theif application on the lose

Don`t you love these people Jesseaitui?

I swear second life is getting scummier each hour!

There are disclaimers and warning for buyers. This is to be put to good use. If you think your creations are stolen file a DMCA report.

I strongly suggest to file exploit reports (bug report, category exploit) as long as this exploit tool is sold by GeForce Go. At unusual hours if possible, to show it's urgent enough to wake up Brent in the middle of the night. This is just as bad as a full perm exploit, even worse, since it also fakes the creator name.

"This is to be put to good Use."

Shhure... and for everyone person who uses it legimtamtly (and puts their account on the line) then how many will use it for the wrong reasons?

I don't see any use for this program, its an exploit. One that strikes at one of the pillars of the Second Life content creation paradigm. If you start to remove one of the reasons (L$) to create content, then you will start to remove content from Second Life.

We do not need illegal apps which violate the TOS, cloning content, we need people creating NEW and INTERESTING content.


I see nothing useful about this program, and a lot wrong with it.



Just because something is possible, does not mean it should be done. Oppenhimer understood that well...

An exploit report could look like:

Full permission copy tool sold inworld

Steps to reproduce the bug:
- Purchase a copy of the CopyBot sold at Manitoba (39, 216, 65) by GeForce Go
Observed results:
- This third-party software can duplicate pretty much every prim attachment including textures. Hair, shoes, prim clothing of all sorts. It creates full permission copies with a changed creator name.
Expected results:
- Please take this product off the market ASAP and ban the creator / reseller. And please make an official statement about the illegality of this software which clearly violates the TOS.

Well this is dreadful. There's a host of people where it is being sold in SL.

GeForce is there doing the saleswoman act. You should be ashamed of yourself.

geForce- There are only a FEW who will put this to "good use"

its a pirating software so to speak, why pay for anything anymore when you dont have to? DUH!





Isthara- yes, but LL is not going to do anything about this. we know that from robins responses.



Does disabling scripts on land stop this from working?

Probably not, from what I've been hearing, the program is based around a packet sniffer. It sits alongside the SL client, and looks at what data is being sent to the client.

If that IS the case, then there is NOTHING you can do to stop the copying occuring. Turning off scripts on land won't help at all...

They will have to. If enough people shout loud enough for long enough, they will give in at some point. I mean, this is a no-brainer - a tool that creates full perm copies of copy protected content.

They gave in regarding the island price too, at least with a compromise solution. It just needs enough voices, enough AR's and exploit reports. If the whole customer base is upset, they'll have to change their policy.

I say it again, Blizzard managed to deal with packet-sniffing third party software, simply by having their game client scan for suspicious software activity. Many have called the WoW client spyware, but it's a legal step in order to protect their product.

It is not my fault if content creators who get their items stolen do not file a DMCA report. They DO and have worked. As I said, this tool can be used for good or bad. People who use it for the bad part, WILL be punished.

First of all hello to everyone at these forums, these are a tremendous resource for n00bs.

And as about this copybot.

Do you know Hattrick? It's an online football manager with over 500.000 users. And they have a very strict policy against cheating.

And I think this thing is cheating. DMCA or not, this is cheating and should be BANNED without question also anyone who is using it should be banned too, perm, no questions. (Would need a proclamation and few days to let people get rid of it.)

In Hattrick your team is permanently locked even if you use the same IP as another friend or just try to cheat some way and you can't make a reasonable explanation for it.

Lindens have every right and tool to make a more strict system, leaving well benigned users in a safer world.

I completely agree with you Ishtara, as I said WE cannot do anything about it, other than kick up a fess. Linden Labs can do something about it... at the moment, in the future, of course, the people using exploits could be running a custom client. Custom Clients are in development, from what I read.

In which case, no, the client will not scan for suspicious software.


If open source / 3rd party SL clients are being developed, then we need to start thinking of the Client as a Browser, like IE or Firefox. In which case LL will not have the ability to scan for other programs running on your machine...


This is a rather nasty can of worms, and clash of interests between the open source movement and commercial interests.

They can simply prevent any open source client from logging on. Only original clients are allowed to connect to the grid, it's that easy. SL has never been open source, it's a commercial 3D application offered and sold by Linden Lab.

They gave in to the open source idea without thinking it through, feeling flattered to get their own Netscape or Mozilla competitors just like the real web. Now they've seen where it led, experiment failed, enforce the TOS again please.

So you place protection of your virtual creations above privacy and discretionary power over your system?

Yes, I do. It doesn't keep 7 million users to log in and play WoW. As long as the client only scans for hacker applications, I don't mind that one single bit.

Ishtara, Depends where SL is going to grow really. Is it going to remain SL, or will it become the much hyped, and long awaited Web.3D (actually I think Croquet may take that title)

However at the end of the day, this is a growing pain that SL was always going to encounter. Its impossible to stop a determined coder creating a client that can spoof the server. Impossible. You can make it very very difficult to create a spoof client, but not impossible.

I work in the field of computer security, as a programmer I have to find ways to secure games, and in my field we understand it is impossible to secure a system or game. So we try to make it hard.

I dislike this copybot intensly, however in a werid way, if we can get past it, it may serve to improve SL. You know, that which does not kill SL makes it stronger.

What use is a DMCA order against users taking things for personal use ? All unscripted content has been rendered free for all with this tool.

I have no problem with the LibSL project but the creator of this tool should be punished & permabanned for using LibSL to create an illegitimate piece of software that is harmful to SL.

Of course it is going to remain SL. The 3D web is a nice dream. This is a niche MMOG with an implemented content creation and market solution, nothing more. LL finally needs to realize that and start to care about their customer base, as long as it lasts, i.e. until something better competes for the same niche.

I know, total security is impossible. But LL's attitude towards hacker applications is totally beyond my understanding. We can't do much, so we just declare it legal? We can't catch the thief, but we will work on ways for you to search for stolen content yourself? That's pretty pathetic if you ask me. At least they should show some effort. A clear "It's against the TOS, don't use it" would have been a start.

What good ? At best this might include copying ones own posessions.

Had this tool not been created by an acne ridden teenager imagining themselves to be some kind of coding genius instead of just plain retarded, they might have thought to have it check for things like permissions or ownership so it couldn't copy anything it shouldn't be able to. But no I guess they were either too lazy, stupid or ethically challenged to implement such safeguards.

As for selling it ? I'm speechless.

In a way Trusted computing is coming, just look at Vista and DVD’s. You can’t play DVD’s at full resolution unless you enable the trusted module where the hard drive is encrypted.

This of course will do nothing if the data stream is not encrypted. The only question is if LL will encrypt the entire stream or just the individual items.

Personally, I would like to see only the items encrypted if you don’t have full perms. This would allow SLProxy to cache items even if it is encrypted and it would allow it to see items that you have permission to.

---
I do make copies of other peoples items, but only when the creator won't fix something.

For example I bought a chair it's 50 prims!
It's also -mod and sometimes when you stand up you get stuck in it.

I am working on making a copy by setting lighting and taking snapshots in a green room.

When I am done it will be 10prims and be a much better item.

The next question is if I should sell my more valuable version.
FYI: value = use + looks - prim count

Edit: Under the DMCA if LL encrypts the data and someone publishes how to bypass the encryption, that person is guilty of a FELONY just for distributing the knowledge. No use or intent is needed. This means that LL can use simple fixed key encryption and just change the key on each update.

Ishtara.
It is understandable, they are not only working with LibSL, but some Linden Labs employee's are members of LibSL with LL permission.

I think the following is occuring:

We know Linden Labs is a small outfit (40>50 employees)
LL want to develop the application beyond its current remit, (LL often wishes to have a server solution that can be run on customer owned server arrays)
They have often admited they are too small to achieve this, they do not have the financies.

Now there is an open source group, working for free, supported by LL. I suspect the LibSL is a 'wing' of LL, that is working to extend the Second Life architecture. One of LibSL's stated aims is to develop server software.

Frankly reading between the lines Philip is making a beeline towards Web3D, the first company to get there will rake it in on the ownership of the Web3d protocols. Philip knows his "Snowcrash", and I suspect he wants to be "Black Sun", the owners of the Street Protocol...

While you're at it go check out the thriving WoW botting community at http://forums.wowglider.com/ that know how much of a joke Blizzard's client-side security is.

I just came over to your little crowbar and lock-pick store and I didn't hear one solid argument for anything other than underhand use. If you are so keen on giving people the option of being able to copy stuff they have purchased and 'back up', I assume that this tool itself will be offered with full perms so we can 'back up' the 'back up' tool? After all, if someone starts selling your tool, you can always file a DMCA.

Additionally it should have been coded to copy only objects with copy permissions and owned by the person in question. Had the creation of this tool been legitimate this would have been the case.

I sincerely hope Mr GeForce is given an extended if not permenant vacation from SL.