Mozilla in SL!!!

Did anyone else notice the release notes for 1.10.1?

Features:
* F1 Help using Mozilla
** Help for all Second Life users now available in a Mozilla window accessed by pressing F1

Hopefully HTML on prims is coming soon.

Here is a picture.

This is what will be used as the help file: http://secondlife.com/app/help/index.html

Where can we get that client?

Yes, it's true. Happy you started this thread, Zak--'twas waiting to see it!

It's being released tomorrow. More info in the Announcements & News:

/3/8d/109556/1.html

This looks great. I'd be happy just for browser-in-a-window like this. Means I could run SL in fullscreen and browse, and not have to run windowed. ;D

OMG i love this! Mini Browser inside SL!!!

So this is included and does not require me to install Mozilla (which I do not wish to install the full version of)?

Correct me if I'm wrong, but isn't this currently confined to being a fancy new help engine in SL? I don't think you can actually pop open a browser window and go anywhere you want yet. I'll be elated if I'm wrong.

Not yet but Thank Heaven Above they're finally starting with a simple, functional inworld borwser component and enhancing it along with the rest of the code base rather than fully developing an outside branch and then trying to jam it into the trunk witha pile driver.

There's nothing in the notes about the ability for renters to set private estate parcels for sale. I really really wish LL would update us on the timeline for this feature.

Hmm.. if it's a browser page, why not allow to browse certain other sites, too?
I, for once, would LOVE to have the badgeo wiki in SL while I code.

Ah, well, guess I have to hijack the URL to the help system on my router than and tweak it to my own webserver as portal ^.^

I'm mostly responsible/to blame for the current Mozilla integration and Khamon hit the nail on the head. It's a large complex component even though most of it is currently hidden under the surface. The approach we're taking is to expose a little bit (improved help) and once we're certain nothing bad is happening, other, much more interesting functionality will be switched on. As usual, I'll be disappointed if you good folk don't find all sorts of clever and novel ways of using this stuff

Wow, this looks really cool.
Now, is it Mozilla or FireFox (yes, there is a difference)?

Sorry for the stupid question i am about to ask LOL.. what is Mozilla?

I'm very glad you asked, Aces. It's a web browser framework. Lewis brought up a profoundly important point in another thread on this subject and I feel compelled to share my agreement with him here.



Originally posted here.



...

Dude. Lewis.

You are so right. I can't believe they're allowing such a threat into Second Life.

This reminds me of a movie I saw about the dangers of the internet. It was called The Net and it starred Sandra Bullock. In the movie, individuals using the internet were able to destroy someone's entire life and even their gym membership! It was a very chilling tale of warning, indeed.

Now, by unleashing this awesome and dangerous force upon Second Life through this browser back door, we're up against some nasty possibilities.

Viruses

Imagine, if you will, a piece of software code that can infect other software in much the same way as virsues infect cells of the body. This computer virus, to coin a phrase, could use the new SL browser back door to infect everything. Why, someone browsing the LSL wiki from within SL could be happily clicking away, learning all he wanted to learn about scripting while, unbeknownst to him, a virus has been loaded into Second Life with his last query on llGetInventoryName.

This innocent act would unleash a storm of destruction that, if left unchecked, could destroy our entire way of second life. Imagine this virus, spreading from prim to prim, infecting everything on the grid. Even your avatars! Even more chilling, this virus could become... sentient... and begin interacting with other users using your avatar.

Welcome to the horrors of computer viruses, my friends. Strap yourselves in.

Spyware

Imagine if you will a cabal of powerful men whose signals intelligence gathering capabilities make the NSA, UK/USA Allies, even Echelon look like amateurish children playing with toys. Who are these men? Mossad? NRO? Not... surely not the Pasdaran?

No, none of these. Indeed, these men are advertisers. With a network of millions of computers, they know everything. And with SL's integrated browser, they'll soon know everything that ever happens in Second Life. That escort you bought in a moment of weakness?

Logged.

That furry primwang you bought to fit in better with your new friends?

Logged.

Your penchant for age play?

Logged.

They're going to know all about you. Are you horrified yet? I certainly am.

Hackers

Another informative movie I saw on information technology was entitled Wargames. In this realistic tour-de-force, hackers are, through cunning and persistence, able to initiate world war three. Imagine this startling, mystical hacking power being brought to bear upon Second Life.

Yes, through the integrated browser, hackers will certainly find a playground here. You'll have your L$ balance emptied. You'll have your credit card number stolen. You'll receive visits from the FBI, who will charge you with ten counts of possession of child pornography.

How? Hackers. The hackers will destroy your lives because it's fun for them. These men get a special thrill from using their near-omnipotence to twist your digital life into a profane origami of sin, criminality and perversion.

Don't think it'll happen to you? Think again.


Now, I'm sure the simple minded will think I'm insane here. They'll remark that, why, Enabran, this is no different from using any other browser on your machine. In fact, it's even safer than using IE.

Well, I say those people don't have the brains to make policy decsions and need to shut their mouths. Obviously this is a hideously dangerous union between two technologies that need have nothing in common. No, my friends. The end is very much near. This perverse integration of Mozilla into SL is nothing less than an unzipped fly in the bulging pants of a very vulnerable platform.

Hold onto your hats. God save us.

If we even deserve his protection anymore.

Are you able to confirm that this won't be able to be used in a malicious way, such as infecting people with spyware from a website?

*That* is the sort of 'clever and novel way' that I expect some to use this idea.

Lewis

Best Help Topic ever.

Can it be disabled so that we can continue to have it open our DEFAULT and CHOSEN browser? I'd really rather not use Mozilla / firefox / OS software, or use it as little as possible.

Well no Lewis he cannot and will not guarantee that web material your client downloads from a site and presents in an integrated browser will not contain viruses, trojans or worms. That's why YOU have anitvirus and anitspyware programs running on YOUR PC.

This will be no different than using YOUR independent web browser to download files from servers directly to YOUR hard drive. The only protection LL offers now is that their own servers aren't infected...I'm wasting my time here aren't I?

Thanks for the input Callum

<virus>

You just don't know where those <TAGS> have been!

http://www.rebas.se/humor/htmlvir.shtml

</virus>

I think what he may be getting at is, will it create OTHER holes in the OS itself, by its presence? Same way your brower of choice may be used to trigger an overflow in another piece of software that has flaws, by making calls to the other software. Is this going to be laying there, even if unused, wating for some ingame hack (or a hack called from another browser on the general internet that detects the presence of a flawed component).

Personally, I would prefer not having a brower installed (or have a browserless version) and just stick to the version I have, know, and have patched the hell out of.

That was my initial reaction, but thinking about it further, if the HTML-on-a-prim comes to pass, things are not so cut and dried. You walk up to a prim, it suddenly opens an HTML page with a known exploit - there's a problem. At least with your own browser outside of SL you intiate the browsing, from a location you trust (or at least you have the choice to exercise that diligence).

There are other things to think about too. How often will patches be released for the built in Mozilla engine? Will we be able to patch it ourselves from mozilla direct, or have to rely on SL to release their version of the patch?

I'd love to see these things dicussed and solutions worked out as the sort of collaborative ideas I have need this functionality. I just don't have the answers myself.

Right now, I use Internet Explorer, with Norton Antivirus, Firewall, Ad-Aware and Spybot all running, which gives me a fairly reasonable level of protection. Together with not opening unexpected attachments and suchlike, if there are any nasty surprises in a webpage, my Norton will pick them up.

I need to be sure that either a) there is integration with your protection of choice, automatically, or b) you can disable html-on-a-prim, otherwise I can forsee a lot of people being unhappy with the inherent security risks, myself included.

A lot of people have been caught by downloading an automated moneymaker program for Sims Online, which had a keylogger built in, and they ran it (although that was a breaking of the terms of service) then found out a few days later that their account had been hacked and they'd lost everything. What is there to stop someone doing this through a web page within SL, getting login details from various users, and taking all your cash?

Lewis

This all obsolves to "the mind behind the trigger" the world cant pad every wall you come up against just incase you might hurt your self. SOME user responsibility is a reasonable expectation. As I commented in another post, all the protection measures in the world wont save you if your a moron* (*not well informed/internetwise individual) on a computer.

At best, we can only speculate as to how web-on-a-prim will eventually work.

If I was a betting man, I'd wager that it'll work very much like other parcel media. Allowing parcel owners to set one default page on their parcel and residents have the choice of disabling parcel web media.

Scripts that use llLoadURL() may very well start opening internal SL windows rather than your default web browser. Or it might be a user configurable option.

As for updates to the Mozilla engine, I also bet that it will be in LL's hands as they may have had to modify the Mozilla source code to tweak it to work within the SL framework.

I am IE too, with layered protection and regular patching. I must agree, using Mozilla, while it will thrill the open sourcers, adds a whole new series of bugs, hacks and holes that our existing protection programs may not cover.

Callum Linden needs to answer a few questions before they push ahead with this. For example...

1) Can it be turned off so that I use my regular broswer as currently happens for help?
2) Will we be able to disable HTML on a prim?
3) How is this broswer implementation going to be patched? By LL as part of client patches? By us having to DL and install the full Mozilla package?
4) How will it integrate with exising security programs?
5) Can the broswer component be uninstalled (I.E., is it a separate component of the client that can be removed) without uninstalling SL?
6) Why, with SL only in beta for Linsux and IE available to all windows and I believe Mac, did they not use the standard IE API?