Third Party Viewer Policy coming soon

No it doesn't. What the hell do you think farming bots are? Ever heard of WoWGlider, or DECAL? Unofficial, 3rd party "fake" viewers. Being SOLD or made available to anyone and everyone.



It doesn't PREVENT ANYTHING. Where are you getting this "prevention" crap from?




I'm not protecting anyone's "right to privacy". Hell, I am all for people having to have a RL tie to even login to SL. I was as abhorred at what happened on 6/6/6 as anyone.

HOWEVER, that doesn't PREVENT ANYTHING. If anything, all it does is make it slightly more difficult for someone to go from anonymous account to anonymous account with impunity. THAT ALONE would solve a large proportion of the problems with infringement and miscreants.

I am all for solutions that actually have a significant impact on the "bad guys", with no, or extremely small and intentionally minimized, impact on the "good guys". Any proposed solution which doesn't have those two basic core principles in the foundation of its design simply isn't a solution at all and should be discarded.

If LL wants someone's real life identity tied with a publicly-distributed version of their software, that's fine and dandy by me, as long as I can still do what I want to do with the viewer that helps me as one of the "good guys". However, it is TOTALLY asinine to think that it will be of ANY use to deter the "bad guys" in any significant or meaningful way. The moment the design or implementation turns on the "good guys", the whole thing needs to be taken out back and shot, just like a rabid pet gone mad.

What about forged registrations?



Such as? As soon as you release a viewer, you have to release the source, too. Publicly. That's the GPL for ya. Even without the source, the client is in the hands of the infidels (aka, "the Public", and there is NOTHING "protecting" whatever "secrets" it may contain from being discovered.



The obvious point you are missing is that MORE than "as much" thought HAS been put into the problem, which is why people are discarding ideas that THEY HAVE ALREADY BEEN OVER AND REJECTED DUE TO FUNDAMENTAL FLAWS IN THEIR DESIGN. I don't suppose that thought occurred to you just yet, has it?



Why, that's just so simple! WHY HASN'T ANYONE THOUGHT OF IT? ZOMG!



Then, by all means, if you think that "it can be done", if you are so sure, FRICKIN' DO IT!

If you think you are smarter than the THOUSANDS of people who are in the IT security field that are working with BILLIONS of dollars of investment/R&D money to solve this very problem, then you should roll up those sleeves and get to it. You'll have to excuse the rest of us, though, if we don't sit idly by, watching and waiting whilst you work.

Until you've spent some time "in the trenches" to know what is possible and what isn't, I don't think you're being anything but an armchair quarterback in all this. That makes your whole appeal more akin to a request for succor from a deity, rather than an interest in solving a problem within the realistic means at mankind's disposal.

They would "divulge their connection licence code" every time they connect to the grid.

What, you expect there is some magic, uncrackable "black box" that would be inside their viewer that no one in the world could get into that some how telepathically communicates with LL's servers on a specific theta frequency that is totally untraceable? Can I have some of what you are apparently smoking?



Ultimately, it is impossible to restrict access to servers by unwanted programs, because no matter what measure you take, there will always be at least one countermeasure to circumvent it. Thus, attempting to make "perfect security" is a fallacy, just like making "perfect anything". The real world abhors perfection. Not only that, "perfect security" would be completely useless. Not even the owner/creator could access it, and/or, assuming that the "perfect" security had a commensurate "perfect" access hole through which only the owner/creator could do so, it would realistically be so cumbersome as to make it not worth the cost and/or hassle to bother.

What you want is "good enough" security. Security which is effectively transparent to the ones for whom access to the secured entity is allowed, and which is effectively opaque to those for whom it isn't. Note, "effectively" is NOT "perfectly".

Viewer encryption and registration codes are NOT effectively opaque, and are questionably transparent.

Here's a proposal that might actually be useful:

When connecting to SL a viewer have to provide its registered name. If you are a developer, that's your registered name.

Using the wrong name is against the ToS and will lead to suspension, or permanent banning if you distribute ripped assets without explicit permission of the creator.

Getting an ID must be free and no more difficult than getting a contributor's agreement.

This would be almost as effective as Blizzard's rootkit approach, without forcing people to jump through pointless hoops.

Using the methods we currently have at our present understanding of technology, and the state of the installed base of technology, yes. It is ABSOLUTELY IMPOSSIBLE to restrict viewer access to SL and what we have now is the best (or about as close to it as we can realistically get to) it can ever be. We could try variations on a theme, but there is nothing at present which will "fix" the problem in any effective way WITHOUT severely impacting legitimate usages.

Just like Argent's "can't ski through a revolving door" comment. You simply CANNOT DO IT, UNLESS:

1) You fundamentally change what "skiing" is to where it can go slow enough for you to push through a revolving door, and still be considered "skiing", or
2) You fundamentally change what a "revolving door" is, where what is currently accepted as "skiing" is permitted through the door without significant impairment.

The analogues of those things in the technology industry are things like replacing EVERYONE'S computers with black box devices that self-destruct if you open them, where the control over what is happening is wrested from the end-user and given to some nameless, faceless central authority who can do whatever they want to it (and your use of it) at a whim. Surprising, that's how digital satellite TV (Dish Network, DirecTV) works, and they are STILL having their signals pirated.

One last thought, something which few people on the "protect us from the infidels!" camp really understand: I am not for tons and tons of security. To me, security should always be about individual choice. I obey the laws because I am a fundamentally good person, and believe in respecting the toils of others. However, that belief is not universal enough for me to throw away the freedom to infringe their IP if I so choose. Why? One reason that is a personal one for me is that I am an Archivist. That means, I collect IP. I make copies of stuff. Not to use, or really gain any benefit of (except maybe for personal research purposes), but to make sure that a copy of it survives me and, indeed, survives into the future where it otherwise is at a severe risk of not doing so.

There is so much information out there, so much IP, and so much of it disappears forever to entropy, known specifically to me as "bit rot". I take it upon myself to spend time and money to "back up" the bits and pieces of our collective social culture that I find interesting, should it someday be found interesting to myself or someone else who has not had the luxury of living in the time I have, and therefore would never have had access to the many things I have.

You have to remember that IP rights are NOT "forever" (despite the wet dream of the Disneys and Sonys of the world that they be made so, that they can be milked forever). Eventually, ALL "protected" works fall into the public domain. With the advent of things like "perfect security" and DRM, it drastically increases the chances that large swaths of our culture will be lost and inaccessible to those in the future who stand so much to gain from their existence. In this one instance, "perfect security" and DRM are my enemy, and it is one reason I fight against them. Not for the pirates, not for those who have no respect for the creators and wish to take their ideas and sell them to the creators' detriment, but for what essentially boils down to "fair use".

As such, that is a consideration that people REALLY need to keep in mind when clamoring for "protection". They better know for what they are asking, because they are liable to get more than they wanted, and, by "more", I mean in terms of the downsides.



On the contrary, I expect LL to do everything it thinks it can to curb whatever problems it sees. However, it is in their (and our) best interests to seriously consider ALL aspects of what suggestions are being offered, and discarding those which HAVE BEEN PROVEN to be too flawed to be useful.

Devil's Advocate analysis:

OK, let's say that you registered your name as a Registered Viewer Developer. I know this fact because you distribute your viewer, and I can see your name sent to the server in the "Registered User" field.

Now, I make a viewer which has "bad code" in it. I need someone's "Registered Name" name to connect. I pick yours and send it. Later, I get "caught" by the Lindens, and they see that I am using your "Registered Name". They don't know for sure that I am not you and, in typical Linden fashion, ban the use of any viewer using your "Registered Name".

This isn't too far removed from the notion of banning an account due to infractions against the TOS, even though it was "my little brother at the keyboard at that time". LL can't be bothered to investigate the truth of such claims, nor should they be required to, so this becomes another avenue for griefing and misdirection, or "using the cops to grief your neighbor".

Cribbed from Robert Heinlein, for my sins.

That's what they're supposed to do. They ban the registered name, contact you, after investigation you get a new registered name (this would probably be a UUID) and people using the old name get blocked. Yes, someone could do this repeatedly to be an asshole, but THEY are breaking the ToS every time they do and after a couple of cycles the banhammer comes down on them and all their accounts.

So.. Some PN could build an evil viewer using the Emerald UUID, get themself (or, rather, their disposable alt) caught on purpose, and force everybody who uses the real Emerald to be locked out until they download a new copy with the latest approved UUID?

/me thinks she must be missing something.

Desmond, the problem is that some people have a mistaken belief that, since this is a technology platform that brings us this awesome world, then surely it must be possible for technology to make it secure. While I won't say that it is impossible in a universal sense, it is in the present-day, realistic sense.

Most of the suggestions you make are fully in-line with what a lot of people who have even a modest amount of credentials in the technology security area have been saying. The answer is to address it as a social and ethical problem, which is what it is at its core. No amount of technology currently at our disposal, or even in the near future, is going to solve those kinds of problems.

The answer lies in using technology sensibly to back up social policy. That's what has been asked from the 'Lab time and time again: GIVE US the tools and information to identify our creations properly, so that people can EASILY tell if what they are about to buy are infringing copies or not. So that WE can EASILY tell if they are infringing. GIVE US a means to quickly report and have the Lab quickly respond to our reports of infringing activity. Having them stand up and make strong statements against infringement, including backing them up with actions often enough for people to start taking them seriously, is also a nice bonus.

However, we should still be wary of them attempting to solve the problem with an ineffective technical measure, and then leaving us with that alone.



The problem with the "door lock" analogy is that it really is a poor analogy to IT security. You have to ask yourself "what is it about door locks that is a deterrent?". I think we all know and agree that door locks are nothing more than symbolic security at best (unless you're into the "living in a safe" type, where they would matter).

The thing that makes a door lock a deterrent is that potential criminals who want to gain engress to your domicile want to do so silently and with nonchalance. IE, they don't want to alert anyone around or within said domicile, and they want anyone who might be watching to think they are not having any trouble getting inside, just as the owner would not, to avoid drawing suspicion. When they go out to ply their trade, they are already past a certain threshold; they are trespassing into another predator's territory. Not only is that territory strange to them, it is familiar to their potential/intended victim. Whatever they can do which makes it easier for them to resist the urge to run the hell away, they will want to do. Breaking down a door, or slinking in via a broken window or skylight just is not what they would choose to do. It is also why most criminals like the cover of night, because it is a natural "protection" for them in the pursuit of their illicit endeavors. As such, if the door is locked, it gives them a moment's pause to reconsider. The locks themselves don't present any real obstacle, but the thought of drawing attention and getting caught or, worse, attacked by an alerted resident or nearby bystander/neighbor is enough to make some would-be criminals change their mind and move on. The same is true of the deterrent value of burglar alarms. They don't actually even provide any security themselves at all. There is also the point of "crime of opportunity", where someone can easily snatch something valuable from an obvious and easily accessible location and get far away before anyone becomes the wiser.

That said, the reason why locks and burglar alarms don't work as an analogy with IT security is that none of the deterrents which make them remotely effective are present. The would-be criminal is not at risk of getting caught; he's safe and comfy at home, in his own territory, so he is free to make as much noise as possible, spend as much time as he likes to penetrate said security, and no one will likely know until long after he's done the deed and gone. Worse, he can easily and discreetly share that capability, once he's figured it out, to anyone and everyone he wants, potentially even profiting from doing so.

As for "crimes of opportunity", the difference when it comes to IT is that the ability to "lock out" someone is not in the hands of the owners. In other words, you can close your convertible top, and lock your car, but you can't close and lock your content; you're dependent on someone else to do that, and for a third party to respect it. If someone has made and distributed a tool which makes your hardtop land yacht into a ragtop convertible with the top down with respect to their ability to access its contents, there's little you can do about it.

As for the rest of your suggestions, I would HOPE that they've always been doing that; with the type of service this is, I can't see how they've been able to keep it going without some level of monitoring and action. Knowing LL, though, it probably hasn't been enough, and that's why we're here now, arguing about it.



..and you're right. That's why we need to de-emphasize the "technology will save us from the heathen" approaches, and STRONGLY emphasize the "human nature" ones, because those are the ones which will have the greatest and most effective impact on the problem. Technology will help us get there, but it won't pave the way for us.

Yes.

The part where they get IP permabanned for it.

http://blog.harmonypark.net/2009/08/just-because-you-can't-do-something-doesnt-mean-you-shouldn't-think-about-how-to-do-it.html

Back before the Emerald viewer, I used to use the PAR plug-ins -- http://code.google.com/p/par/ -- and had pretty much the same functionality as I now have with Emerald. If I log in using the official viewer, via the plug-ins, how readily detectable is it?

As somebody who uses Emerald, what should I like about that plan?

Even worse, they cycle through all of the various popular viewers, perhaps even with a function to randomly connect as a different "Registered Name" every time they log on, including LL's.

What does LL do? Ban all viewers from the grid whilst they investigate? <.<

Is LL going to permaban the Internet by subnets as the miscreants hop dynamic IPs?

IP permabanning isn't a solution for that. You know that.

I think it would be pretty easy for LL to figure out who was doing it. Oh look, this IP has connected using 17 different IDs including three of our bait IDs, *whack*.

LOL..

Ok. So what I was missing was that this wasn't a serious suggestion of what LL should do..

The next step is greylisting and honeypots and pressing charges in RL.

Is there any way that LL can make a viewer registration legally protected? Something that gives them RL options if somebody uses a key that somebody else owns?

edit: and I still think the only real way to make progress vs content theft is to build signatures for content.. Even if it's all done viewer-side.. Something that lets a content creator right-click on something and ask "is that a copy of my stuff?"

It is. It's just not EVERYTHING they should do. It's merely the *best* they could do to create an effective registry.

Where "best" means "least worst".

This proposal would make the perps guilty of bypassing a protection mechanism, which is a criminal act under the DMCA and, I think still under the PATRIOT act.

Terrorists!!!

Ok.. I like that part of the plan, then. I don't like the part where Prok could totally & finally snap and cause everybody using Emerald to get locked out. I don't like that part at all.

This is similar to what I'm suggesting, not perfect but and nothing ever will be but certainly a step above allowing any viewer connect to the grid. It at least is a definate line someone must cross for legal purposes too.

Isn't it possible to seperate the login part of the viewer from the GPL and only supply that file to those registered developers to be compiled, so effectively you couldn't compile a SL connectable viewer without that file but you could have all the other feature files in the viewer still opensource?

Perhaps put tracking ID in that file so LL can see which developer the file came from if it falls into the wrong hands. And update this file at regular intervals so anyone with an unauthorised copy has to get hold of another one regularly too.

Sure I'm not an expert in this stuff by any means and sorry if I'm really annoying, and my ideas aren't by any means the solution but if they get people thinking outside the box then that certainly beats a "can't do it" attitude.

Internet security is a continual arms race, just because you can't win it, doesn't mean you should stop trying, let the bad guys run rampant and leave it in the hands of a foriegn countries legal system to protect you.