices; it also works in off-line mode, so you can create your tests while on-the-go if you're away from the Internet. Once recorded, you can then play back these interactions directly to the app or website. The integrated library will simulate all user interactions in the test, and confirm that the interface matches all your verification targets. Since these sequences are stored outside of the app/website environment, you can test your evolving product as you work on new features and bug updates for each build. The test suite resumes control when tests fail, so you can inspect where and why the interaction sequences failed. A secondary mode allows you to deploy your app through ad-hoc testing to solicit user feedback. It offers in-app bookmarking, screen shots, and e-mail, so users can respond to you as they work with hands-on deployment during your testing phase. The app is available for free, with the developers monetizing through future cloud services. "The big thing for us," said spokesman Chris Eyhorn, "is offering a tool that scales for us from one-man development shops all the way up to the enterprise." He says they plan to offer free versions indefinitely, to be an active part of the Apple developer ecosystem. Update: TUAW reader Maurice Sharp pointed to this update from Telerik. Apparently, the studio does not run in the simulator since the App Store version went live. Telerik is looking into it.
DevJuice: Injection for Xcode
Are you one of the many devs who miss Xcode's "Fix and Continue" feature? Apple removed "Fix and Continue" in Xcode 4. This option allowed you to patch your binary with updated code, as you ran and debugged it. Well, there's good news. Developer John Holdsworth has released Injection for Xcode. It's an OS X application that lets you inject those same code changes into running applications for development and debugging. It works with both OS X and iOS apps, including those running on devices. It works by allowing your classes to be recompiled selectively as class categories. These are loaded at run time via bundles, and override your originally compiled code. So you can modify, enhance, and adapt your code during run time and tweak elements on the go. Holdsworth has been working with this feature for quite a long time. He writes: In London there were two banks which embraced NeXT for developing front office trading systems in an age before even windows 3.1. The hardware was only just up to it however and build times where at three quarters of an hour so we started using this means of patching the app using bundles rather having to relink the whole thing. I asked him to fill in some of his background about working with Apple and NeXT technology. He responded: I first encountered NeXT in 1989 at IRCAM the computer/music research institute in Paris where I fell in love with Objective-C. It's great to see things coming full circle with all this memory managed stuff, and C++, such a half baked language falling away. How ironic that it should be a mobile device which paved the way. If you ask me the closest we've been to Object-Oriented Nirvana is Smalltalk, and Objective-C is pretty close to that. Steve visited one day spinning the reality distortion field about the new "autorelease" mechanism. Quite the mystic. My only other claim to fame was when the Apple purchase of NeXT came through I sent him an email enthusing greatly and got a reply saying "Thanks John, a Merry Christmas to you and your family." Been a disciple ever since. Shame I didn't buy the stock. Unfortunately, Apple has been a bit squirrelly about letting Injection into the OS. Holdsworth first hoped to start selling Injection on the Mac App Store back in February. Apple has been sitting on the app for months, failing to give it a thumbs up or down. Do you want to help out? Drop Apple a note at appreview@apple.com and ask them to expedite approval on Injection for Xcode (App number #id498448895). Until then, Injection for Xcode is available on Holdsworth's personal site. It offers a two-week trial period and costs US$9.99 (individual license) or $25.00 (corporate) after that. Licenses are issued per-machine. To purchase, the app guides you through PayPal (via a web view) after the trial period.
