Chat log from the meeting on 2024-02-27

From OpenSimulator

Revision as of 13:07, 27 February 2024 by Tampa (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
[12:00 PM PT]  Ubit Umarov: welcome :)
[12:01 PM PT]  Ubit Umarov: in code changed department, this week we had a few code contributions to ossl, via github pull requests, that i accepted then change.. ofc
[12:02 PM PT]  Motoko.Karu sounds like my manager... lol
[12:02 PM PT]  Ubit Umarov: that code is mostly untested ( by me at least)
[12:03 PM PT]  Gavin.Hird how do we test it?
[12:03 PM PT]  Vincent.Sylvester Wait for someone to complain on mantis
[12:03 PM PT]  Ubit Umarov: painful test scripts :)
[12:03 PM PT]  Gavin.Hird :-)
[12:03 PM PT]  Vincent.Sylvester Then fix what's broken hehe
[12:03 PM PT]  Cuga.Rajal *waves to MisterBlue
[12:03 PM PT]  Cuga.Rajal hi all
[12:04 PM PT]  Vincent.Sylvester It's pretty simple additions that are unlikely to cause much trouble
[12:04 PM PT]  Ubit Umarov: ( xshh vincent.Sylvester dont reveal out tactics..
[12:04 PM PT]  Web Rain: Hi there :)
[12:04 PM PT]  Orbert.Tatham Interesting - both approaches in one paragraph - real world and "the right way"
[12:04 PM PT]  Lyr Lobo: hehe
[12:04 PM PT]  Lyr Lobo: hello and welcome!
[12:04 PM PT]  Ubit Umarov: the new funtiuons are also missing from wiki..
[12:04 PM PT]  Motoko.Karu ^_^
[12:04 PM PT]  Vincent.Sylvester Some, but the inventory stuff has been added
[12:05 PM PT]  Ubit Umarov: ok found a list :)
[12:05 PM PT]  Vincent.Sylvester The encryption stuff is not no
[12:05 PM PT]  Ubit Umarov: dd functions:

    osGiveLinkInventory(integer linkNumber, key destination, string inventory) Give an item located in a child prim inventory.

    osGetInventoryNames(integer type) Return a list of items names by type (or INVENTORY_ALL) located in the prim inventory.

    osGetLinkInventoryNames(integer linkNumber, integer type) Return a list of items names by type (or INVENTORY_ALL) located in a child prim inventory.

    osGetInventoryKeys(integer type) Return a list of the items UUIDs by type (or INVENTORY_ALL) located in the prim inventory.

    osGetLinkInventoryKeys(integer linkNumber, integer type) Return a list of the items UUIDs by type (or INVENTORY_ALL) located in a child prim inventory.

    osGetLinkInventoryKey(integer linkNumber, string name) Return the UUID of the specified item name located in a child prim inventory.

    osGetLinkInventoryDesc(integer linkNumber, string itemNameorid) Return the description of an item located in a child prim inventory.

[12:05 PM PT]  Ubit Umarov:  linkNumber, key itemId) Return the name of an item located in a child prim inventory.
[12:05 PM PT]  Web Rain: Ubit break them :(
[12:06 PM PT]  Cuga.Rajal these are very useful additions
[12:06 PM PT]  Ubit Umarov: Ohh so you are adil el Farissi
[12:06 PM PT]  Web Rain: just to be clear, all honors back to the original authors because i just copy/paste and add minor modifs to the exesting code
[12:06 PM PT]  Ubit Umarov: wait there are a few more lol
[12:07 PM PT]  Web Rain: yep is my RL name ^^
[12:07 PM PT]  Ubit Umarov: osAESEncrypt(string secret, string plainText)
    osAESDecrypt(string secret, string encryptedText)
    osAESEncryptTo(string secret, string plainText, string ivString)
    osAESDecryptFrom(string secret, string encryptedText, string ivString)
[12:08 PM PT]  Ubit Umarov: think there is another one
[12:08 PM PT]  Web Rain: i will revert those tonight and add some PHP and JS as example
[12:08 PM PT]  Ubit Umarov: osGiveLinkInventoryList(integer linkNumber, key destination, string category, list inventory)
    Give a group of items located in a child prim inventory

    osRemoveLinkInventory(integer linkNumber, string name)
    Remove an item from a child prim inventory
[12:09 PM PT]  Ubit Umarov: hmm revert what?
[12:09 PM PT]  Ubit Umarov: er and i broke what?
[12:09 PM PT]  Web Rain: AES relates implementation
[12:10 PM PT]  Ubit Umarov: well i made a few changes like letting those *link* also select root
[12:10 PM PT]  Web Rain: i don't know what exactlly, there is a grimplin that break the ecryption/decryption when LSL_TYPEs are used
[12:10 PM PT]  Ubit Umarov: redundant but for coerency..
[12:10 PM PT]  Web Rain: is why i used normal strings in the ossl functions impl
[12:10 PM PT]  Ubit Umarov: well i did not tested anything as i said
[12:11 PM PT]  Ubit Umarov: bt i had to change some things like storung and testing as string not as LSL_string
[12:11 PM PT]  Ubit Umarov: to avoid extra copies
[12:12 PM PT]  Ubit Umarov: also use readonlyspan ms stupidity
[12:12 PM PT]  Ubit Umarov: also to avoid extra string copies..
[12:12 PM PT]  Jamie.Jordan hi everybody
[12:12 PM PT]  Ubit Umarov: ofc my had broken something :)
[12:12 PM PT]  Gavin.Hird hi
[12:12 PM PT]  Motoko.Karu hihi jamie
[12:13 PM PT]  Web Rain: may work but AES is pretty sensive and requiere a byte[32] as key and byte[16] for the IV
[12:13 PM PT]  Ubit Umarov: your code also did not enforced that..
[12:14 PM PT]  Web Rain: the hash with SHA256 and MD5 force that
[12:14 PM PT]  Ubit Umarov: also got a ubode native lib compiled for arm64 linux
[12:14 PM PT]  Vincent.Sylvester Would it not make more sense to combine the various algo into a single crypt and decrypt function so adding new algo doesn't require a whole new set of functions
[12:14 PM PT]  Ubit Umarov: seems to be working on late rasp pi 5 like boards
[12:15 PM PT]  Web Rain: also the UTF8 encoding is important for outside use compatibility
[12:15 PM PT]  Gavin.Hird like or actual RP 5?
[12:16 PM PT]  Ubit Umarov: think was tested on another thing gavin.Hird
[12:16 PM PT]  Ubit Umarov: similar cpu
[12:16 PM PT]  Gavin.Hird ok
[12:17 PM PT]  Vincent.Sylvester Something like osCrypt(string algo, string input);
[12:18 PM PT]  Ubit Umarov: err also made a little fix on westats SStats
[12:18 PM PT]  Ubit Umarov: so that ../SStats  sinple url gives default response again
[12:20 PM PT]  Web Rain: the important is not the use as scripts functions!!!  you have just implement the same thing in the viewers side to have a bit of security and privacy in OpenSim without the need for ssl...  endpoint2endpoint
[12:21 PM PT]  Web Rain: also can obfuscate things in the robust/region servers comms like the private messaging...
[12:21 PM PT]  Ubit Umarov: well i do think thsoe things are outside region scripting..
[12:21 PM PT]  Ubit Umarov: but since ll is adding such things, i did accept it :)
[12:21 PM PT]  Vincent.Sylvester Privacy and open source don't mix so well
[12:22 PM PT]  Ubit Umarov: wel i don't see how i did break those.. the changes seem ok
[12:22 PM PT]  Ubit Umarov: but.. well possible
[12:23 PM PT]  Web Rain: privacy and security are human rights and must be on top of any thing
[12:23 PM PT]  Web Rain: did tou tested the script?
[12:23 PM PT]  Ubit Umarov: ofc not :p
[12:24 PM PT]  Ubit Umarov: as i said all this new things are *untested*
[12:24 PM PT]  Ubit Umarov: and not on wiki
[12:24 PM PT]  Orbert.Tatham Privacy and open source mix fine, privacy and unbridaled capitalism are a severe mismatch
[12:24 PM PT]  Vincent.Sylvester Anyone that knows where to look can just output all conversations in IM to console despite whatever encryption you want to set, because IM does not encrypt between users directly in the viewer
[12:25 PM PT]  Vincent.Sylvester Good luck getting viewers to implement that when it means breaking existing protocol to some extend as you somehow have to find a way to directly exchange keys
[12:25 PM PT]  Vincent.Sylvester Else it just goes over the server either way
[12:25 PM PT]  Vincent.Sylvester And direct peer to peer connections for IM have their own implications on privacy
[12:26 PM PT]  Web Rain: was working well before ^^ i will revert those and keep your methods impl in case you need them... Thank you for your indulgence and your code review Ubit ^^
[12:26 PM PT]  Gavin.Hird encryption can also be used to place illegal shit on server / grid storage
[12:27 PM PT]  Web Rain: i'm not good in C   but i will try ^^
[12:27 PM PT]  Ubit Umarov: good bc we use c# :p
[12:28 PM PT]  Vincent.Sylvester Having encryption in lsl is nice for http requests, but I think those already support ssl no?
[12:28 PM PT]  Misterblue Waves: @Web: if we keep the discussion going and making changes, a good solution will result
[12:28 PM PT]  Web Rain: hmmm not in this way because all the used params are known
[12:29 PM PT]  Joe Magarac: As long as everything that has to be encrypted goes over standard HTTPS, I don't have to do anything viewer side.
[12:29 PM PT]  Ubit Umarov: well sl keeps adding similar things also
[12:29 PM PT]  Ubit Umarov: bahh
[12:30 PM PT]  Web Rain: agree with joe! with SSL we don't even need those functions !!!
[12:30 PM PT]  Vincent.Sylvester Doxxing yourself is part of the OpenSim experience and the fun xD
[12:30 PM PT]  Gavin.Hird it is Vincent
[12:30 PM PT]  Web Rain: is a basic solution as alternative to the SSL problematics
[12:31 PM PT]  Joe Magarac: If you want to secure IM and chat, I'd suggest putting sim->viewer on the existing event channel.
[12:32 PM PT]  Joe Magarac: Use the same messages as IM, but encoded in LSL.
[12:32 PM PT]  Joe Magarac: Inbound, a new cap for sending viewer->sim messages.
[12:32 PM PT]  Joe Magarac: Maybe coordinate with SL so everybody uses the same one.
[12:33 PM PT]  Joe Magarac: Then it uses HTTPS like everything else on the Internet.
[12:34 PM PT]  Web Rain: if we use the hash of the user password hash and the sessionID and SecureSessionID to build the Key and IV... on the viwer side , will be possible to encrypt/decrypt all the comms between the viewer and server
[12:34 PM PT]  Joe Magarac: Don't roll your own crypto unless you've already broken a hard one - Friedman, founder of NSA.
[12:35 PM PT]  Web Rain: is just a strong obfuscation...
[12:35 PM PT]  Vincent.Sylvester Viewer could ask server for the other persons peer address so you can negotiate a key without the server knowing. Then you can send encrypted data, but in turn you doxx yourself as the server has to directly tell the other person who they are
[12:36 PM PT]  Joe Magarac: Right, that would upset the people who don't want to give out their IP address.
[12:36 PM PT]  Vincent.Sylvester Which grid admins can already record as it is logged in robust anyways
[12:36 PM PT]  Vincent.Sylvester Gotta know where to send the data to after all
[12:37 PM PT]  Joe Magarac: On the SL side, some people get upset if their IP address gets out.
[12:37 PM PT]  Joe Magarac: I don't see that, but some people do.
[12:37 PM PT]  Gavin.Hird let them
[12:37 PM PT]  Orbert.Tatham Used to be long lists, so everyone knew who the alts were
[12:38 PM PT]  Joe Magarac: I'd gp for the HTTP solution because it's easy to implement and as secure as most web stuff.
[12:39 PM PT]  Joe Magarac: If you want peer to peer encryption with no server you're building Signal, which is hard.
[12:39 PM PT]  Orbert.Tatham Esp. when Signal is already there
[12:40 PM PT]  Gavin.Hird Except signla can be decrypted by agencies
[12:40 PM PT]  Vincent.Sylvester I'm all for privacy, but if that is a concern there are plenty of nicer tools than OpenSim to facilitate private chats, we got a few more pressing issues at the moment
[12:40 PM PT]  Gavin.Hird signal*
[12:40 PM PT]  Orbert.Tatham The numan side of "trust" is hte hardest anyway
[12:40 PM PT]  Jamie.Jordan I will say signal is good at what it does
[12:40 PM PT]  Orbert.Tatham If you don't want the Five Eyes listening, don't say it
[12:41 PM PT]  Vincent.Sylvester Where is the fun in it when your chats aren't causing mental disturbance for the poor FBI agent that has to read em
[12:42 PM PT]  Web Rain: lol
[12:42 PM PT]  Gavin.Hird a lot of them, are already pretty distrubed as it is
[12:42 PM PT]  Jamie.Jordan that's funny
[12:43 PM PT]  Web Rain: as i said the internal use is more a strong obfuscation than a full crypto
[12:43 PM PT]  Orbert.Tatham I had some fun with a girl who was part of teh Canadian version of the secret service, made some comments about the guys listening. She screamed at me because she almost got fired - no sense of humor
[12:43 PM PT]  Vincent.Sylvester No-fly list speedruns would be really difficult with full encryption xD
[12:43 PM PT]  Web Rain: and this is a first step in a long path so...
[12:44 PM PT]  Ubit Umarov: AES is allowed bc nsa can read it on the fly :p
[12:44 PM PT]  Vincent.Sylvester I just noticed the existing ossl function for getting inventory key by name does not qualify the inventory type...
[12:44 PM PT]  Gavin.Hird true dat
[12:45 PM PT]  Joe Magarac: OK, we've kind of run down on the encryption front. Now what?
[12:45 PM PT]  Web Rain: agree with ubit ^^ is not a military grade thing and accepted by the regulators for many cases
[12:46 PM PT]  Vincent.Sylvester Meanwhile OpenSim passwords: md5(md5(password))
[12:46 PM PT]  Joe Magarac: Current HTTPS encryption is pretty good. Or we'd be hearing about huge banking ripoffs.
[12:46 PM PT]  Vincent.Sylvester Most times it's phishing not encryption that's the problem anyways
[12:47 PM PT]  Joe Magarac: md5 is weak but login is over HTTPS so md5(password) never travels over the net in clear.
[12:48 PM PT]  Joe Magarac: If an HTTPS solution is acceptable I will bring i up at the SL dev meeting today at noon.
[12:48 PM PT]  Vincent.Sylvester Well double md5 is also surprisingly strong despite what it seems and we technically have no limit on password size
[12:48 PM PT]  Ubit Umarov: ...
[12:48 PM PT]  Ubit Umarov: 11:47:58] Object: 
Encrypted with osAESEncrypt:
[11:47:58] Object: 
Decrypted with osAESDecrypt:
Hello World :)
[11:47:58] Object: 
Encrypted with osAESEncryptTo:
[11:47:58] Object: 
Decrypted with osAESDecryptFrom:
Hello World :)
[12:48 PM PT]  Ubit Umarov: ...
[12:48 PM PT]  Ubit Umarov: damm dotnet 6
[12:48 PM PT]  Web Rain: yay is working :)
[12:48 PM PT]  Vincent.Sylvester So I just set passwords with more than 36 chars, good luck finding a wordlist that big
[12:49 PM PT]  Orbert.Tatham Good luck finding a customer with a memory that big - it will always be on a post-it note nearby
[12:49 PM PT]  Joe Magarac: 10 minutes to go. Can I bring up some region crossing vs sharpview stuff?
[12:49 PM PT]  Vincent.Sylvester Password managers, added benefit they can't torture a password out of you that you don't know in the first place xD
[12:49 PM PT]  Vincent.Sylvester Sure Joe. How's that going lately?
[12:49 PM PT]  Joe Magarac: OK.
[12:50 PM PT]  Orbert.Tatham So few grok password managers so they might as well not exist
[12:50 PM PT]  Joe Magarac: Region crossings from Uibittest  Ubittest2 work great.
[12:50 PM PT]  Orbert.Tatham Sorry, Joe, you have the floor
[12:50 PM PT]  Joe Magarac: Region crossings from Sharpview 0 1  and 2 work pretty well, no fails,
[12:51 PM PT]  Joe Magarac: Zell to Pinswand sort of works but motion cointinues after the cross until another arrow key is pressed.
[12:51 PM PT]  Joe Magarac: Friggin Awssome regoins fail.
[12:51 PM PT]  Ubit Umarov: yeah bullet ones :(
[12:51 PM PT]  Joe Magarac: Stuck on the boundary with both sims sending updates.
[12:51 PM PT]  Ubit Umarov: thing crossings to south work..
[12:51 PM PT]  Ubit Umarov: think..
[12:52 PM PT]  Joe Magarac: Huh.
[12:52 PM PT]  Joe Magarac: So what should I do?
[12:52 PM PT]  Vincent.Sylvester Misterblue is sitting next to you ;)
[12:53 PM PT]  Joe Magarac: Are you the owner of some of those regions?
[12:53 PM PT]  Vincent.Sylvester Maintainer of bullet physics implementation
[12:53 PM PT]  Joe Magarac: Ah.
[12:54 PM PT]  Ubit Umarov: it is not a viewer problem..  ignore :)
[12:54 PM PT]  Joe Magarac: I'm viewer side. I have no idea how the physics implementation affects messages. I shouldn't be able to tell.
[12:54 PM PT]  Ubit Umarov: test on regions known to work
[12:55 PM PT]  Ubit Umarov: bullet just gets confused ..
[12:55 PM PT]  Ubit Umarov: region side issue..
[12:55 PM PT]  Joe Magarac: If it works in Firestorm, I will get blamed. But for now, I agree. I'd really like it to work for the Swondo estates, though, becauee they have a mainland you can explore.
[12:56 PM PT]  Ubit Umarov: fs also fails no those bullet regions..
[12:56 PM PT]  Joe Magarac: Oh, it does?
[12:56 PM PT]  Joe Magarac: I will try that.
[12:56 PM PT]  Ubit Umarov: at least going north
[12:56 PM PT]  Cuga.Rajal Have you tried turning on the viewer debugging feature of Show Physics Shapes
[12:56 PM PT]  Cuga.Rajal in FS, that might give a clue
[12:56 PM PT]  Joe Magarac: I'm in my own viewer.
[12:56 PM PT]  Ubit Umarov: is not shapes
[12:56 PM PT]  Ubit Umarov: is crossing logic
[12:56 PM PT]  Cuga.Rajal ahh
[12:56 PM PT]  Joe Magarac: Right. this is bare land.
[12:57 PM PT]  Gavin.Hird even bare land has physics
[12:57 PM PT]  Joe Magarac: Right, but that's not actually the problem. It's the handoff that breaks.
[12:58 PM PT]  Joe Magarac: Although the continued motion may be the physics engine.
[12:58 PM PT]  Cuga.Rajal I though maybe there is something there not noticed but with unusual bounding area that viewers might deal with differently
[12:58 PM PT]  Joe Magarac: Pressing any arrow key stops motion. It may be that  sim side, arrow keys are ignored until they change, and no change is registered, so motion continues with the velocity at the crossing.
[12:59 PM PT]  Joe Magarac: I've has an avatar travel across six regions with no key presses.
[12:59 PM PT]  Gavin.Hird have not see that for years
[12:59 PM PT]  Cuga.Rajal so the avatar "floats" until key pressed
[12:59 PM PT]  Joe Magarac: Right.
[1:00 PM PT]  Jamie.Jordan java script breaking?
[1:00 PM PT]  Joe Magarac: I used to see that around Firat, but that region is gone.
[1:00 PM PT]  Cuga.Rajal I've seen that in SL in very high lag
[1:00 PM PT]  Gavin.Hird it is gone?
[1:00 PM PT]  Cuga.Rajal but keypress didnt fix
[1:01 PM PT]  Joe Magarac: The keypress thing has to be a problem with not handling the key state properly at a region cross.
[1:01 PM PT]  Joe Magarac: The sim constantly gets the key state, and I think it compares it to the previous key state.
[1:01 PM PT]  Joe Magarac: No change, no action.
[1:02 PM PT]  Gavin.Hird I think you came there once at an unfortunate moment when the region was going down for code update
[1:02 PM PT]  Ubit Umarov: i as said..  bullet gets confused...  ignore it
[1:02 PM PT]  Ubit Umarov: you don't get movement etc.. bc bullet is.. confused..  got it?
[1:02 PM PT]  Ubit Umarov: :p
[1:03 PM PT]  Joe Magarac: OK. Will ignore for now. I expect to have a version of Sharpview next week that does region crossings, so others can try this.
[1:03 PM PT]  Ubit Umarov: it will even drop you btw regions..
[1:03 PM PT]  Joe Magarac: I know.
[1:03 PM PT]  Joe Magarac: Gotta go, next meeting. Thanks all.
[1:04 PM PT]  Ubit Umarov: also have a rl call
[1:05 PM PT]  Gavin.Hird ok
[1:05 PM PT]  Ubit Umarov: i will puch the fix to aix functions a bit later
[1:05 PM PT]  Ubit Umarov: push..
[1:05 PM PT]  Jamie.Jordan thanks yall
[1:05 PM PT]  Ubit Umarov: aix? i mean AES .)
[1:05 PM PT]  Gavin.Hird I will not be here next week, the week after maybe, and then I might only have spotty mobile internet for up to 3 months
[1:05 PM PT]  Orbert.Tatham aix and pains
[1:05 PM PT]  Ubit Umarov: any other opensim issue before closing?
[1:05 PM PT]  Vincent.Sylvester Gonna miss you Gavin
[1:06 PM PT]  Web Rain: ok i will work a bit in the PHP and JS enc/dec to test the compatibility
[1:06 PM PT]  Ubit Umarov: ohh have fun with the move :)
[1:06 PM PT]  Gavin.Hird it takes time to get that fiber installed in the new house :-(
[1:06 PM PT]  Lyr Lobo: Take good care of yourself, Gavin
[1:06 PM PT]  Gavin.Hird thanks, I will
[1:06 PM PT]  Lyr Lobo: good fortune with  your move
[1:06 PM PT]  Ubit Umarov: ok hope to see you all next week if not before :)
Personal tools
About This Wiki