Why is it so hard for addon devs to not alienate customers?

[kowen 64]

Someone needs to show they guy eariler on looking for the gray beards where they are...cheers folks, they come out at night.

[Patco Lch 1,465]

21 minutes ago, kowen said:

Someone needs to show they guy eariler on looking for the gray beards where they are...cheers folks, they come out at night.

Young man,

His name is Father Time. He knows your name, has your address and he's coming for you.

[John_Cillis 2,406]

I am amazed at the legs this thread has, too many replies to be read.  As I worked for professional, big international development teams, customer service was drilled very hard in us.  I was once asked to prove to a client, Lowes, that our software could handle the millions of daily transactions at their stores.  It was a big contract to win, and I was determined to prove my employer's worth.  Load testing was not my role in their company, we had a dedicated load test team but they could not write a script with their tool, Loadrunner, that could hammer our database with the data the client wanted to see.  I know of a free scripting language, called AutoIT, which is a very simple, basic like language, that can be compiled to a standalone executable without modifying a client's system.  I used it at Best Western to test third party systems since we could not change their systems, I could run the code from a network drive, a floppy, or even a CD since most such vendors isolated their systems from ours to protect their integrity.

So for Lowes I wrote a script in AutoIT that repeatedly added merchandise to their planogram system, a planogram is what a retailer uses to map the display of their merchandise, a CAD drawing, much like an aircraft add-on for the flight sim world.  I ran the program in an endless loop that would check itself every once in a while and email me that it was still running.  I remoted in from my home over a weekend, to keep traffic light on my company's servers so as not to skew the results one way or another.  The script occasionally halted and it went into alert mode, and paged me so I could restart it.  So I was awoken a few times in the middle of the night, the script would usually halt when maintenance or dev builds were done on our servers.  Away the script ran and my colleagues started to email me when they saw it exceed three million transactions on our test load database in one day, more than our client expected.

On Monday, I was told I could end the script, and Lowes signed a large contract with us and I knew I made good for my salary that year, which was in the six figures for the first and only second time in my life, that is why I liked working for professional dev teams.

The irony in my career is I never studied computers in college.  Back then we had the old punch card systems surrounded by nerds who would program either Eliza or "Hello World" on it.  Not my cup of tea, I was majoring in liberal arts.  Big mistake, almost cost me my career, but my purchase of a Commodore 64 changed all that and I taught myself the inner workings of it, and how to program it in three different languages, Assembler, Pascal and Basic.  I even had a GUI based operating system for it, GEOS, which was a good system albeit with poor software support.  I learned to teach my employees how to use computers based on my C64 hobby, then my Atari ST hobby, then my PC hobby, and became a business systems instructor which I oft mentioned made me an international road warrior.  It was from teaching systems that I wanted to test them later in my career, to make better, nearly bug free mission critical systems for many types of businesses, including hotel, airline, medical, government, retail, food and beverage, and the insurance industry.  And now I am happily retired but still answering the odd sim questions and hardware questions from time to time.

Anyway, great thread again, thanks for letting me "rant", lol

John

 

Edited November 8, 2018 by Cactus521

[simbol 5,819]

8 hours ago, harrry said:

Yes I am, all computer products interact with other products.With flight sim products the range is not that big.  Many of these failed handlings are known to the developer at the time of sale.  None of these are generally disclosed.  The two  that are should never be there, no program should need to be run as administrator after installation and none should need the   antivirus disabled ever.

I am not saying this is easy but it is part of providing a product for sale and as I said disclosure of these failed interactions in sale documents and advertisments is rarely included.

None of this implies that there is anything wrong with the developer as a person.

 

Well maybe it is important to understand a bit better how the developing process works in this industry.

Let me take you step by step in your statements:

all computer products interact with other products.With flight sim products the range is not that big.

Actually the amount of 3rd party content providers and add-on's available for P3D is one of the largest in the gaming industry, you have hundreds of airports, airplanes, and many other different addon's for different purposes, for example F1 GTN, Air Hauler, PTA, EvenShade, REX Skyforce, Hi-Fi Active Sky, OLDProp effects packages, etc. the list and types of add-on's is endlessness just go to SimMarket and start browsing there.. that of course is the "current list and versions of such products" many of these products keep changing daily as they are being updated all the time and then there are hundred of new products on the making that are not disclosed to general public, so it is imposible for any developer to certify any products against other developers products.

All you can do is follow Lockheed Martin SDK and guidelines so your own product is designed and developed in accordance with the "best practices" instructed by the platform, however this doesn't warranty that other developers will do the same and in hence incompatibilities might occur since what other products might be doing are totally outside of your control.

Quote

The two  that are should never be there, no program should need to be run as administrator after installation and none should need the   antivirus disabled ever.

Well this is a nice idea but in practice it is very difficult to acomplish as again there are many variables outside of your control as a developer, for an instance let me just give you an example:

• A customer decides to install P3D inside of C:\Program Files and it is using Windows 10 1809 with UAC enabled to the highest level.
• The customer installs an aircraft or scenery add-on, and the customer decides to install these also inside C:\Program Files\My Prepard 3D Add-ons .
• A customer then wishes to use the aircraft add-on auto repaints installer
  
  Here things falls apart, C:\Program Files is a protected area of the operating system, any files stored inside this directory cannot be touched by any application unless it is launched with high privileges, so if the repaint installer do not run as an Administrator, it cannot edit the Aircraft.cfg files to install the repaints and new textures for you.
   
• A customer then wishes to use the scenery configuration tool to install seasons, AFCAD files, etc.
  
  Here things falls apart again, C:\Program Files is a protected area of the operating system so to enable features and configure your AFCAD files the configuration tool needs to run with admin privileges.

This is just an example of many, I have also seen users installing add-on's on their one drive directories were only an specific user has NTFS permissions to "READ" files, so unless an add-on's executes as administrator everything just falls apart since it cannot even just read the files.

Quote

The two  that are should never be there, no program should need to be run as administrator after installation and none should need the   antivirus disabled ever.

This is something I do agree with you but unfortunately as a developer you have two options:

1. You digitally sign all your files so antivirus products can identify you software is legit and it should not delete randomly your product files and folders because false positives.
   
   This has a considerable cost which many 3rd party content providers cannot afford or implement on their add-on's due to the way this technology is implemented, just google around how much does it cost to do this "per year" and how it works.
   
   There are many files that you cannot digitally sign due to the way this technology works, so as a content provider you have to take a decision as you could only digitally sign some of your add-on's and not others, which could make everything inconsistent increasing the cost of developing.
   
   It goes without saying that any vendor digitally signing their products would be passing the cost to end users, so many just want to avoid this path.
     
2. You don't digitally sign to save costs or avoid compatibility issues due to the type of content that you are developing.

during developing phase, you perform some tests and you noticed that certain antivirus products work well but others detect false positives, this is normally detected during Beta testing. All you can do is to send the signatures of your product to these companies in the hope that they might white list your product, however since your product is still under development your files signatures keep changing so sending these are hopeless.

Then you have the issue were antiviruses products will also be in constant change, what works today doesn't work tomorrow, new antivirus products, new operating system patches, etc. So the best approach is to continue developing your product until you reach a release candidate, try again and hope for the best.

By the time you reach selling stage, two things can happen: A) Everything is fine or B)Antivirus products will produce false positives. If this is the case all you can do is to advise your customers about it.

Personally I don't advise turning the antivirus off, I try to develop products that will work without digitally signatures and with the antiviruses working, but if by any chance my product falls for category B, I just advise how to white list the software.

So as you see, sometimes developers take decisions based on the best posible outcome for their entire user base, they are doing their best to give their customers a product that works, but unfortunately sometimes things go wrong, there are just far too many variables to take in consideration and it is imposible to catch all bugs and problems before release and as NASA research revealed and I quote:

Quote

The amount and type of damage a software bug may cause naturally affects decision-making, processes and policy regarding software quality. In applications such as manned space travel or automotive safety, since software flaws have the potential to cause human injury or even death, such software will have far more scrutiny and quality control than, for example, an online shopping website. In applications such as banking, where software flaws have the potential to cause serious financial damage to a bank or its customers, quality control is also more important than, say, a photo editing application. NASA's Software Assurance Technology Center managed to reduce the number of errors to fewer than 0.1 per 1000 lines of code (SLOC)^{[citation needed]} but this was not felt to be feasible for projects in the business world

Source: https://en.wikipedia.org/wiki/Software_bug

It is not feasible to release software without errors, this apply to any software vendor out there, however rest assured we are doing our best to catch as many problems as posible not only to provide users with a good experience but also to reduce our workload giving support after any software release.

Just my 2 cents,
Simbol

 

[harrry 322]

Thank you simbol for this very well stated post.  I do not have time at the moment to respond completely so I will wait a little to do this.

Edited November 8, 2018 by harrry

[SteveW 1,792]

2 hours ago, simbol said:

A customer decides to install P3D inside of C:\Program Files and it is using Windows 10 1809 with UAC enabled to the highest level.

• The customer installs an aircraft or scenery add-on, and the customer decides to install these also inside C:\Program Files\My Prepard 3D Add-ons .
• A customer then wishes to use the aircraft add-on auto repaints installer
  
  Here things falls apart, C:\Program Files is a protected area of the operating system, any files stored inside this directory cannot be touched by any application unless it is launched with high privileges, so if the repaint installer do not run as an Administrator, it cannot edit the Aircraft.cfg files to install the repaints and new textures for you.

 

 

Hey S, good point.

 

 

This problem is a simple one let me explain for the folks:

 

Installers, if they put User accessed read/write files in the program files folders they made a mistake, unless they provided permission, which mostly they don't.

 

They need only set the "Modify - Allow" permission on their folder for the Users group, and any user logged in can write there no need to set UAC. So it's the safest way to operate and how professional apps do it. UAC, private folders (specifically to 'solve' the issue)are not a neccessity.

Coming from the NT arena the problem was already sorted out with the simplest solution. Since many apps were built on XP - they had write access as Users to program files without the need for write permission back then.

 

So the answer to 'not having permission' was to simply re-enable that permission with later OSs, so that those apps, stuck IN XP days, can work OK and remain safe.

 

Coming over to the FS arena I found that FSX users were overly occupied with the 'simple solution' of making a private folder and installing everything in there. It seemed to them to be a sufficient remedy for all those addon planes and their paints and panels settings and so on.

 

Incidentally, there seems to be no reason that these apps can't enable the permission on their stuff during installing when their software had Admin privilege!

Instead they often force us to set our sim to run-as-admin.

 

The solution I recommend takes care of problems that the unwary 'just a private folder' may encounter down the road.

 

Any time we want free access as a regular User to read/write inside progfiles folders we need only check the "Modify - Allow" permission on those folders for the Users group. Any user granted authenticated access to the PC can write there.

 

This led, in the FS world, to someone finding that installing into a private folder they had access. Well, of course they do - they own the folder!

However, private folders can't be accessed by everyone, and so sometimes some stuff fails due to that. Making a private folder for the purpose of installing User mode software that acts according to the user logged in is the clue, such as FSX and P3D as it happens.

 

And so - if we make a private folder to install those P3D type apps into that are going to receive folders that apps expect write access to - we also need to set the Modify permission on those too. The logic follows that this negates the 'absolute necessity' that some recommend to 'only ever install outside of progfiles', which is amusing irony for me.

Edited November 8, 2018 by SteveW

[simbol 5,819]

15 minutes ago, SteveW said:

Incidentally, there seems to be no reason that these apps can't enable the permission on their stuff during installing when their software had Admin privilege!

Instead they often force us to set our sim to run-as-admin.

Hi Steve,

Well I tried this approach and test it, however I reached the conclusion that this would generate more problems than benefits:

• Changing current folder permissions during the installation process increased the amount of false positives by many security software, and rightly so as this is exactly what many Trojan and Malware products would do in order to downgrade the victims computer security and take full control of resources.
   
• There is no warranty that the NTFS permissions set by the installation process would not be changed by other factors or 3rd party vendors, IE: Windows 10 Patches can restore and set private folder NTFS security to protect end users from other vectors of attack, certain 3rd party security software could advise users that folder X is unprotected and offer the opportunity to repair it, and the most common end users could also change the permissions at any point in the future and we are back to square one.
   
• There is also an ethical and legal problem, by following this path effectively our software would be changing the level of security for folders that end users select to install products, and if a particular user have issues regarding data breaches, virus infections, etc. such software could be blamed for downgrading the security level, which in turn could make the software vendor liable.

By configuring the software to run as Administrator all the problems above are avoided, it also takes the advantage of UAC (User Access Control) were customers are presented with a visual graphic interface asking permission to execute, so there are no hidden processes here as the user is fully aware of what is happening, the end result is the software can run and perform what it needs to do without compromising the security level of any end user PC.

Developing in the 21st century is so complicated, I really miss the times when you could just program something in Cobol / Pascal and only worry about what your algorithms would do rather than have to sit for ages and analyse about 3 millions things that might prevent the software from running on the first place.

Regards,
S.

 

[harrry 322]

I think most of what I would say has been said by SteveW.  

A digital certificate being able to be used for all products costs less than $280 for 4 years.  Not the fortune you seem to imply.  Drivers do require a more expensive certificate but few of the applications we are talking about need that.

[Christopher Low 5,353]

I have UAC switched off, and I never run anything as administrator. I also have P3D installed in the Program Files folders (and always have done). Maybe I am just lucky, but I do not recall ever being unable to update any files

Edited November 8, 2018 by Christopher Low

[SteveW 1,792]

35 minutes ago, simbol said:

Hi Steve,

Well I tried this approach and test it, however I reached the conclusion that this would generate more problems than benefits:

• Changing current folder permissions during the installation process increased the amount of false positives by many security software, and rightly so as this is exactly what many Trojan and Malware products would do in order to downgrade the victims computer security and take full control of resources.
   
• There is no warranty that the NTFS permissions set by the installation process would not be changed by other factors or 3rd party vendors, IE: Windows 10 Patches can restore and set private folder NTFS security to protect end users from other vectors of attack, certain 3rd party security software could advise users that folder X is unprotected and offer the opportunity to repair it, and the most common end users could also change the permissions at any point in the future and we are back to square one.
   
• There is also an ethical and legal problem, by following this path effectively our software would be changing the level of security for folders that end users select to install products, and if a particular user have issues regarding data breaches, virus infections, etc. such software could be blamed for downgrading the security level, which in turn could make the software vendor liable.

By configuring the software to run as Administrator all the problems above are avoided, it also takes the advantage of UAC (User Access Control) were customers are presented with a visual graphic interface asking permission to execute, so there are no hidden processes here as the user is fully aware of what is happening, the end result is the software can run and perform what it needs to do without compromising the security level of any end user PC.

Developing in the 21st century is so complicated, I really miss the times when you could just program something in Cobol / Pascal and only worry about what your algorithms would do rather than have to sit for ages and analyse about 3 millions things that might prevent the software from running on the first place.

Regards,
S.

 

I'm talking about saving problems for software already installing incorrectly.

However, remember also that as you know, an installer app running as Admin (you gave the permission for it to run) is granted access by the malware checker to make folders and that folder has the permissions set or the User can't write to that either.

An app that uses a folder in C:\ProgramData (C:\Users\All Users) must have the permission set by the installer. So that's a bump in the road for some devs and we are forced to Admin.

[simbol 5,819]

1 minute ago, harrry said:

A digital certificate being able to be used for all products costs less than $280 for 4 years.  Not the fortune you seem to imply.  Drivers do require a more expensive certificate but few of the applications we are talking about need that.

Not really, look closer you need "Code Signing" not a normal SSL, and you need to use a respected code signing authority as otherwise the problem doesn't go away since the antivirus product or the operating system will not recognise it.

https://www.digicert.com/code-signing/ 

That is $474 a year just for one product, you cannot use it for multi product.. that is just for one product. this means you need to pay one for the installer and one for the product itself, now we moved to 1,000 a year just for one product.

When you stop selling (sales don't last forever), you still need to pay for the SSL code signing every year as otherwise your current customers will be unable to launch the add-on, so again I asked before on this forums, is people willing to pay support subscription bases for our software? I know this is not the case.. but we need to asume our products will be used for at least 8 years, so the cost of this start escalating and nothing stop the code signing company from increasing their cost as they go along, so it could cost up to 10,000 USD to support code signing only.

Lets do some maths:

If you are selling a product for 20 USD and we asume you sell 3,000 copies, you might think this is low but many 3rd party FS sim vendors achieve sales in the range of 5,000 - 6000 copies, we are talking non study level Airplanes, etc, here.

So this is how it works in the Fly Sim world:

20 copies *3000 = 60,000 USD
From that you need to pay a % of the sales to the E-market vendor, let's asume SimMarket that is 30% = 18,000 USD goes to SimMarket
you have now left 42,000 USD
From that you need to pay your corporate tax, etc. depending of the country you are this varies, let's say in the UK 20% = 8,400 USD
you have left now 33,600 USD
now you need to start paying your servers, hosting, etc. My freeware has cost me for year 1 around 1,500 USD, payware cost more, but let's use that figure
you have left now 32,100 USD
now you need to start developing overhead like developing licenses for 3Dsmax, Adobe, tools that we need to buy to develop nice interfaces, installation files, etc. cost money. just 3DsMax cost 1,800 USD a year, so lets asume (again for a single add-on) just 3,000 USD.
you have left now 29,100 USD
Don't forget your accountant, I have a quote for mine as 1,400 USD a year (I still need to input all the darn transactions myself)
you have left now 27,700 USD
Then lets asume you want to market your product correctly, so going to Expo shows, make contacts, etc, or doing promotional videos, trow another 2,000 USD (and this is very low)
you have left now 25,700 USD
Now you have the darn code signing bill, which over 8 years will cost you 10,000 USD.
Finally after 2 - 3 years of hard work, you could made a total of 15,700 USD, so you paid out 73% to other people, and we are not counting support, software returns, fraud chargebacks, etc.

Then if you pay attention to the Technical specifications you start digging into the complications:

Technical Specifications

Microsoft Authenticode^®

Microsoft Office & Microsoft VBA

Microsoft Kernel-Mode Code Signing

Adobe^® AIR^®

Java^®

Mozilla^® Objects

So, can you code sign an Airplane gauge and will it still works inside P3D? what about an DLL used inside P3D for an scenery, etc.?

What about LUA script code? it is not listed.. 

Off course all these figures are an example, very big software vendors might be able to afford this, but don't expect it from everyone, specially when you have developers coming into the market from a fresh start..

All the best,
Simbol

[simbol 5,819]

40 minutes ago, Christopher Low said:

I have UAC switched off, and I never run anything as administrator. I also have P3D installed in the Program Files folders (and always have done). Maybe I am just lucky, but I do not recall ever being unable to update any files

Because it is off :), try it with UAC enabled on Windows 10 it drives me nuts, you cannot even alter an aircraft.cfg file inside the protected areas with notepad unless notepad is launched as an Administrator.

S.

 

[SteveW 1,792]

2 minutes ago, simbol said:

Because it is off :), try it with UAC enabled on Windows 10 it drives me nuts, you cannot even alter an aircraft.cfg file inside the protected areas with notepad unless notepad is launched as an Administrator.

S.

 

 

Then why not add the Modify - Allow permission to the Users group on your P3D folder - try it now  - and low and behold - all those edits are done without Admin.

And that's the root of the issue. If it's permission that's required, then provide the permission.

 

MS still continue to make it easy to do apps without certificate gizmos because there's half the world operating on old apps.

…So in short; if these apps and we are basically talking addons, didn't put their user mode files for user mode writing in what is essentially a read only location - we wouldn't be discussing this anyway. ANd the entire idea of running as admin would never have come up.

Also remember that running as Admin aquires permissions for the privilege level. If you try it you find that even Admins can't read certain folders. So all running as admin is not the answer and that's why all professional major apps don't run as admin.

I've installed P3D in locations whereby they call an actual live admin to type the password. So all apps run as user. Those that worked due to XP were converted with the Modify-Allow permission and alls the same as it was in those halcyon days of Windows XP - groan.

[Christopher Low 5,353]

I really hope that I will be able to switch off UAC when I "upgrade" to Windows 10 in the future, otherwise I will be mightily annoyed!

[SteveW 1,792]

8 minutes ago, Christopher Low said:

I really hope that I will be able to switch off UAC when I "upgrade" to Windows 10 in the future, otherwise I will be mightily annoyed!

I can't think of any reason to touch that UAC slider - or worry about it.

 

I think the best product support starts at home:

Provide products, to the best of our abilities, engineered so the user need not intervene to make a special folder, or must choose to set run as admin or UAC levels, or force certain affinity masks - you name it. Study true apps that work consistently within the security boundary and these use installers that auto-elevate to required privileges and all and every admin function for the app is done in there - only there.