Linden Lab and reverse engineering (libsecondlife)

agreed. try and cheat my vendor that way

This post confirms it, the number of people who are still unsure of libsecondlife is down to one person. I say that's progress, even if it did take official statements from virtually every one of the core developers and the CEO.

Are you aware of what the bug was, perchance?

And of course one should find a different system if the one they are using doesn't check amount paid vs actual price. But I am not aware of many vendor systems being sold where the code is viewable, and the average SL'er wouldn't know what to look for if it were.

Does your vending system come with fraud insurance?

Oh, I'm not unsure... don't make that mistake.

Does libsecondlife provide a guarantee that software developed by the project is free from malware/phishing? And what proof is offered for verification?

I wasn't name calling I was placing you in the group of users I believe you belong in. If you don't like being called a troll maybe you should inspect why the description is being applied to you.



llSetPayPrice as others have said the server side fix is to check in your script how much you were paid. If you don't count your money before you give your merchandise don't blame anyone but yourself. And as you're TOTALLY IGNORING and why I am calling you a troll. Issues with whether libsecondlife SHOULD be authorized are entirely different from whether it IS authorized. But hey the truth is inconvenient isn't it?



Bugs are perpetually appearing and needing fixed including worse bugs than that one.(ps I know a God Mode bug(hopefully fixed by now) that makes mapping look like nothing) But again this is an argument about why it shouldn't be allowed not related to your trolling arguments that it isn't allowed when it very clearly is. If you want anyone to take you seriously be serious.

It's fully open source! You're free to inspect.

/*
 * Copyright (c) 2006, Second Life Reverse Engineering Team
 * All rights reserved.
 *
 * - Redistribution and use in source and binary forms, with or without 
 *   modification, are permitted provided that the following conditions are met:
 *
 * - Redistributions of source code must retain the above copyright notice, this
 *   list of conditions and the following disclaimer.
 * - Neither the name of the Second Life Reverse Engineering Team nor the names 
 *   of its contributors may be used to endorse or promote products derived from
 *   this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
 * POSSIBILITY OF SUCH DAMAGE.
 */

In summary, no. There are no guarantees whatsoever and to be honest no one on the project wants anyone using the software that is going to complain about verification or ToS violations. If you have a problem with it please don't use it.

And i'm going to go out on a limb here and say that if its code is LL approved, its probably not malicious.

Isn't Libsecondlife's ultimate goal to break permissions, and "liberate" all content, making it open source?

Just like DeCSS was made to "let linux users watch DVDs" ...

*sigh* libsecondlife is not malicious. If there are malicious clients which use libsl, then that's not our problem.

No. I'm in it to get filthy stinking rich.

Spin it how you like, it's still goofy.



My scripts have always checked the amount paid vs price of item. But that doesn't negate the fact that the llSetPayPrice issue was, in fact, a client side bug. You can argue "people should check their math" all you want, I don't disagree with you. My point is, it was a bug which effected the operation of a script from the client side.



I didn't say that it wasn't allowed, I said... why is LL allowing it if the TOS doesn't. A few posts on the forums does not negate the binding status of the TOS, and the majority of SL users (as with most online services) never saw the posts discussing LL's desire to open source the client in the long term, or the work libsecondlife is doing.

If you are going to argue with me about what I said, than discuss what I said. And if simply disagreeing with you over this makes me a troll, then you really are being childish.

My issue is primarily with you people finding and exploiting bugs for profit... like your god mode hack. I'd feel much more comfortable if your sole purpose was to find and report the bugs, not develop hacks and sell them.

Whoah, whaoh!

BACK UP THE BUS!!

The libSecondLife people did NOT exploit GM for profit!! That was ONE PERSON who had NO CONNECTION to LibSL.

Before you start throwing accusations around, get your facts straight. The God Mode program that HAS been developed by the LibSL team is FREE for anyone to use, download, modify, redistribute, or even incorporate in to their own commercial software (at least, it is if it's BSD licensed like LibSL is.)

LibSecondLife itself is free for anyone to download, compile, and use in their own projects. The people using LibSL are currently doing things like chat/IM programs and animation triggers.

And before you attack ANYONE's integrity on the project, I suggest you go look at the mailing list archives, where the ethics of certain unchecked actions are routinely discussed.

Baba SUCKS

(no flame thread is complete without) OMG ALT!!!!!!!!!!!!!!111111111oneoneoenepn

I normally just lurk and listen, but I do have to say this

Burnman, quit trolling, because that's *blatantly* what you're doing. And if you want to cry about griefers, well, trolls are a form of griefer. so STOP IT.

I don't think so.

coco

Is that a "OH NOES I HATE LIBSL" post in disguise, or do you know of others?

I didn't intend for it to be in disguise.

I don't like the idea of some people getting the go-ahead to do what they like (regardless of the fact that it finds bugs), while others will be disciplined for it. And I most particularly don't like a God mode that allows people to track everyone on the map.

Though apparently that horse is out of the barn now. It wouldn't have been, however, were it not for a group of people given carte blanche to fool around with all of this, if I'm understanding it right.

coco

Hasn't SL always been about coming up with new ways to do things? The difference between the way the LibSL guys are working and the way certain other people work is that whenver the LibSL guys come with a new way to do something, they stop and ask, "what will happen if I do this?"

Rather than take the easy way out and say, "not my problem", and then release the code, the developers have been very conscientious about protecting the integrity of the Second Life system.

This approach is a far cry from the kind of thing that exploiters are doing.

These people have "carte blanche" because they've earned it. They've proven that they're willing to work with LL to the benefit of ALL of the users of Second Life. AFIK, the Lindens will be happy to see anybody coming up with innovations, as long as they're not using those things to exploit the system. And actually, I don't think they DO have carte blanche. If libSL were to suddenly become a tool for exploitation, I'm fairly confident that LL could break it very quickly. The commitment of these guys to be as upright and ethical as possible has impressed me. Judging from the comments on the mailing list, it's impressed some of the Lindens, too.

Try to keep an open mind. Look for the good instead of dwelling on the bad. You just might be surprised at what's just around the corner!

If Linden Lab takes steps to block libSL from certain access they must also deny those things from the official client.. Whe Linden Lab sees a libSL ability that they do not think should be available to a client, they can refine their client trust model. libSL brings the issues of client trust into the open and allows Linden Lab to see exactly what needs improvement.

There is no way to deny reverse engineering. They could only condemn it and try banning people, but they can't stop sending packets. Eventually there may be no way to tell the difference between a libSL based client and the real thing.

I think we all can agree that Linden Labs are sitting on a potential winner, if they play their hands right. All it takes is: Marketing and 3 technical changes

1) True internet size capable scalability of SL
2) Open communications protocols
3) Smoth integrated access to WWW from inside the SL client

1+3 is being worked on by the lindens

possibly libsl, can be seen as a means of means of doing 2, in a slow and controled fashion, sort of like testing the waters before taking the plunge.