[Opensim-dev] Interrelated difficult problems related to asset portability

[Antti Ilomäki]

Ok, the part of me that's still human would like to apologize in advance for the huge and probably unintelligent blob of text that follows. Unfortunately that part is quite small nowadays and this discussion is too interesting for me to pass up, so here goes.

First of all, my opinions are mostly based on my visions of the future of the virtual worlds. The way I see it is pretty analogous to the modern day web with zillions of different "pages" and some larger communities of which some are open and some closed. In fact, content providers will probably want to tie the virtual worlds tightly into the existing web so that both ways of displying information will support each other. The one thing that's very different in the virtual worlds and modern web is the user's avatar and the related interaction among browsers.

Because I don't see the virtual worlds of the future as a group of huge, separate grids I believe it's important for me to separate the avatars' inventory assets completely from any specific grid (mind you that I also think that we need to support walled gardens such as intranets and so on). They need to be extremely mobile. Items that are stored on the worlds themselves are somewhat different, but I'll get back to that in a moment.

An important issue related to user interaction in virtual worlds is one of the stumbling blocks for serious business applications and this is one of the things that hurt Second Life(tm) right now. The people planning the user experience (I'm not an expert but I've seen and read enough of the subject to know that designing user experience is sort of a cross between building spaceships, painting modern art and sticking bamboo sticks under someone's fingernails) don't have total control over the user experience anymore. In Second Life(tm) you don't necessarily have any control over your neighbors; the buildings right next to you or even the islands in the vicinity have an effect on your image and it's pretty much out of your control.

If you host your own separate world you don't have that problem, but you still have people crawling all over your beautiful creation, affecting each others' user experience. There are lots of potential ways to reduce the negative impact they may have, but interaction between users and social stuff in general is one of the strongest points of virtual worlds so you really do want it to work. Nowadays people run into unappropriate content on forums, blog comments etc. and there are moderators who try to control it. In virtual worlds there's an additional problem in the form of inventory assets brought in by other people. If we could figure out a way to create a system that releases virtual worlds (of course the ones that care about this stuff, which is many businesses for example) from constant moderation and makes them suitable for peple under 18, we're going to speed up the development of business in virtual worlds considerably. If we can also create some kind of a functional IPR management system in the process, even better.

Ok, now we're getting back to the topic. Finally, some may say, but in my case this is pretty much an ok performance.

As far as DRM goes, since most assets are simple to copy (at least their appearance is, running transportable scripts is another intriguing issue altogether), making copying excessively difficult is not likely to help much and may hurt law abiding citizens in the process, which is not necessarily entirely positive. Since the copied assets are of little use to you offline, there's a chance to implement some sort of protection, however. Also keep in mind that there is no foolproof DRM and probably never will be, the goal of protecting digital assets is increasing the number of legal transactions as opposed to pirating the goods.

IF we had huge servers somewhere with zillions of bytes of data on virtual goods' watermarks, content hashes etc., we could use them for checking out if a certain user has the rights to the stuff he/she's carrying around. If the authentication traffic goes through a world server (the data traffic would go directly fro mthe inventory servers to the users), it will simply block all unauthorized requests and pirated goods will not display on other users' screens. If the server itself contained illegal stuff, there could be different levels of actions taken from a warning displayed on the viewer screen to simply blocking the site entirely. Most litkely the best answer would be a workable compromise. Removing such checks from a server wouldn't be very difficult and could be as simple as downloading a pirate-friendly version of OpenSim, but the important thing would be to have all the popular sites such as Second Life, FaceWorld, eBay and all the corporate sites supporting the content protection features, which would dramatically reduce the value of pirated goods.

The simplest way to hack content hashes or watermarks would be to make slight changes to the file so that it becomes an entirely new asset in the eyes of the virtual net. Maybe there are some ingenious workarounds and tricks to make it more difficult, you technically competent people might come up with some one day(hopefully). There's another side to this issue, though, as I mentioned earlier.

So what if you want to make your world teen-friendly or just don't want the guy with a dicksuit in your virtual church next sunday (wearing his favorite suit)? The same content hash or watermark based system could be used here as well, since naturally every object stored in the database would come with lots of metadata attached (now here's another issue altogether: come up with a perfect metadata system that can be used to classify and search assets in virtual worlds). The Church of Virtuality server would have settings that would only allow stuff that has certain flags to be brought in. Anything X-rated would be banned and so on. Nice, interoperable worlds suitable for kids became a possibility, I can see how that could benefit someone. Walled gardens could, of course, have their own inventory servers and only accept those (for example). And note that at the same time changing the watermark or content hash just went out of the window, because the object would no longer appear on the official list of obects on the massive database servers and wouldn't be recognized by the Church of Virtuality or any other site participating in the protection scheme.

Then the obvious issues. How does stuff get on the list? Who would manage such services, is there anything to benefit from it? Where do people build new stuff if you can only see stuff that's on some stupid list somewhere?

Building new stuff would be based on levels of security. The levels could be for example:
1) Only locally stored objects from the default llist provided with the viewer program, these would be used as fallbacks in any case and would include a set of basic clothes etc.
2) Only officially catalogged objects with selected properties (using metadata or from a specific inventory server)
3) Free for all, anything goes

Since building wouldn't be a priority or even really desired on many sites, this wouldn't be a problem for them. They could choose to be a secure environment where building isn't possible or they could offer building and free for all stuff in a separate, moderated region (which could in theory be a viable business move for a kids' site). It's not exactly clear how popular category 1) and 2) serves would actually become, but I have a hunch they might have some use. This of course affects the next issues, which are the really difficult ones.

Ok, now we have a beautiful system running, everyone's safe and happy etc. But how does stuff get on the lists and who will manage the servers (which would be quite a task considering the zillions of users and the immense popularity of virtual worlds in 2009 at the latest)? In reality the answer would pretty much have to be someone who somehow benefits from the existence of the system. Perhaps Amazon or LindeX(tm), who would benefit from virtual microtransactions? Some non-profit organization funded with donations? John Doe from Kentucky? The little green guy from Mars? I don't know. Maybe someone. In any case I believe the market for selling virtual goods will become huge in the not-so-far future and it will greatly benefit the entire virtual worlds community. Whatever makes it more viable or speeds up the development will benefit just about everyone willing to make a business out of virtual worlds. You may now come up with better ideas.





________________________________________
Lähettäjä: opensim-dev-bounces at lists.berlios.de [opensim-dev-bounces at lists.berlios.de] käyttäjän Diva Canto [diva at metaverseink.com] puolesta
Lähetetty: 23. toukokuuta 2008 18:30
Vastaanottaja: opensim-dev at lists.berlios.de
Aihe: Re: [Opensim-dev] Interrelated difficult problems related to      asset   portability

Dr Scofield Wrote:
> > be people willing to pay. Maybe. There's certainly a [small] market
> for
> > clone detection in source code and other artifacts that are time-
> consuming to produce.
> >
> i think there's a huge market out there. and it will grow with the
> growth of VWs.

Very possible.

People have different needs when it comes to asset protection, and one model
doesn't fit all. This should be configurable at server init time. Here are
three of the most prevalent models, the third one being a hybrid.

1 - People want all their inworld assets protected from being copied. This
means that there should be a lot of guards upfront. It's conceivable that
someone might develop a DRM module for OpenSim; but I don't think that
should be in the OpenSim core, because this kind of protection, besides
being a conceptual quagmire, is not a universal need. A more lightweight
manner of addressing this need is to use the walled-garden model of grids,
which somewhat restricts who has access to the inworld assets, and then have
people sign a very strict ToS, and enforce that with severe real-world
penalties. Example on the Web: facebook.

2 - People don't care much about their inworld assets being copied by
hackers, what they care most is to attract lots of visitors to their sites,
or even just expressing themselves in public. So free access to images, etc,
are a tool for traffic, it puts their message out there; not just people
traffic but all sorts of backend info gathering traffic, for example
crawlers for search engines. In this scenario, there is no need for backend
asset copy-protection mechanisms, just front-end protection and declarations
of copyrights. This is the prevalent model of the [public] Web.

3 - People care somewhat about their inworld assets being copied, while at
the same time caring to attract visitors, therefore benefiting from
operating in open grids and open sims. A lot of web sites fall on this
category. This is the model that would benefit from having open access to
assets along with a monitoring system for detecting copyright violations. As
Dr. Scofield said, some people care to do this on the public web too.

Note that all of these models can work with the techniques that we were
talking on this thread -- REST access, pulling UAI out of the OpenSim core.
For walled-gardens, it's "just" a matter of authenticating the callers. This
kind of ACL is routine on the Web, session keys, etc., so it should be
feasible in OpenSim too. I think this is possible without having to change
the viewer.

(As an important aside, assets and inventory are not the same thing.
Inventory should always be private and protected. My use of the word asset
means inworld object.)


_______________________________________________
Opensim-dev mailing list
Opensim-dev at lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev