Is 'THIS' the future of Second Life ?

I'm a bit confused: in practical terms, about the only recourse you'd expect would be to get the site taken down... and if they registered it in your name, wouldn't that kind of make THAT a slam-dunk?

Nope, both domain register and host were overseas. Meaning a US legal order would hold no weight, and they would not divulge login information except to the email account that was used to set up both the domain and site.

So there was 0 legal options available to me to deal with it.

Oh, I assumed that when you said you filed a DMCA that you were talking about a host in the US. Why would you bother sending a demand letter under US law to an overseas company?

The domain was listed as registered to a US address, it wasn't till I filed the DCMA that I got the information on the actual register data.

The Domain info was: Holding Company Registration - for US client

The DCMA request went to them, then they forwarded it like LL does to the user... which was listed as me

This doesn't really argue against validation still. Your example shows there was no validation, just possession of your information.

Banks every day have to validate their customers information as part of KYC and Money Laundering regulations and a significant amount is done online. Now we know Linden doesn't have the budget to splash the cash in that sense, but there are methods that can be used to increase the validation model that would increase the accountability and not create an impossible barrier to the majority of the userbase that will sustain the platform and community.

It will not be perfect but I cannot see any excuse or examples above to do nothing in this scenario.

So in order to open an account you will have to walk into LL offices with picture ID and sign a bunch of paperwork?

That is the only way validation will work to create an account

But still does not prevent someone from hacking an account through a keylogger or some other method and misusing a user's account without their consent to steal content.

There is not a lot you can do about this. All of you have to do is take a look around at the landscape of intellectual property in the digital age to see that anything that LL might do amounts to sticking fingers in a dyke. For example, several hundred thousand people downloaded the latest X-Men movie, the rough cut several months before it was even released to theaters. The potential financial loss from that one act of piracy pretty much dwarfs the entire SL economy. Once something is out there, it is out, and there is little you can do about it.

The fact of the matter is that anything that travels across the internet can with enough ingenuity and determination be intercepted, de-encrypted, and distributed.

Oh yes, a lovely data mining system.

Was looked into for a corporate project I helped on. concern was raised over common names ( We actually had 2 John Smith's on the team. One thankfully had a nickname that we used ), also how the collected user data would be used.

Several of the systems looked at had clauses about collected data being the property of the data mining company... meaning a second income was likely being sold to marketing companies (spam to your inbox and mailbox! But marketed to your information)

Nope you are correct it doesn't.

But again how may people are using keyloggers with the intent to then take the SL account, copybot some random content, sell it for say em 20 USD, not be able to exit the USD (because 30 day accounts blah blah wait) waits, sets up a dummy PayPal account, gets the 20 USD credited, bypasses PayPal validation requirements to pay the money to a valid bank account, launders it to a electronic website by making a purchase for fake goods, who is money launderer, who will then send a cleansed cheque, bypassing FBI, to the person committing the crime to cash.

Kind of tongue in cheek................ and there are other exit points, but sorry heh.

Every copybotter I have come across isn't doing it in what they feel is a intent to defraud, or infringe manner, they think nobody will *know* and there is no accountability - SL is not REAL, it's a game.

So based on my sample of 18 copybotters I have known, none showed intent to do this prior to joining the platform and therefore from my side, the creator on each DMCA filed on these 18 people I would have had I suspect at least some chance of having their correct RL data from Linden Lab if a robust verification model was in use.

In the current situation, each one of those 18 accounts were no payment info, none validated and no valid address for a DMCA to be filed.

Side issue which country they are in ofc.

I can't say I have any solution myself other than that. The blend I am looking for is a slight deterrent (e.g. fine have eleventy billion alt accounts but each one is tied back to RL data verification / pp level account visible at the Linden side) and then accountability so when I file, I have a least a semblance of getting their RL data. It's not much, but it helps.

This is a small subset and I haven't thought the below though in detail - but my starting point:

Customers using Visa:

http://www.visaeurope.com/documents/vbv/verifiedbyvisa_casestudy.pdf

Example: LL take your visa card - you get your free account.
Build, have a billion free alts, sell stuff.
For each account to be remain active after 21 days of initiation they debit your visa two small amounts that appear on your statement on day of your account being opened. Takes normally 4 - 5 business days to show. You have to key in those amounts within the 14 days (as an example) to then retain your account and become a full resident.

The two small amounts are covered by a say 100 Linden credit to the account once you are a full resident.

Same with Mastercard, AMEX etc. All require CSV number as applicable, and a verification of billing address and name which is performed by the card company as standard anyway.

It's the card is stolen, the usual fraud procedures apply.

No card? Next option same as above PayPal. (Original VC - EBay - supereasy) Two small amount (credited I think in this case from memory) to the PayPal account. Linden verify the PayPal account is a verified status (has had address and bank account validated). Address and Name are validated to the PayPal data as normal.

Type in the amounts within x amount of days and same as above.

Build appeals method in case the amounts don't credit/debit in time.

No credit card, and no PayPal account? % of residents affected needed and suggested solutions to be thought out another time.............

Actually the percentage is rather high that can't use paypal or credit cards.

Of the banks in my city (small town) only 1 allows for international charges... which LL is. I have to go through pay pal to cover my LL spending.

I also have a walmart pre-paid visa. All I had to do to activate is fill out data on the website.

All that data could have been basic information available from many sources. Including co-worker data. Because it barely verifies the data.

That card was used to verify an alt on a test, that totally bypasses all your possible verification.

I could easily have set up a card, put in the $20 us minimum... verified. Transferred all the money on the card into lindens... committed what ever content theft I wanted... and transferred copies to a main verified account along with the lindens (or transferred them to entertainers at clubs or events to muddy the transaction histories... oh wait how will non-verified accounts tip those that perform if they can't transfer lindens or items?) Maybe even used the same card to create alts to spam the stolen content as BIAB kits or the like...

There is no magic beans!

People need to stop thinking SL commerce is going to work like brick and mortar commerce.

When it comes to digital goods, you provide a good product... but more importantly you provide a good service to go with them! A knock-off is not going to be able to provide the same level of service and support as the original creator... regardless of what the original product was. Because any (I repeat any) data that hits a person's computer from the servers is going to be able to be manipulated by the dishonest for a cheap buck.

I have to agree with you Charlotte

Doing nothing just because there are always people out there willing to steal
is'nt a logical approach.

In an attempt to clarify...while a few in this thread have argued for less powers for non premium accounts in this thread I think most of the debate has centered around anonymous
users in the sense of no info on file whatsoever. Meaning that people can fake whatever info
they need to on the minimum requirements to get a basic "no payment info on file" account.

If NPIOF accounts were not allowed or were the only ones limited in perms or powers.
I think that what people are arguing for is to decrease the ease with which people with those
types of accounts can steal.

Keep in mind that you dont have to spend any money to get payment info on file. And there
are a number of ways to do this. You dont have to give out your real name to everyone, just to
LL.

Now while this does not solve all attempts at theft. The theif does have to go a bit further
to get away with theft. Generating fake indentities and so on is something they take on themselves and in addition to that risk they must take on.

Now while some committed savvy people may be able to generate fake identities longer than
others if the ones that are being reported and reveal themselves to be fake those accounts
should be shut down immediately. If the person generating the fake identities in order to continue the scam continues to follow this route even after other accounts have been closed.
There will definately be a an increasing pattern of behavior to watch for. Not to mention that for the amount of risk being taken to submit fake identities these people might as well be stealing from somewhere else rather than for small bits of L.

I think that most people agree that we dont want to kick anyone that is not involved in this
type of behavior. And that many of those NPIOF accounts do manage to buy goods inworld
thereby contributing to the inworld economy. From what I am reading I think that alot of
people would just like to see Some form of data being taken to increase accountability.
For the number of people that for whatever reason are unable to comply with Any form
of data accountabilty, well there situation will need to be considered.

However compare that number of honest NPIOF users to the potential number of NPIOF
users who are here specifically and deliberately to see what they can get away with.
I mean just imagine how it must look from the outside in those hacker griefer forums.
It must look like just a wide open buffet for theft.

Free anonymous accounts (NPIOF accounts)
Copybots are being used for inworld use
Very few context provided inworld restraints or emphasis of copyright laws.
Inability to identify the perps due to fake info defeats the effectiveness of the DMCA process.

Then they can also very quickly put them up for sale either inworld or on Xstreet.
(I believe Xstreet is actually getting better at taking action against questionable content)
However with all the stuff on there it can be hard to spot.

I have no prejudice against NPIOF accounts, I am sure most of them are awesome people.
The problem is that this is The biggest problem area in terms of the opportunity for theft.

Nor am I in favor of any kind of drastic or draconian measure that would tend to stifle the
robust vitality of this world.

But I do think that giving new accounts at least Some Incentive to become legitimately
recognized members of the community would only add value to the experience and be
good for everyone overall.

Foxtrot Tango Sierra.

I was already on the edge when it came to paying my original Basic membership after the seven day trial. If I'd had to jump through even more hoops to become a "real" member, I don't think I would have bothered.

Don't forget, Second Life is an entertainment product. It's competing with Blockbuster and Bowling, Warcrack and Evercrack. Every barrier you set up for people to get in and have fun hurts.

Paying for the game, that's nothing more than Warcrack does. Paying for the game and then jumping through more hoops? You're going to drive away your customers. What the hell good does it do to reduce piracy by 50% (and no more than that, because when you get a cheap debit card you get a website you can use to check the transactions, so people will STILL be able to create hordes of alts).

It's TWO numbers to type in ONE TIME within 14 (or lets say 30 for statement timings for those using old fashioned paper) days of your account opening. It's NOT rocket science, or a difficult hoop. It's at best 5 minutes of your time during that first month. Open bank statement, see the amount, click on your account in-world and go to your account details, type in.

I download films etc to rent from a fully legal company - guess what for that entertainment I have to (a) pay (b) have my card with me to enter the details (c) click some buttons to download the thing.

I am not seeing your point as very strong sorry, because if SL isn't selling itself sufficiently within the unvalidated period, it's not down to having to type two numbers in a screen one time. It's down to the quality of user experience/engagement during that period.

I guess we come from different standpoints. The balance is attracting new users, minimal barriers, retaining users (!) and then having a level of governance in world to create a healthy market / economy and community to enjoy. Totally Anom accounts I don't see fitting the model by any method.

Which does nothing for verification. Read again: A prepad card with website access to transactions costs $5 usd + $20 deposit into it. Can be used to verify under false data

Useless hoops are not an improvement.

MortVent would you be happy to say with country you are from? It's interesting to understand more. And you say the % is high, what is your data sample would be good to post that here too. It we could sample that further to show ratio per country (we know certain ones will be higher).

I am in the UK, my paypal is happy with USD charges, it's also validated to my GBP Bank account.

My credit card same format.

My bank account debit card - I don't use online because I get more fraud protection on my credit card.

My original post said to think more about prepay - so you are saying they are easily the target of identity theft they should be then not a viable sign up method (VISA and MC who run them flag them as such through the banking systems as prepay so LL's bank when processing the attempt can reject it to stop people using that format).

And I don't think anybody is thinking b&m commerce above so disagree with that one.

So to clarify is your standpoint in this debate, totally anom accounts (at Linden end) no validation and you feel the in world model is correct currently? Or do you feel there is another approach?

There is no verification of online users. Everyone is anonymous online.

There is only verification of data given to the systems.

Data set A with all relevant data can be used by:
Person A who is the legit person
Persons B to infinity who are not legit. (try looking into verification systems for the porn sites... they have the same problem and nothing works to verify identities online... only data given)

All the system can do is verify that the data give is legit, not that the person giving the data is the same person in the data.





I'm in US. The banks in my town stopped international transactions due to the costs of charge backs and fraud due to online transactions. They are also looking into tighter controls on preventing identity theft... but it's still real easy to bypass by someone with intent. Much like any and all hoops people keep trying to throw up here.

I've heard this before and I don't think it works. Most people wont even know their stuff is a knock off. SL copies don't exactly come with inteference.

Also, people don't want "service". They just want to stick their newly purchased product on their head or up their ass and away they go.

There's no hope for us. Just make quick crap and try to have fun.

MortVent:

You seem to imply that there is nothing we can do about it, so there's no point in trying.

So I assuming at night you do not lock the doors of your house because there is no point.

If people want to get in they will just break the windows.

The suggestion is that you lock your door - not put bars on your windows.
Social convention means it's less likely someone will break your windows to get in to your house.

Complacancy and acceptance of things as they are is a great hinderance to forward movement and evolution in any sphere.

' When good men do nothing, evil prevails '

There is a big difference between finding a solution and simply finding ways to sate someone's greed for cheaper land.

You want solutions.

None of what is offered is a solution that would actually work to prevent content theft. All of them simply add extra hoops that would drive off a percentage of the userbase, make it harder for new creators to get started (thus give the established retailers less incentive to keep inovating... as well as kill off a lot of the creativtity and incentive for new crafters), plus they would push the privacy conerns of many people (and countries), if not outright hostile towards the free account holders (who still buy and sell items in the SL economy)

Show me a solution that works to prevent content theft, that can't be torn down as impossible to implement considering the facts of operating in a digital world online.

That noose is a very ugly piece of symbolism which i refuse to quote, and it is considered so offensive that just displaying a noose gets you a court martial in the Military.

I just blocked it in my Firefox...

No offense but you keep using pre-paid cards as an example - those are not part of the 2 number input proposal because of the very reasons you state. Financial institutions can detect which are prepaids versus *full* credit cards and Linden just need that on their merchant account when validating.

I agree this doesn't *stop* content theft, but it gives me a creator what I want - governance so when I do file my DMCA there is accountability at the other end in x percentage of cases - which is better than the none I have proved out above.

In terms of what the user wants, which is accessibility, no fees, no costs, the world their oyster it also does not put in a barrier that is difficult. The only part I don't have a handle on is those countries without banking systems mentioned.

Also those stats you refer to - let's post them so we can see where you are basing your opinions on to help others understand.

Small town in US and it treats Linden Lab as an international payment - the US banking system has changed? Or are you offshore in a small town.