Vote Now: Stop Libsecondlife

I agree LibSL should go. Its far too dangerous in its current form.
Also certain things should be made virtually impossible for it (or any other hacker) through encryption.

SL should:
1. Encrypt all data between server and client
2. Encrypt everything stored on the clients hard disc
3. With each 2 weekly wednesday release change the encryption codes so only the new client can decode the information. Also with each release wipe the disk cash as the old one is now redundant as it used the old encryption.
4. Not disclose the encryption codes to LibSL or anyone else.

By constantly changeing the encryption codes it will be hard for the reverse engineerers to keep up. I also recommend moving in the executable file where the encryption is stored so they cannot use that to help them crack the encryption.

Putting simple disclaimers is a complete waste of time, because it's clear that they weren't followed - just like 'please don't use the ability to self replicate in a gridcrashing way'.

Lewis

Here's a tool designed to steal content. Please don't steal content !

I thought programmers were rationalists, but these mantras are starting to sound like the stuff of religion. Say it enough times and you too will believe it makes sense!

Are we back to the self-rep code? Should everybody that used LSL to code be banned because they could potentially make self-rep code? Meh.

Lewis & CJ, please do not ever have any knives in your hands because I don't want you to cut yourself or anybody else. Knives are made sharp, and sharp objects cut.

there is no nead for an open source client. lock the client down, and install some anti hacking software to prevent unauthorized clients from accessing the grid.
if you need libsl's help with programing issues, then hire them to work on the 1 and only authorized sl client.
every other online game has anti hacking protection i.e. punkbuster/md5 checking...
and to think there is even real money at stake in sl.
i know it's not perfect but its better than opening up the client and saying do whatever you want, unless it is bad.

Why?
Because they can exploit bugs which would be detected by work of the libsl guys. Those can be fixed, undetected ones cannot.

That's why it needs support. Copying was not enabled by libsl but is immanent to the system.

More explanation can be found here: http://taotakashi.wordpress.com/2006/11/15/the-copybot-controversy

CopyBot ruined my life and ate my babies.

MM

Next let's burn down the observatory, so those techiwikinista scientists can never threaten us with an oncomming meteor!

CopyBot copied my mom and kicked my dog. :/

This really isn't enough. After all the very base of libsecondlife was developed decoding the datastream from and to the client. This could be done from a separate process-space, for example a second computer. So we should by all means heavily encrypt the datastream. The client caches data on the harddisk that can be analysed with appropriate tools, so this should be encrypted too.

It is possible to trace the executionflow of a client with debugging tools. This bears the danger of reverse engineering the encyrption method and finding the key. .... hmmm...

You know? The best method to prevent any possible danger would really be not to allow running something vulnerable like the SL-client. I propose to shut Second Life down to prevent unauthorized use of your creations.

This will solve the problem once and for all.

It's much easier to conjure and beat down the "oh you must be open source hater!" strawman than admit in this particular case handing everyone and their monkey ready-to-use tools to replicate content the built-in permissions be damned... was reckless, isn't it?

When I went to vote on the proposal, I had a laugh at the two proposals to give free unverified users a weekly stipend of L$. What cheapskates! Either buy your L$ or earn your L$ like the rest of us honest SLers!

Sorry about being OT, but I had to make that observation.

So, LibSL is a company? Do they have a consulting contract with LL then? Are they under an NDA?

Ooops, nope. They are a privileged group of residents that have been bestowed exemptions to certain portions of the TOS because LL thinks they are oh so precociously clever! Either that, or LL sees a cheap way to avoid having to hire a team to do this type of work internally, like almost ever other developer does...

Agreed and after all the fervour i went to read the libSL forums at

http://www.libsecondlife.org/forums/

It makes interesting reading and shows in the God Mode thread that they are driven by making money on the side, well thats the impression it gave me

http://www.libsecondlife.org/forums/viewtopic.php?t=15

Make of it what you will but money sure seems to be in the background with what they can make out of their hacks. Go figure

Oh, god, I'm going to be laughing all day. You can't really be this stupid, can you?
EDIT: Apparently, you can. Same asshat who's been trolling the blog for weeks.

So, gee... Let's take an objective example of this...

Internet Explorer 7 versus Firefox 1.5.0.8
Firefox flaw discovered, fixed in 6 hours.
Internet Explorer 7 flaw found...
...
...
.
..
Um... Well, I think I'm going to be here for a while. At least about 6 weeks.

Example Two...
http://www.truecrypt.org/

Open source encryption software.

Prove this does not steal your data.
On the other hand -- prove it DOES steal your data.

Oh, and Lindens: I've got a couple alternate accounts... How can I use them to vote AGAINST this? Can you just add -160 votes to the total? *G*

Speaking of strawman arguments, way to pick apart semantics rather than the argument being made.

A modest proposal?

Well written, very well written.

Persons who don't know what a straw man fallacy is shouldn't invoke the phrase. They should stick to making hyperbolic analogies about observatories and meteors.

There, now you know what one is. You're welcome.

omg, did you just start an IE7 vs firefox debate. everyone knows IE7 is better and opera is the best.

i still see no reason for an open source sl client

It would seem quite clear that you do not, either, making that a pretty odd response.

Those who do make games or write software for a living have spoken out about the very real difficulties in stopping libsl, and you attack them for it. Whatever, plug your ears and shout that they are wrong, and be happy in your stubborn ignorance.

Affording them "company" status when in reality they are simply an SL group of folks bestowed special exemptions by LL, so one can draw analogies to virus checker developers is really reaching. I'd go as far to call it fallacious.

It's not semantics for me to point out that they are not a company, its central to his argument, and it's simply incorrect. I didn't misrepresent his position, I addressed it head on. Sorry to burst your bubble, but those the facts - you're misapplying the terminology. He paints them as a company so that he can draw an analogy. I deconstructed it by pointing out that they are not a company and now I am adding that they are not an antivurus software firm.

Furthermore, virus checker developers don't make available to the general public the vulnerabilities they find in Windows or other operating systems. It's an invalid analogy both because because LibSL is not a company and they are not in the virus protection business.

In fact, my stance has been that they should become a company, and LL should make this thing legit by contracting with them and put them under an NDA. either that, or hire some of them and then cut off ties to them as a resident group.

By the way, your claim that you knew what a straw man is would have been a lot more convincing if you could have told me what one is without Googling (or Wikiing) a definition up, and then not atrributing your source on top of it.

Oh well, I look forward to more outlandish analogies from your camp to try and make those who are concerned about LL, LibSL, and CopyBot look like idiots. Talk about logical fallicies!

While we're at it, let's round up all the witches and burn them at the stake!

BTW, you're breaking the TOS by even starting this thread, starting polls about a certain group...

Read it here



AR'd!

Sally... you rock.

Sunspot, Dzonatas Sol pointed out that LibLSL is pretty much out in the open about what they do. They have an open chatroom, forums anyone can read, a website anyone can peruse. Basically, they're not hiding what they do over there. If they find a hole in SL, theyaren't keeping it under wraps and exploiting it soley by themselves with little hope of the hole getting fixed anytime soon because no one knows of it. Heck, people from LL work with LibLSL, so LL knows pretty much everything LibLSL does.

You replied by attacking the wording of the response, specifically the word 'company'. Perhaps not the best word to use. "Group", or "loose association of individuals", would have fit better. You leapt on that, and made it an argument in itself. An argument that did not even exist until you created it. And you won that argument soley on the fact that LibLSL is not a company. Wow, fancy that. Congratulations, you won the argument!

However, despite what you say, LibLSL being a "company" was not central to the argument. If I made a mistake in calling your argument a "strawman" then my mistake was in assuming you realized this.



Ye Gods, "strawman argument" is a common term, used pretty much daily these days by almost anyone who reads a newspaper or watches the news. This in itself seems like another misleading argument by you, trying to deflate what I'm saying by bringing up meaningless little argument over the definition of the term "strawman arguement".



And what exactly is "my camp"? You're making assumptions here. My position on this "copybot" issue is simply that there is a lack of reasonable discourse. Instead, there's a lot of kneejerk reactions, and misleading arguments such as your own.