The Hardware Hash

A new anti-griefing measure being implemented is a hash of a variety of data about a user's hardware. I wonder how this hash will be implemented in Windows vs. Linux. Can Windows and Linux return the same data in the same format? Will the Linux client report a different hash than the Windows client? What about the Mac version, for that matter? Have there been any reports regarding what information, specifically, goes into this hash?

Any thoughts?

What about folks who run SL in a virtual environment where SL can't directly touch the hardware, or a chroot/linux32 etc sort of way? Will these report hardware in the same way, for such a measure there will always be ways around it sadly.

It would be most important that this hash information does not become something worth stealing, much like an identity.

I don't see why the format would be any different (it's just a digest) but I have doubts that the same hash would be returned for the same box running win32 vs Linux - depends what's in the hash and whether this data is all equally available from Linux. I'm guessing that the major OS version is part of the hash, but maybe it really is strictly a hardware hash, perhaps just the MAC address mixed with the CPU serial number where available (neither of which have reliable APIs for extraction under Linux, AFAIK!).
No, and I can't see it being in LL's best interests to disclose this outright.
It seems like a good idea. It's fairly watertight in principle for the casual griefer. It's sad that it's an altbuster, but that's really the point, and this is data that just goes to LL who utterly own us in that respect...

It's in fact so watertight that you need a whole ten minutes to write a proxy that sends random hardware IDs on startup

Microsft's is good enough, that when I upgraded my motherboard, Windows XP refused to start. And phoning them (after the online stuff to re-register XP failed), got me a grilling as to how many computers I was installing XP on.

Thank heavens that their hardware hashing works so well! It makes me feel SO good, that I have a legal copy of Windows. I think that is part of the Genuine Advantage - to make me feel good, as a paying Windows User

I can only hope Secondlife is equally thorough and effective with its hardware hash I would LOVE to get the same good feelings when I phone LL to get my account unlocked, when it is locked based on Hardware Hashing

*laughs hard* very good, Angel! Love you!

Sorry for the confusion. I was referring to the data that it hashes, not the hash itself


Which is kinda what I was asking... if they use information Linux can't access easily, or returns in a radically different format, then switching OS changes the hash... no need to buy new hardware.

And what about running under wine? I bet a lot of the win32 API that returns low-level hardware info hasn't been implemented yet. Will SL crap out if it can't successfully create the hash?

Which brings up another concern: I certainly hope they don't plan to lock us to 1 hash per account. That would be far too Microsofty of them. I play SL on a variety of machines, depending on where I am. If a griefer does the same, and his account(s) get locked, do any accounts that use that machine also get locked? What if I let someone play SL on one of my machines, and they get banned? Am I banned, because LL might suspect we're the same person? Interesting possibilities. It makes me wonder just how useful this hash is to begin with.

Someone, please, refute my concerns.


ifconfig will show you the mac address of any ethernet device, I believe. But the mac can be changed pretty trivially.

[QUOTENo, and I can't see it being in LL's best interests to disclose this outright.[/QUOTE]
Good point. Just wondering if they had.


Err... see Zi's post.

Allow me to re-embolden:
'It seems like a good idea. It's fairly watertight in principle for the casual griefer.' (I look forward to seeing the ten-minute result of Zi's proxy work for the code/protocol change that no-one has yet seen, anyway )

The change has already been seen and disclosed here:

/108/d0/116987/1.html#post1115680

So it should be fairly easy to create a proxy which does nothing but replace those two ids with randomly calculated hashes.

The point of mapping users to a hardware address isn't to restrict or watch typical players. It is it map out who is causing a problem, there is no real reason for anyone who hasn't broken any rules to hide a hardware address or such. Either way, since you have connected to SL servers they can aquire your mac address otherways outside the SL client. To be part of a network you have to have a proper identify address, no one knows who you are if you change your name constantly; speaking of which that is what the greifers do, nailing them down with a name that sticks will be difficult.

This is a tool to protect legit users, it is important to find the flaws in it and fix them as well as helping its enforcement as it will help everyone who wants to have a good time playing nicely in SL.

I smell Bush Administration Logic! "If you're not a terrrrist, you should have nothing to hide.
And MAC addresses aren't that easy to aquire unless you're on the same LAN, but ARE easy to change.

Start spoofing addresses you might get someone elses. MAC addresses are issued to hardware makers so that addresses can be coupled with specific venders. You could with time randomly spoof someone elses address. All this will do is have LL either come up with a new way to get your hardware address, ban you for violating a security measure(maybe/maybe not) or come back at the users and not do as much or anything about stopping greifers.

Rights and privacy are different when you are connecting to someone elses network. They can ask for info to grant access, it's a good way to make note of who is who so that later they can easily seperate who causes trouble and who doesn't.

I'd imagine that these addresses will be stored, so someone who keeps randomly generating will have quite a list. Possibly you can choose one address, but there is always a chance someone else will randomly generate the same one, or that someone will purchase hardware with that address.

MAC addresses don't have to be universally unique to work in the way intended. Usually, a MAC address only matters within 1 hop, so beyond that unique addresses aren't *required* (as long as no single ARP table has duplicate entries, you should be fine).

As for getting another SL user's MAC, it'd take a while. There are, what, 300,000 user accounts? There are roughly 280,000,000,000,000 (that's ~ 16^12) unique MAC addresses. The chances of a collision are infinitesimally small.

Of course, that could be skewed depending on *how* MAC addresses are actually assigned. If there's a discernable pattern, you could easily pick a MAC within a range you know is likely to collide, increasing the chance of colliding with another SL user.

I remember when I dual booted, Windows repeatedly changed my MAC address to random values. I'd run Linux for weeks, reboot a couple times. Reboot to Windows for a LAN party, and when I boot back, different MAC. Don't know what was up with that.