Welcome to the Second Life Forums Archive

These forums are CLOSED. Please visit the new forums HERE

Discussion: Anti-Copybot

JJValero Writer
Registered User
Join date: 28 Feb 2007
Posts: 10
07-08-2007 08:23
CODE
// Anti CopyBot Reactive defense. Merge this script with your code
// Coder: JJValero Writer
// Freeware code
// Put this line in touch_start() event for know your UUID
/// llWhisper(0, "Your UUID: " + (string) llDetectedKey(0));


key kMyUUID = "Paste here your UUID"; // Copy here your UUID

default {

state_entry() {

// The first line is too valid. Use the second line if what wants it is to distribute script
// if (kMyUUID != llGetCreator()) { // object creator -- protect the object
if (kMyUUID != llGetInventoryCreator(llGetScriptName())) { // script creator -- protect the script

vector vPos = llGetPos();
list lLandInfo = [PARCEL_DETAILS_NAME, PARCEL_DETAILS_DESC];
list lDetail = llGetParcelDetails(vPos, lLandInfo);

string sMessage =
"Detected one it copies nonauthorized :\n" +
"Objet : " + llGetObjectName() + "\n" +
"Description : " + llGetObjectDesc() + "\n" +
"Infractor name : " + llKey2Name(llGetCreator()) + "\n" +
"Infractor Key : " + (string) llGetCreator() + "\n" +
"Region : " + llGetRegionName() +
" (" + (string) vPos.x + ", " + (string) vPos.y + ", " + (string) vPos.z + ")\n" +
"Parcel : " + llList2String(lDetail, 0) + " ... " + llList2String(lDetail, 1) + "\n";

llInstantMessage(kMyUUID, sMessage);
llListen(100, "", NULL_KEY, "");
} // if

} // state_entry

// when you see the stoled object, you type:
// /100 /CREATOR
// In front of witnesses, it will leave the robbery in evidence
listen(integer channel, string name, key id, string message) {

if ((channel == 100) && (message == "/CREATOR") && (id == kMyUUID)) {
llShout(0, "Anti-CopyBot Script: This object has been developped by : " + llKey2Name(kMyUUID));
} // if

} // listen




// touch_start(integer total_number) {
// llWhisper(0, "Your UUID: " + (string) llDetectedKey(0));
// } // touch_start

} // default
Nada Epoch
The Librarian
Join date: 4 Nov 2002
Posts: 1,423
Original Thread
07-12-2007 22:24
/15/e7/196080/1.html
_____________________
i've got nothing. ;)
Wicc Cunningham
Registered User
Join date: 25 Jun 2004
Posts: 52
07-13-2007 10:41
Does this mean copy bot can now copy the scripts in objects it comes across?
Meade Paravane
Hedgehog
Join date: 21 Nov 2006
Posts: 4,845
07-13-2007 10:50
This seems to be more for detecting that people have copyied your (no-mod) scripts from your object to their object than for detecting things that have been CopyBot'ed..
_____________________
Tired of shouting clubs and lucky chairs? Vote for llParcelSay!!!
- Go here: http://jira.secondlife.com/browse/SVC-1224
- If you see "if you were logged in.." on the left, click it and log in
- Click the "Vote for it" link on the left
Darien Caldwell
Registered User
Join date: 12 Oct 2006
Posts: 3,127
07-13-2007 12:36
If you put this code in your script, it would only prevent people from moving the script to a different object. It could be marginally useful if you sell scripts that are copyable AND trasferrable, but don't want people reselling them as their own. However It would really be sad to start doing this to scripts that are either no copy or no trans, as it only prevents the legitimate owner from moving what they paid for to a different object.

And no, copybot can't copy scripts, and in fact copybot is last years non-news.
_____________________
JJValero Writer
Registered User
Join date: 28 Feb 2007
Posts: 10
Explanation of the code
07-14-2007 12:44
First of all, this has been translated with the translator of google because the English language is not my native language.

The last month (June) was a Rolling Restart to correct bug that allowed to copy code, (1)

Nevertheless, the manufacturers of bot D35V affirm that xploit that they use is different. (2)

Is lying or says the truth? , not it. Nevertheless, SecondLife is a complex, as complex software as the operating system Windows and much more that a navigator. All complex software has bugs and every certain new time they are discovered bugs of security.

Perhaps today form does not exist to copy scripts. Perhaps the manufacturers of the last models of copybot are lying. However, always it is possible that tomorrow or the day after tomorrow they can be discovered new bugs, and this script is one first approach that I have thought to protect of those copybots to me.

When copybot copies an object, sooner or later the owner of copybot will have to make a rez of the copied object, and is then when script warns to you. That is to say, this script does not avoid that they copy to you, to only warns you that they have copied to you.

References:

(1) http://www.secondlifeinsider.com/2007/06/17/rolling-restart-to-close-exploit/
(2) http://voter5.mygeekspace.net/blog/?p=26
Talarus Luan
Ancient Archaean Dragon
Join date: 18 Mar 2006
Posts: 4,831
07-16-2007 15:45
Again, this won't stop anything CopyBot-related ("the" CopyBot, from last year, and any of its derivatives), because the POINT of CopyBot was to copy some else's prim builds by simply looking at the data presented to the viewer and recreating it. It had nothing to do with scripts. Thus, sticking "Anti-CopyBot" is meaningless tying for popularity purposes.

If you are worried about people moving scripts from your prim builds to their or other prim builds, then a simple way to fix that is to use something like this in a few places in your code.

if (llGetInventoryCreator(llGetScriptName()) != llGetCreator()) llDie();

__or__

if (llGetInventoryCreator(llGetScriptName()) != llGetCreator()) state Disabled;

state Disabled { state_entry() { } }

or anything else which kills script functionality or otherwise inhibits copying.

If there is a security breach which causes access to your script source code, well, nothing you can do will help in that situation, so there's no point in worrying about it.
Destiny Niles
Registered User
Join date: 23 Aug 2006
Posts: 949
Don't give people a false sense of security!
07-17-2007 09:07
hmm. Even if this script works, which I don't think it will, and really is a disservice because people will start using it and get a false sense of security.
What is to stop the person that made the unauthorized copy from deleting it?

Talarus Luan method works better.
Darien Caldwell
Registered User
Join date: 12 Oct 2006
Posts: 3,127
07-17-2007 13:20
From: JJValero Writer
First of all, this has been translated with the translator of google because the English language is not my native language.

The last month (June) was a Rolling Restart to correct bug that allowed to copy code, (1)

Nevertheless, the manufacturers of bot D35V affirm that xploit that they use is different. (2)

Is lying or says the truth? , not it. Nevertheless, SecondLife is a complex, as complex software as the operating system Windows and much more that a navigator. All complex software has bugs and every certain new time they are discovered bugs of security.

Perhaps today form does not exist to copy scripts. Perhaps the manufacturers of the last models of copybot are lying. However, always it is possible that tomorrow or the day after tomorrow they can be discovered new bugs, and this script is one first approach that I have thought to protect of those copybots to me.

When copybot copies an object, sooner or later the owner of copybot will have to make a rez of the copied object, and is then when script warns to you. That is to say, this script does not avoid that they copy to you, to only warns you that they have copied to you.

References:

(1) http://www.secondlifeinsider.com/2007/06/17/rolling-restart-to-close-exploit/
(2) http://voter5.mygeekspace.net/blog/?p=26


Yes, the restart to close an exploit was to stop a method that let people see the source code who were not supposed to be able to. Your script would be useless, as, if they can see the source code, then they can remove your protection. :)

as for the Voter5 link, that was created by this notorious griefer group to, what else, cause grief. Its meant to scare and panic people, and contains no facts whatsoever. and assuming it was true, see my last point, they could just remove your protection.

I agree with Destiny, using it will only make you feel all warm, but it won't hurt anyone but the legitimate users of the script.
_____________________
JJValero Writer
Registered User
Join date: 28 Feb 2007
Posts: 10
Responding all
07-17-2007 14:51
translated with the translator of google because the English language is not my native language.

--------------

Indeed, it does not protect against copybots old that is not able to copy code. That is not the functionality of that code.

Whoever to protect its clothes of design, or their textures will have to look for other methods.

This script I have created it thinking about hypothetical copybots able to copy code. I do not know if D35V copybot exists and i do not have been here the time sufficient to know the Voter5, not if they are grieffers or they are not it. But I like to anticipate me to any type of risk, and she has always gone to me well of that form.

It is completely certain that if can copy scripts, they can deactivate the security. That knew it from the beginning.

Nevertheless, to be able to modify script, they must make a rez unavoidably. And it is then when at least, you know that they have copied to you. Unless, they are in a land in which permission of execution of scripts does not exist.

With this I mean, that I am not speaking of “preventive” security, that is to say, the one that it avoids that they copy to you.

I am speaking of “reactive” security. That is to say, the one that alerts to you when somebody has copied to you. I have proven script simulating a hypothetical copy, and has worked.

If the moderator of this forum thinks that this script is “malicious” can erase it,

I have created it and I have offered it with good intentions. And by all means I will continue using it.

greetings

......................................... EOC
Talarus Luan
Ancient Archaean Dragon
Join date: 18 Mar 2006
Posts: 4,831
07-17-2007 15:51
From: JJValero Writer
This script I have created it thinking about hypothetical copybots able to copy code. I do not know if D35V copybot exists and i do not have been here the time sufficient to know the Voter5, not if they are grieffers or they are not it. But I like to anticipate me to any type of risk, and she has always gone to me well of that form.


CopyBots are generally hacked clients, either built from the Open Source SL viewer code or the libsecondlife library. To be able to copy a script requires you to break the security of the SERVER, since it controls the permissions and access to object inventory contents. Thus, for anything considered a "CopyBot", it has to do with prim builds, skins, shapes, textures, sounds, etc, but not scripts.

Potentially, a client COULD be written to exploit a weakness in the SERVER's security mechanisms, but the only ones which have been successfully exploited in the past are ones which allow access to the SOURCE CODE of the script itself. Anyone can buy a copy of an item (for sale, obviously) and copy/move scripts out of it and put them in another object, without ever doing anything with a CopyBot or script stealer program.

From: someone
Nevertheless, to be able to modify script, they must make a rez unavoidably. And it is then when at least, you know that they have copied to you. Unless, they are in a land in which permission of execution of scripts does not exist.


Not correct. The way script permissions breaches have worked is that they allow the client to download the SOURCE CODE of the script to the client. Then all the user has to do is to create a New Script in his main inventory, copy/paste the source code into it (sans your protection code, if present), and then he can drop it into a prim build to run it for the first time.

There have been no recent (any ever? I've not been around long enough to be sure) hacks which allow a client to arbitrarily place inventory into a prim via UUID. All that is done on the server side, between the sim and the asset server, or just on the asset server. The client can direct them to perform the copy from *your* main inventory to a prim/object inventory, but it would take a pretty serious security hole to allow you to transfer something from another avatar's main inventory into an object you made. Still, even assuming that there was such a hole, or even one which allowed you to make a duplicate of inventory inside a prim you don't own, it is likely that they could have obtained a full-permed prim from one of your builds where they can put the script into, and it will work fine. In fact, that can be used to completely fake out the entire script if their copier made a copy of your prim instead of rezzing a new one.

From: someone
With this I mean, that I am not speaking of “preventive” security, that is to say, the one that it avoids that they copy to you.

I am speaking of “reactive” security. That is to say, the one that alerts to you when somebody has copied to you. I have proven script simulating a hypothetical copy, and has worked.


Yes, the permissions system is about as good as you can get for "preventative security". Anything beyond that is reactive.

From: someone
If the moderator of this forum thinks that this script is “malicious” can erase it,


I don't think anyone here thinks it is "malicious", just presented in a misleading manner. If you would have said it was "Reactive Script Copy Protection" or something similar, and not mentioned CopyBot in any way, it would avoid a lot of the debate. :)

From: someone
I have created it and I have offered it with good intentions. And by all means I will continue using it.


I have no doubt that is true. :) All we are trying to do is to shape the utility and the description so that it targets the right problem. "Anti-CopyBot" is incorrect and misleading; that's the main point of most people's dissent. The code itself has acknowledged utility outside of that, though.
Fletcher Rodgers
Registered User
Join date: 15 Oct 2006
Posts: 25
08-21-2007 04:24
From: Talarus Luan
I have no doubt that is true. :) All we are trying to do is to shape the utility and the description so that it targets the right problem. "Anti-CopyBot" is incorrect and misleading; that's the main point of most people's dissent. The code itself has acknowledged utility outside of that, though.


agree
Seemok Capalini
Registered User
Join date: 4 May 2007
Posts: 17
Hey...
10-08-2008 12:50
You could always tell the owner of the stolen object he forgot the script and give it to him...
Tyken Hightower
Automagical
Join date: 15 Feb 2006
Posts: 472
10-09-2008 11:44
*facepalm*
_____________________
Optikal Planer
Registered User
Join date: 17 Jun 2007
Posts: 5
Fact
02-11-2009 04:49
I may have missed it in the discussion, but I didn't see anywhere giving a clear definitive statement on copybot security.. which is what I'm sure anyone reading this thread would be wanting to know.

>>> There is nothing you can do to protect against copybot. <<<

Please don't put copybot protectors on your land, it only advertises to newbies that there is such a thing as copybot, thus starting the hunt. Not to mention annoying pointless spam.
Briana Dawson
Attach to Mouth
Join date: 23 Sep 2003
Posts: 5,855
02-11-2009 06:19
I needed a 20m x 20m mega-prim circular dance floor that had all the neat features of the best floors in SL. So of course i am not going to find one with my requirements...What did i do? I found the best floor i liked, ripped it apart, renamed all my mega prims to match the dance floor and moved all the scripts to my mega prims, put it all together and voila, big ass Super Sex Yacht Dance Floor Supreme.

With a silly code like the OP proposes, i could never remake something with the scripting parts from the product someone else made. That just goes against the some of the founding principles SL was built on. Why should i reinvent the wheel when there is a perfectly good wheel here just with the wrong spokes on it?

Restricting peoples ability to be creative with the items you create only stifles your sales.

I would never ever buy a product whose scripts were set like this.

If you don't want your scripts moved to other objects, just set a security flag in it that makes the scripts only work in prims you are the creator of.
_____________________
WooT
------------------------------

http://www.secondcitizen.net/Forum/
Hewee Zetkin
Registered User
Join date: 20 Jul 2006
Posts: 2,702
02-11-2009 11:31
From: Seemok Capalini
You could always tell the owner of the stolen object he forgot the script and give it to him...


From: Optikal Planer
I may have missed it in the discussion, but I didn't see anywhere giving a clear definitive statement on copybot security.. which is what I'm sure anyone reading this thread would be wanting to know.


Erm...Nobody WAS reading this thread. Didn't you notice how old it is? Not only that, but based on a totally incorrect assumption, which was already pointed out in the first few posts. This one is painful necromancy. :p