hardware hash bans?

It just occurred to me.

People who like to have custom built PCs (such as myself) will have a unique (or almost so) hardware hash. However...

The majority of computer assembly/retail companies like to build standard computer designs with identical hardware, then give teh assembled product some fancy name. And logic would dictate that as long as no bits of hardare have been added to or removed from that machine, all such brand name machines would therefore have an identical hardware hash.

Am I missing something important here in how hardware hashes are derived? At first glance it would appear to be a rather poor quality way to control bans from one person.

The hardware itself has a unique serial that is different from other hardware of the same model.

I'm pretty sure it grabs serial numbers from hardware that have such avaliable. Such serials tend to be unique on hardware, regardless if their the same model. Now, what I worry about, is libsecondlife. I already read a post noting that they have now made mac addresses no longer send, but whats to prevent them from figuring out someone elses hardware hash and sending that instead of the one for their actual machine?

My guess is hardware hash probably uses a bunch of unique serial numbers between systems -- HD serial #, CPUID, MAC address, and so on.

Even on stock systems, these will all be unique.

Excuse me if I don't want details of my computer's innards sent to some anonymous person somewhere ...

Don't surf the internet then.

Better uninstall Microsoft Windows. This is the method they use everytime someone installs Windows XP

It's really not like that. Think of it like the VIN number on your car. When you sign with a new insurance company, you give them the VIN number. That doesn't suddenly give them the ability to start your engine and drive your car away with a remote control. They can't see what you keep in your glove box. It gives them nothing but an ability to identify which car is yours.

EDIT: At least, that's my understanding.

I already use, erm, Mac OS X.

Same deal. Having someones serial number doesn't mean dillies. They can't do anything to you, only restrict access from you to them if they so choose. It's just another way of them being able to identify you, as people can just change their IP to avoid being restricted to a service like SL. Really, you have more reason to worry about your IP {as it's relatively easy to get, and there's alot more you can do with it}.

ok, so its based on serial numbers that are unique to each individual device rather than the make and model number. I suppose it's still mathematically possible for two computers to have identical hashes, but only on the Shakespearean monkey principle. I'm satisfied anyway.

Yes. All network interface cards have a unique MAC address. While one can change that by installing a new network card, that requires spending money for new computer hardware. Proxies and routers can spoof that from passive sensing, but would not prevent an application like the SL client from detecting and sending the real one. And if they also sense other factors, like IP address or motherboard serial number, then changing only one factor while banned should be detected, and should remain locked out. An Ip address can be changed too, but again, if they detect several factors and return several hashes, they could still detect attempts to bypass it.

We will see...


Oh, and 'MAC address' has nothing to do with the Macintosh operating system. Macintosh computers, Windows PC's, UNIX and LINUX systems... they all have a MAC address for their network interface.

Depends on the hashing algorithm. It's a simple matter to design one where no two will have the same hash. The motherboard code alone is enough since no manufacturer would reuse a serial number and no two manufacturer's codes would be the same. Merge the two and you can create unique hashes.

As of now, the id0 hadware hash field is optional. libsecondlife developers have determined that you could MD5 up a random set of numbers and send it to LL and they'd never know the diffrence. Thus the hardware hashing scheme is easily foiled.

Don't forget that the CPU will spit out an identifying number at-will. This was discussed at length years and years ago when Intel first implemented this.

So basically, unless you work in a computer lap and can swap parts/machines at will, if you get your hardware banned, you are done-for.

Lets just hope the false positives are *very very very* low and there is a procedure to petition should you get banned and you really didn't do anything wrong.

I thought it was only Intel that implemented this ID on CPUs?

You can turn off CPUID support in every BIOS I've come across. It's also possible to mess with the id0 field if you're clever enough (for example, you have the means to implement such a thing with libsecondlife.)

What LL really needs to do is give residents enough control over their own experience that it just doesn't matter that much who comes back after being permabanned. If I can set a switch or two in my client that makes it impossible for you to push me (or my plane ) with physical objects or with llPushObject(), or spam me with sounds/chat (and the Mute function is already halfway there), then you might as well not exist for all I care.

Seriously, the current methods of handling abuse are like trying to extract drinkable water from the ocean (by removing salt) when all you have to do is get it from a freshwater lake instead. Let people do just about anything and then maybe two weeks later they'll get a nasty warning? No thanks. Just give us enough control over our own experience and we can deal with it by making it impossible in the first place.

@Huns

That's exactly where I drive at.

A great majority think (wrongly) that account verification is the end to the griefing problem. It's not. If account verification were to end griefing, then how was it that I got griefed so often when account verification was there in full? I dare any account-verification-will-kill-griefing advocate to answer that.

Admittedly verification will reduce the number of griefers, but will also reduce some other good potentials. We will lose new designers, new builders, new artists ... many of whom are people with no means at all to get accounts verified.

The real solution is in well-designed anti-grief tools.

Long ago I mentioned that we really need to control who gets pushed by whom and when. NOTHING has been done in this sector yet so I really hope the announced option that has external Pushes blocked by a parcel owner really comes to light. That is nowhere near a complete solution, but it is part of a good solution.

Until things like that get implemented, NOTHING short of shutting down SL or totally removing Push functions will stop griefing ... not enforcement, not registration, not machineIDs.

You know what gets my goat? The fact that I used to get pushed around, sent home, griefed even when it was still $9.99 US just to join with a basic account. It's not a technical problem, no amount of tinkering with the settings will stop it, it's a cultural issue. Some people will always get pleasure from spoiling other peoples' game, it used to happen in the school playground and it carries on here.

How about LL using more carrot and less stick when it comes to dealing with these muppets? Banning them doesn't work - they'll always find a way to sneak back in, even if it's a few months later when they buy a new PC, so why not incentivise positive behaviour instead?

Networking-wise, MACs are used for host-to-host communication on the same segment. That means that when your packet goes through a router, as in say, A -> B -> C, it goes like this:

Host A finds B's MAC, and sends the ethernet packet there. Host B finds C's MAC, and sends the packet there. At this point the source of the packet is B's MAC, not A's.

What I mean here is that there's no spoofing needed anywhere, as by design, your MAC is only visible inside your own network. The ability of a program to get the local MAC and send that data over the network is not related to this.

Additionally, the MAC can be changed with software, buying new hardware isn't needed (not that it's expensive anyway, NICs are dirt cheap). There are multiple Windows tools for it, some provided by the card manufacturer, and in Linux it can be done with the standard ifconfig(1) command.



Yeah, many things can be done, but for bans, I'd say such things are not all that useful. Doing all these checksums works quite well when you want to lock software to hardware (make software refuse to work if disk is moved to another machine, for example). But while in the first case you really want your hash to stay the same, under the ban scheme there's no reason not to have all that data change constantly.

The MAC can be easily changed, and CPUID is disabled on current CPUs. Under Linux it's the user who has full control of the OS and could easily patch it to lie about the info, and it's easy enough to write a kernel module to modify the value sent in the packet (there's an IRC module that rewrites the IP address used for DCC requests, for example).

Such approaches are simply a nuisance to a determined person. The only way to effectively ban somebody is force them to provide data they can't change at will, such as a credit card number, or static IP address (unfortunately there are far too many dynamic ones, IPv6 should fix that)

Conceptually that's good, and has proven effective when properly implemented.

Have any ideas that might work?

The proposals to selectively disable Push effects are not exactly either carrot or stick. They're about making griefing either impossible (so no need for stick) and boring.

Then again making it boring is like the bigget possible stick. Boredom with griefing is the most painful thing a griefer can get. His joy is derived from griefing and if that joy simply can't be had, it hurts more than a ban.

I can login to my internet bank and simply click a button to get a new card with a new CC number in my mail within a couple days. It's probably possible to get around static IPs with something like Tor. It will never be possible to reliably ban a person, but the hardware hash is still something many users won't figure out how to change.

For passive sensing of a MAC address, you are absolutely correct. I have a router on my home network, and an external computer on another subnet can only detect the MAC address of that router...

However... An application that runs locally on my computer is perfectly capable of detecting my real MAC address, and can spew that out as a pre-hashed code as part of the data stream that it sends out through the router. That is what LL is doing now when the SL client software is active. Changing your router's MAC address won't change what the local app is capable of sending detecting and sending via other means.

So unless you want to write a proxy filter app that intercepts all the data traffic from your SL client app and filters it, in real time... Changing the MAC address on your router would have as much effect as changing the numbers painted on your mailbox, when there is someone inside the house sending out letters and phone calls telling people what the actual address is and how to get there.

BTW - My Player is a professional Computer Scientist with over 30 years work experience - Macintosh, Windows and UNIX, both hardware and software. I'm not saying that the new system is impossible to spoof. Heck, a determined circuit freak could easily make a custom machine that changes such data every 5 seconds. But the average idiot who gets his jollies by trashing other people's fun can get locked out fairly easily.

I will also agree with the other posters who have indicated that banning after the fact doesn't eliminate griefing. Better controls, for individuals as well as for land owners, are what is needed. Like the ability to set a flag at the start of a logged in session that says "I'm opting out of push/damage, and can neither be harmed by such nor harm others by these methods while this is in effect." - and making that actually WORK. I would imagine that the popularity of shooting people for fun in unapproved areas would decline greatly if others were immune to the effects.

Here's your proxy:

ifconfig eth0 down
ifconfig eth0 hw ether AB:CD:EF:12:34:56
ifconfig eth0 up

Standard Linux command, installed on pretty much every Linux system in existence.



*points up* circuits are completely irrelevant here. This is about local data, which doesn't even require any sort of hardware to actually exist (say, my vmware machine has a MAC address, and I can change that in the config dialog)

Uhm...please tell me they aren't banning cornedbeef hash as well!