Suggection for grid attacks handeling and more

As I sat here during another shutdown, I thought I would offer the Lindens a suggestion, for dealing with attacks, and one for people dealing with objects in general.

First Suggestion.

Script/Object Parentage. When an one object is copied from another, (script, object, clothing etc) add a hidden attribute (Parent Object) to the database for the original object key. Add functionality for the Linded acces level which alows for a parent object and all children object to be deleted from system. This should allow for a clean of malicious objects/script that take less then a minute, instead of a few hours.

Second
Add Usere level use of this for a person to track where (even across sims) all the childre objects of a parent object are that they own.

Third
Add a script level feature that allows for a parent object to invoke an llUpdateChildren which will allow a parent (master copy) object to slowly (the upgrade function will run in a very low priority and slow thread of its own). This will function over all copies of the object, allowing easy method for vendor upates, script updates to sold itmes, etc...

I think that requires anoverhaul of the asset server. Last I checked it didn't have any kind of hierarchy.
Still, it would be nice to see it.

All it would require is for objects to store the key of their parent, not a huge thing hopefully and potential useful (very useful for scripts actually if they had access to it!), NULL_KEY or the owner's key if it was not created by an object.

I like

I know, it really suprised me they hadn't done this, as it's a major facility of most other object oriented systems.

Got a bad/buggy object propagating through system? Update or Delete it's parent. All Fixed

Vote for it at

http://secondlife.com/vote/index.php?get_id=1337

Why doesn't Linden Labs do away with free accesse to the main grid? I think most of the griefers are coming in on free accounts anyways, or prevent them from scripting or building until they upgrade their account.

TightBunz

NO
I'm on a free acount and just because griefers are causing damange doesn't mean I should have to give up my rights to use the tools SL has just to make everyone happy. And I think the 1000s of other free users would agree.

I posted an idea along these lines on the forums a little while back.
Sounds like a really good idea. Voted for it

/108/c1/103204/2.html#post1009331

Here's my idea:

On land you own and sandboxes, an account would have unlimited prim/object rezing limits.

On public land, or private land where you -can- build, you have limits set in place...you can rez upto 10% of the remaining prims available on a server (perm prims) before a flag is raised and your limited to rezing a prim every 5-10 minutes...at 20% of the remaining (perm) prim limit on a peice of land, your limited to rezing a prim every 30-60 minutes...at 30%, you're totally unable to rez an object (of course, until you clean up your mess and decrease the prim load on the sim). Maybe a prim with physics would count for "more" of your limit, and a phantom prim for less...

Temp prims would count for 1/10th of the above limit (10 temps would be the equivalent of 1 perm prim).

This solves (most) the problems I've heard with people complaining about prim rezing limits...at least in my limited experience and knowledge:
A) "Machine guns create 10k prims in a matter of minutes..." fortunately if they're all temps, and as they get cleaned up (removed), you regain the ability to rez more bullets...and they count toward "less" of your limit.
B) "If I buy an island and go for broke building..." Your own land would have no rez limits.
C) "If I was doing a test build of my village..." That's what sandboxes are for, right?

What do people think about this idea? Of course the formulas for how much an object will count need to be tweaked (A physics enabled triangle may take less resources then a phantom torus), but it's a start...and makes the current attacks have to redesign their efforts into a DDOS to bring down the grid as opposed to the current, easier DOS attacks.

Last i heard theres a limit 2 accounts per creditcard

You're mixing up "Basic" and "Free".

All existing accounts are either "Basic" or "Premium".

Whether they originally cost $10.00 (like my Basic account did) or not, they're not "Free Accounts".

"Free Accounts" refers to the ability to get a Basic account with no fee. If they eliminated that it wouldn't have any effect on your existing account's access to the main grid.

In which case I misunderstood.
However, as a starving university student with copious free time (*Waits for Maya to render project*), I only got into SL because it wouldn't cost me anything other than some personal information which I know will be keept private.

And there's still the issue that you can only register 1 acount for free (actual free) in any given form (paypal, cell phone, or credit card).
The problem with that is that if you get an account banned, just delete it, use another, and in a month you can re-register.
What they SHOULD be doing is IP banning griefers. This would stop alts, new accounts, and account deletion/recreation of repeat griefers.

If you're not charging money on the credit card you can use anyone's credit card. They'll never know.
Not if the card is permabanned. Unless you can use another one for free.

Hence the wonderfully BRILLIANT idea of IP banning.

Controlling access via credit card #'s isn't very useful with the one-use numbers that are out there for anyone.

IP ban works, to an extent. Best bet is to figure out how to have 2 big red buttons at the LL office... Grid Script running OFF, and delete all objects by *X* creator. Doesn't matter about the owner in-so-much as the creator, because if someone purposely created something to this extent that it takes down the grid, then the deserve to have everything fried anyway.

IP banning doesn't help a whole lot when a number of people do their dirty work on Dynamic IPs or in internet cafe places, or stolen (open WiFi) internet. It used to be useful in the past, but that was a long time ago. Some cable modems and services assign the same IP to users over long periods of time, but still most people actively looking to grief others repeatedly are not doing it from their own Internet connection.

Better idea: Limit scripting access to 1-3 months of active usage. Active being x number days having logged in at least once per day.

these are things the lindens SHOULD have done long ago. Most Online MUCKS limited scripting access to certian people and let admins control how it was dolled out.

I suppose.
The restrict scripting would work, although it has to be done correctly, such as making multiple levels of scripting access (like MU*s do), moving any function that is currently used to grief up to a higher level of scripting that those of us who have been around 30+ days can use. Create several levels of scripting, and when a function gets used to greif, access of that function moves up a level of acess (i.e. fewer people can use it). It shouldn't need to be done too much obviously, at some point the function gets removed from everyone's access until LL figures out how to make it a ungriefable.

[excuse double post, this is thread relevant, but not relevant to my previous post]
A friend suggested that there be backup servers so that when thegrid is crashed instead of having to clean up, the grid is merely replaced with an earlier version.
I'm 100% sure this is unfeasable, but I don't know why.
Ideas?

perhaps set certian functions, like those used to spawn copies to people who have been on longer. I don't think it would be a bad idea.

thereby at least doubling the server cost for LL? not to mention maintenance in maintaining clean backups on the backup servers? I seem to remember the whole clustering deal in the past with servers, things can get messy the more servers you run, getting everything to switch over cleanly might be a feat in itself. Not sure that will be the best idea. Not sure how SL works behind the scenes, but I don't want people to think they can pull a "High tech bank heist" by transfering funds and crashing the system.

Doesn't help stop the vast majority of people who don't have a static IP address.

That was my first thought, and the obvious one. I was thinking that there might be more to it than that.

LL shouldn't be allowing those one-use cards or any other "debit" style cards in the first place. They don't allow you to sign up with a Paypal account that's not backed by a credit card or bank account, and a "debit" card is no different than that.

Some folks on this thread are smokin something awefully strong.

Limit scripting?? Are you KIDDING me?

I'd see my reason for being on SL at all go up in smoke.

Problem:
PayPal will let two paypal acounts be backed by the same bank acount.
Not the same credit card, but I'm positive that you can make multiple accounts backed by the same savings/checking acount.
(Someone verify/refute this?)

How about this? We all have to use a credit card or celphone to register.
These schmucks are registered users, so LL must have the credit card numbers for them.

How about adding something in the agreement that says "If you do something to fuck up the grid, you will be charged a metric buttload of money. We WILL keep hitting your credit card, every week, until this buttload (metric) is paid." (BTW, it's a metric buttload, 'cuz it's 2.2 times bigger! *grin*)

I know I would sign that agreement.

Having said that, I am keeping in mind the chance the person responsible does it accidentally (I know it might not be likely, but it could happen, as has been discussed at length here on the forums).
Basically, if they have enough proof to go to the authorities, they should hit the guy right in the wallet.

Dunno... just a thought.