Trojans

This I post in my blog today, wanna have some feedback about it.

http://david.secondlifekid.com/2009/07/14/trojans/

If you don't want to follow link, it is just about the posibility of having bad scripts hiding in freebies and so.

Considering that only the human brain interprets any difference between a "rude" animation and an animation of you licking the ice cream, to use your example, any "scanning system" would not be able to perceive the difference. It would just show that the script contained an animation command.

Something like listening on channel 0 could raise a red flag for chat logging, but it would be very easy to camouflage by including some command words in your "cool script". Gods know, we've seen enough of those AO on/AO off commands spoken out loud.

Bottom line is, those who would fall victim to a trojan in the first place would likely not gain any useful information by seeing which actions the script potentially could perform.
As with all software distributed that way, reputation is everything. Do you trust that the creator has enough reason not to ruin their reputation?

(un)related question: how many of you guys here use the built-in spellchecker in firefox?

::grins:: I do (usually)

conceptually, active trojans malware really only threatens land/estate owners, or more specifically others on their land. and anything can simply be muted/deleted after it takes effect with little real world consequence.

(well except chat loggers, which you wouldn't know to delete, but one should assume that just like real life, a microphone could be anywhere, so don't say things in public chat you can't support later)

That assumes people use Firefox

Yes. This HAS been happening lately. Griefers have gotten "clever" and have handed out freebies to residents in sandboxes that'll rez their spammers and self-replicators and such. Suddenly you'll be minding your own business, building in the sandbox, and there'll be a thousand obscene particle-emitting self-replicators in the sim, all owned by YOU.

So yes, be careful what you accept, and particularly what you rez or wear. Make sure the person you get it from (not just the creator) is someone you trust (and not just trust as a friend or whatever, but trust to be just as careful as you are in this regard), or that the whole thing (every script in every prim, plus likewise for objects in prim inventories that might be rezzed by those scripts) is open-source and you can verify it doesn't contain any nasties; or have a competent scripter whom you trust do so. Or (if you have modify permissions) remove all the scripts from each prim that you CAN'T verify or trust in such a way.

You obviously don't have to be AS careful about commercial products from established content creators. If they start handing out bad merchandise, they're going to pay for it in no time. Accountability.

/me starts singing..

Trojan Script! Trojan Scriiiiipt!!

I do, but for some darn reason it only likes British English spelling, even though I have installed the US English dictionary AND have 'en-us' selected as my language. So I have to ignore its suggestions more than I'd like and use a secondary spell checker when I care and it makes me doubt.

The most serious threat that doesn't involve accepting a popup you should be smart enough not to accept are the ones that, if you have permission to terraform, raise the land level, causing all underground objects to be returned to inventory.

So, when testing freebies, make sure you're not where you can terraform!

I was expecting scripted subjects of Priam...

I don't agree with that, the developer of the scanner needs to be smart to make the scanner detects that something is odd about the script. That is the reason why there is an antivirus industry out there, couse the scanner can diference between good and bad program. There are also certify softwares, and trusted companies... thinks that are not really that implemented in SL.

For me things are as simple as this: if it doen't looks rigth, big changes are that it is wrong.

For example a script in 1 prim of a 100 prims linkset of a flexyhair. Or ready know scripts (like the open door) that are bloked to read them. That kind of thinks are really spoky. As a scripter the most I can do is scann the object in all its prims and list sripts whit their privilegies.

Other point to have in mind is that once the script is running in a prim, you can delete the script and it still running on the prim, so far I don't know a way to find out if a script is running in a prims after the script was deleted (exept if I see the script working, for example change texture or some like that).



Many of the users expect the others to respet their privacy in the fashion way they understand what is and is not "privacy". You maybe think that watever is say in public chat is public and somehow OK for other to monitor it, some people can't agree with it.

Going to talk about some script I made that basically tells me the times the people I target connets. My idea was to find out at what time my friends connect so i can connect at same times to find them, so I builded a database of logs of what days of the week, what times of the day and for how long they connected. Chances are that I can chat againg with a friend I have not see in some days . This is public information, to see if someone is loged in or out. However some of my friend feel litle intimidated for the script, and their privacy. By the way, there is a script arround SL that list all the Lindens that are connected at that moment

Ones againg, you don't have idea what other people is doing with your key, you can't control your key or prevent others to use it as they please. Of course there are limits in what a script can or can't do, for some people it is just much more than what they would like it.

For me it is ok if my friends try to profile my times of logging in, for, some people it is just not ok. It would not be OK if I find out that in my hair is a radar script that tells other who I am hanging out with, + a LM copier that tells where, + a chat logger... and so on... for the scripter can be just a way to know that in the friends list is only good people.



Good advice, after that makes sure to recompile scripts on object or run one of those scripts that cancel all the things other scripts does (a script keeps running even after you delete it). Then you will find out how much you nedded or wanted that object working. There are some of my scripts that i don't really fell like giving them away in open source. So it is back to protecting the creation of the scripter and making safe enviroment for user.


There is always good idea to use someones else sandbox to test freebies. The worse ting that can happend to you is just get banned from there, but hey, there is lots of sandboxes you can go to

What do you think about a nasty thing that is not scripted to atact on rez but on time?, for example for a hollyday, it can be monts until you find out that there were something terrible wrong whit something... you can decore your living room with a lamp, today, and have your terraform done for thanks givings. I am pretty sure people will never suspect of an object that have being rez in their houses for monts. Especially after "testing" it in a sandbox.

Personally i have not played with terraforming scripts, yet, but it sorprice me that a script that can terraform doesn't have some kind of pop up warning or something as the money script have.



Funny you. Unrelated answer: my mother lenguage is not English.

Unrelated fact: I play a 5 yo boy in SL, just pretend it is baby talk and I am in character mode

I think you misunderstood my point... I don't condone the practice, any more than I do the real world equivalent. but realistically I know that it happens, and the safest, simplest, and most cost effective practice is to use private lines of communication when you want privacy....

and in reality you aren't guaranteed any privacy from LL, who in the past has stated that they can and do monitor peoples chat AND IM's. add to that the fact that what you are proposing would need to run on the server, which LL is unlikely to implement because of the cost in processing power to actively check all scripts, and the cost in time, money, and manpower to field problems from users that made something innocent that sets it off, and the possible PR repercussions...

I'm not saying it's a bad concept, just that given the current system it'd cheaper for LL to just suggest residents take commonsense precautions.

I think you missed the point, unless you're talking about building an AI/Expert system which can voice recognize and cross-reference samples with known "bad words" and recognize human (and inhuman) motions as "benign" or "offensive", but then we are way, way out of any realistic scope.
The point is, almost all "dangerous" commands are perfectly normal commands which just happen to use parameters we as humans perceive as *socially* unwanted. There is no practical way you can have a computer known about this social context.

You could make a case for rezzing and terraforming, since they are fairly specialized. A scanner could recognize those commands and warn that the script included them, and the user could then decide whether that was expected and trusted. But pretty much any other command would be so common as to not raise suspicion. Who'd deny animation permission to your new smile attachment on the off-chance that some day it may make you flip your grandmother the bird?

I think you need to differentiate between technical cases, and the social cases your original blog post was almost all about. You can catch some specialized cases of the former, but the latter can't realistically be controlled programmatically.


A world of no. Whatever gave you that idea??

With the exception of a recent hard-to-reproduce bug (which may simply be showing things in the Top Scripts window rather than having scripts continue to have effect), scripts do NOT run after they are deleted.

I think what he means is that the results of a script that has been deleted are still evident in the prim i.e. hovertext, etc.

Ah. I see. Yeah, obnoxious particles and sounds particularly can continue to be annoying after active script control. If you can delete scripts though, you can also add them. So particles, sounds, and hovertext should be easy to remedy. Effects with real damage potential, such as rezzing and terraforming, will be nullified by deleting the scripts that do them, too.

Sounds like he could use a scrubber.

Sorry David, but no. I'll try to use short words.

Antivirus programs for the most part recognize ALREADY DETECTED viruses that the antivirus program companies have figured out how to recognize -- not by what they do, but by some bit of stuff they find inside them (a sequence of numbers, for example).

They can also use "hueristics" and detect sequences of the "kinds of things" that malware (bad programs) tend to do. Unfortunately, this takes exhaustive data collection (of actual malware) and analysis (by highly compentent staff).

Protection software can check for the kinds of things a program is doing; for example, Cisco's Security Agent can tell when a program is executing machine code from a variable buffer. It can do this only because it installs itself into your operating system.

Unfortunately, LSL scripts can't do this kind of thing. Only LL could do this, on the servers, and I doubt there's a big enough profit incentive for them to invest the nontrivial resources the task would require.

Finally, there is no way for a script to "scan the scripts in an object". The best a script can do is to find the *names* of scripts in an object. We can't even begin to guess at what the code in those scripts is or might do. Now, a programmer who wanted to add this feature to the SL Viewr could add code to scan all the modifiable scripts in an object. But that would be of little use, because (a) griefers would be sure to make their scripts no-mod, and (b)

... drum roll ...

It's REALLY hard to tell what any program is doing by inspecting it with another program.

The best one can do is, as I mentioned above, using comprehensive data collection and analysis, come up with signatures and hueristics to help identify suspicious software. So, who's going to fund this?

Yeah, Lear's got it in a nutshell. What's more, viruses and other malware are pretty clearly distinguished by what they DO, and often by some very specific contexts in which they do them (e.g. "key logging" is done by just about any program that accepts keyboard input, but if it's done by a program that doesn't have the active focus, or by a script installed in a pretty special purpose program...). No anti-virus program is going to protect you against a program that pops up a vile and sickening image on its splash screen instead of a cute, cuddly one. Likewise, there's going to be no automatic way to distinguish between a particle generator that places flowers on a lawn and one that rains down the most stomach turning bigoted imagery on the Grid.

There are plenty of other examples. Just about any valid SL feature that can be used for griefing can also be used for creative applications, or else that feature wouldn't exist. For the same reason, automatic detection of all "bad" scripts is not likely to happen. However, things do get better slowly. Features do continue to evolve into constructs that help protect good-intentioned residents. There was a time before the, "Gray Goo Fence," for example.