Power, the community, and Linden Lab.

I have four words for you: SQL Injecton, Buffer Overflow. Not that I'm under any delusion that you, blakofy, will actually listen to me...

I don't care if it's just one bit being written to one file. My problem is that it's a stranger gaining write access to my computer! Given what I've seen of Linden's idea of security -- "Hey!" "What?" "Why not let the client decide who is a Linden and who is a customer?" "BRILLIANT!" -- I don't want them doling out access to my computer at all!

Maybe you, blakofy, are comfortable in backdoors to allow the pooling of everybody's computer resources into some quasi-Socialistic, processing cluster, but I'm not!

Strangers already have access to write access to your computer.

Anything that causes caching of binary data (streaming, for example) will enforce data be written to the hard drive into various files.

an llDropTextIntoFile could be easily constrained to be, for example:

only llStrings
only 255 characters in size (like XML)
etc

When you're dropping into a predetermined file the opportunity for hacking approaches zero, and certainly is a lot less than all the other opportunities available.

I mean, for example, what about llLoadUrl? That's a lot more dangerous than a drop file could ever do, which btw, if you really thought it trhough is infinitely safe.

It's trivial for ll to simply constrain the length of a string. (If string len > 255, silently fail).

These two statements seem at odds to me.

If you have issues, you should bother a Linden with them. Don't rant and annoy, just state the issues and ask that they take your point into consideration. CK "Hey, Linden, I think events need funding support." Random Linden "Thanks, glad to have your input." CK "Have a nice day!" RL "U2" Or send an email, create a post, buy a hundred 32 sq. m. plots and put up signs, whatever. The only way for LL to improve the product is to get feedback from as many users as possible.

Perhaps, but by the current format of the TOS is also illegal (suggesting to connect an external app to the client for data retrieval, if wanted).

Also being studiously ignored as well, but that was to be expected. I'm actually trying to help flesh out the idea and still keep things reasonably safe.

I don't comment much anymore, and almost never in General, but the idea at its core - client extendability - is one I care about.

Note that llLoadUrl requires you to accept the link passing to your browser (and in my case I also need to let ZoneAlarm allow the SL client to kick off a browser instance). I'd want the same for any such message passing.

This is a nice idea to some extent, but not really ready for a Windows environment today. If this were the mythical Linux client you're talking about, or perhaps Vista or a Mac, I'd be more inclined to agree to the function as-is.

True, but you do realize whenever you upload an image or a sound to Second Life, they get compressed into another format -- images are JPEG 2000 and sounds are OGG. Sending binary data to Linden Lab's server, where it gets compressed into a completely different format, so it can be streamed via a compressed system and then temporarily cached on my hard drive is a lot safer, and a quite bit different, than allowing a script direct, ASCII write access to my computer.

You do realize the fastest spreading virus, the Slammer worm, was only 376 bytes in size, don't you?

I know you wouldn't bother looking into SQL Insertions or Buffer Overflows. The ability to merely append a file, as opposed to creating a new one, does not drop the security risks anywhere close to zero.

Okay, blakofy, let's think this through... Anti-virus programs scan known viruses looking for key, maliscious functions; that's how they know what to filter out of your mail. llDropText gives virus writers a back door to your system. They can email you a completely innocent program, a program that bypasses the anti-virus scanner because it's just a little program that reads data... Reads data from the llDropText file.

The Slammer worm got onto systems not because it wrote a file to someone's harddrive, it was as deadly as it was simply because MS-SQL didn't know when to stop listening. llDropText isn't dangerous by itself or even by virtue of what it does, as you say Second Life already writes into to out drives. The danger here is that llDropText allows strangers, not Linden Lab, direct control over what gets put on your computer. It's like this:

Say Lex Luthor and his daughter Lena were driving by and they had a flat, and it's raining, and it's Lex Freaking Luthor! He wants to come in and sleep for the night, but you have no desire to let a violent criminal in your house. So, he says, well, will you atleast let my dear Lena come in for the night? What you're saying is, "What's the harm, she's just a child." What I'm saying is, "She can unlock the door from the inside!"

(I realize that this is quite different from an SQL Insertion or a stack overflow, I'm just not as knowledgeabe when it comes to stack overflows and could not offer a real world example of how writing text could trip up the SL client when it got loaded into memory. My guess is somehow encoding a backspace, so that two 255 character lines parsed by hard returns would end up as one 509 character line that would over flow.)

I liked Alan Kiesler's idea about accessibly memory space. However, such an accessible memory space would require client-side access to SL, likely in the form of COM or an IPC, and we all know where my suggesting a client-side API leads...

May I interupt for a minute?

Thank you.

That's M-a-r-g-a-r-e-t M-f-u-m-e, Blaze. tyvm

But while I'm here,...it really makes no difference to my opinion on something whether the comment comes from Blaze or anyone else, for that matter. I don't stop to try to figure out his sincerity, his angle or his motive. I just respond to the words. I've often felt it would be better if the opening post could be anonymous, not the whole thread, mind you, just the opening post.

Very interesting. In practice, however, I imagine a ton of really cruddy opening posts.

you know the unable to resist response here is...

and the difference would be?

In all honesty, Gabe, I think that maybe they'd be easier to ignore without a personality to attach to a crappy post. Also, if it were offensive, it could still be ared, the identitiy of the poster would still be known to the moderaters.

The truth is Margaret, everything is really anonymous when you think about it.

But, yeah, that's a great idea. I was thinking the hotline would be better off if it was anonymous as well.

Of course, Blaze, and for that reason I might wonder if a knowledgable new poster might not be someone who had come too close to being banned for comfort. It still doesn't change my opinion on a subject.

For some people anonymity does give reign to bad behavior but for others it allows them to speak out with what they might think is an unpopular view or one that they feel would likely bring on attacks rather than discussion. For those whose voices crack and hands shake while they give a presentation, anonymity may allow them not to feel in the spotlight. The thing is anonymity isn't automatically bad as is the case with power, the topic of this thread. Power has a bad connation to it because of the chance of it being abused. In contrast, to be empowered sounds pretty good.

Furthermore, I don't think the anonymity of the internet is that different than real life. Seeing the faces and even knowing the names doesn't make us all that less anonymous to each other outside of the relatively few people we know. On a large scale, think of the people who are victim to disasters and wars. They are real and verifiable yet we can't grasp it. On a day to day basis, I have no idea if the person who smiles as they wish me a nice day is someone who is okay with their job in the service industry or if they aren't someone who disliked me before they ever got to work that day.

So yes, Blaze, everything really is anonymous when you think about it.

Perhaps the resmods should move this thread

Anna? If you see Blaze, tell him I said "hey".

Nekromantic is a horrid film.

Seriously! It needs to blaze right out the door.

Now, be fair, Anna probably didn't dig this thread up from its grave for the specific purpose of fucking it.

Also, I quite like Nekromantic, and Nekromantic 2 even more. They're well-written, inventive, well-filmed (especially for the meagre budgets), and have excellent musical scores. As indie films go, they're some of the best ever made. You certainly can't say they're cliche ripoffs of anything else.

Most people have a problem with them because they're A) prudes about sex, and B) scared and disgusted by corpses and death. If you don't have either of those neurotic hangups, N and N2 are hilarious sex farces. What could be funnier than sex and death?