[Opensim-users] Speaking of Content Theft, How About Our Own Backyard?

John Mieske johnmieske at gmail.com
Thu Feb 25 16:00:26 UTC 2010 

I agree anyone can fake the UUID..  but my point is MAKE people have some
UUID that is valid on each file before they upload. In otherwords its in the
name of the file itself. This wont stop them, but they might slow down. The
idea is that would have to work at adding a UUID to each file name.

On Thu, Feb 25, 2010 at 9:49 AM, Impalah Shenzhou <impalah at gmail.com> wrote:

> Well, anyone can fake these uuid as you can fake, for example, mail or
> http headers... I think the security depends more on the grid you are
> attached than to the protocol you use... for example, maybe OSGrid
> could provide some kind of security but it only applies to its
> registered and controlled users but not to hypergrid users.
>
> The opensim/secondlife/whatever protocol is unsecure by default (like
> http protocol, for example).. the main security is on the viewer.
> Maybe some kind of patch could be introduced but, is this worth it?
>
> From my point of view, and here I agree with one of your past
> comments, I prefer to give my items (textures, anims, code...) for
> free before anyone can sell them.
>
> Of course there are cases when a lawyer is needed but for a simple
> texture, believe me, I can live with some thieve around.
>
> I won't enter in themes like identity verification because I live in
> Spain and here we have a mandatory (by law, when you are 14 years old
> you need one) document to verify our identity. It is called DNI.
>
> My conclusion is that there aren't any effective technological method
> to protect against content "robatory" (see DRM... :-P). You can trust
> on people or you can use your legal forces... but a machine rarely
> will help you (unless this machine is some kind of Kalashnikov AK-47).
>
>
>
> 2010/2/25, John Mieske <johnmieske at gmail.com>:
> > Whoa.. easy girl..  didn't mean to tick ya off..  lol
> >
> > It was O Hundred in the morning for me and you know what the O stands for
> ?
> >  OMG its early in the morning..   hahaha
> >
> > Actually I think i was trying to say that with the exception of Textures
> and
> > Sounds have items that you would know as prims have some sort of UUID on
> it.
> > When I use Second Inventory it attaches my UUID from my previous avatar
> to
> > the file name. It does that so if you re-upload it to SL it knows who you
> > are.
> >
> > It wont stop a thief but more or less slow them down. The other thing is
> if
> > you upload with one UUID then the database can remember that one UUID and
> it
> > from that point on will allow only one UUID content to be uploaded.  If
> you
> > upload another file with a different file, it then flags you..  If you
> > upload another one it alerts people when you look at their profile..  I'm
> > just throwing ideas out there guys..  someone might have some idea based
> off
> > these little stupid ideas i'm making.. but its worth a shot.
> >
> > The sad part to the thief is that they MUST have a UUID number in the
> file
> > name or it will refuse to allow them to upload. Just a thought. ( Again
> this
> > wont apply to some items like textures if you upload one texture at a
> time.
> > However Bulk textures yes.. make them have a UUID. I mean seriously. This
> is
> > why the UUID exists, why not use it. )
> >
> > John
> >
> >
> > On Thu, Feb 25, 2010 at 12:34 AM, Karen Palen <karen_palen at yahoo.com>
> wrote:
> >
> >> Take a look at your MySql database with one of the database tools.
> >>
> >> That is actually how assets (including your Avatar) are presently
> stored!
> >>
> >> The problem comes when you move the asset to another database and find
> >> that
> >> UUID is already used! A UUID is only truly unique if it is assigned by a
> >> master (WORLDWIDE!) assignment which keeps track of every UUID!
> >>
> >> The commonly used methods for assigning a UUID are either system
> dependent
> >> or depend on duplicates being a very low probability.
> >>
> >> Non-zero probability unfortunately.
> >>
> >> Remember that if you try a billion times then billion to one odds have a
> >> 50% chance of happening!
> >>
> >> IMHO that is the worst possible sort of problem to have! A problem which
> >> happens very rarely yet screws up your database in subtle ways when it
> >> does
> >> happen!
> >>
> >> There is an effort under way to provide a central asset indexer, but I
> >> don't know enough about it to judge any potential security problems.
> >>
> >> The obvious "spoof" would be to substitute the index entry for something
> I
> >> have created (i.e. full rights) for somehting I wanted to steal (i.e.
> zero
> >> rights). I can think of several ways to counter this, but none which are
> >> particularly robust let alone foolproof!
> >>
> >> Karen
> >>
> >> --- On Wed, 2/24/10, John Mieske <johnmieske at gmail.com> wrote:
> >>
> >> > From: John Mieske <johnmieske at gmail.com>
> >> > Subject: Re: [Opensim-users] Speaking of Content Theft, How About Our
> >> > Own
> >>  Backyard?
> >> > To: opensim-users at lists.berlios.de
> >> > Date: Wednesday, February 24, 2010, 9:55 PM
> >> > Ok.. I have an idea..  not sure how
> >> > possible this is..  so this is a long shot....  I know in
> >> > SL you can create a script that gets the persons UUID. That
> >> > ID in turn can be used in conjunction with your items and in
> >> > SL it is what safe guards your inventory to a small degree.
> >> >  It also shows who the creator and owner is. Now these guys
> >> > who upload the content, they get it and attempt to upload to
> >> > OSG for example. Now what if on the website OSG had a way to
> >> > create the user with the UUID from SL, IF they are using a
> >> > name from SL. In turn the UUID would store that users UUID
> >> > in the "new" database that would be the same one
> >> > from SL. Now..  for the sake of argument, there would be a
> >> > check mark you as a newbie can click to show your using a
> >> > name from SL.  Now if that person who did not check mark
> >> > that cannot upload content already made. ( accept textures
> >> > and sounds which there is NO WAY to safeguard against. But
> >> > all other content will have been made from a grid other then
> >> > OSG can show this. If the content from OSG is made then
> >> > another type of perms is set so that you must have a UUID
> >> > attached on each file if you want to re-upload it..
> >> >
> >> > Maybe I am saying it wrong and I know i'm
> >> > exhaustedly tired right now.  But can anyone get an idea of
> >> > what i'm saying here ?
> >> > John
> >> >
> >> > On Wed, Feb 24, 2010 at 11:45 PM,
> >> > Master_Mirage <mirage123 at verizon.net>
> >> > wrote:
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > Sadly like so many schemes that only works until some crook
> >> > fakes the "do
> >> >
> >> > not copy flag" or something similar.
> >> >
> >> >
> >> >
> >> > Even something which is a "closely held" as the
> >> > IPod has similar problems. I
> >> >
> >> > did a search for Ipod apps on Pirate Bay the other day.
> >> >
> >> >
> >> >
> >> > They are always a good check of what works and what
> >> > doesn't!
> >> >
> >> >
> >> >
> >> > I found more than 1000 items, including all kinds of MP3s,
> >> > software, and
> >> >
> >> > "hacks"!
> >> >
> >> >
> >> >
> >> > Many many very competent people have worked on Digital
> >> > Rights Management
> >> >
> >> > (DRM), but as far as I know there has never been any
> >> > solution worth the
> >> >
> >> > trouble and hassle involved!
> >> >
> >> >
> >> >
> >> > That doesn't stop the snake oil salesman from claiming
> >> > to have "the
> >> >
> >> > ultimate" solution of course.We are seeing that on
> >> > Second Life right now.
> >> >
> >> >
> >> >
> >> > Karen
> >> >
> >> > -----------------------------------------------------------------
> >> >
> >> > I agree to a point. I tend to think in terms if asked
> >> > "What have i done as a
> >> >
> >> > grid oper. to help stop the spread of stolen content?"
> >> > I have nothing to
> >> >
> >> > show them sadly and thats scary as hell to me!
> >> >
> >> > If as a grid op i can at least show a good faith attemp at
> >> > prevention and
> >> >
> >> > away to track it quickly to the user that broght it in. Id
> >> > feel alot better
> >> >
> >> > and prob. the users would be alot happyer knowing it too.
> >> >
> >> >
> >> >
> >> > Something at this point is better than nothing i think.
> >> >
> >> > :-)
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > --
> >> >
> >> > View this message in context:
> >>
> http://n2.nabble.com/Speaking-of-Content-Theft-How-About-Our-Own-Backyard-tp4622175p4630592.html
> >> >
> >> >
> >> > Sent from the
> >> > opensim-users mailing list archive at Nabble.com.
> >> >
> >> > _______________________________________________
> >> >
> >> > Opensim-users mailing list
> >> >
> >> > Opensim-users at lists.berlios.de
> >> >
> >> > https://lists.berlios.de/mailman/listinfo/opensim-users
> >> >
> >> >
> >> >
> >> >
> >> > --
> >> > John Mieske / Winword Exonar
> >> > http://johnmieske.org
> >> > Space Grid Station
> >> >
> >> >
> >> >
> >> > -----Inline Attachment Follows-----
> >> >
> >> > _______________________________________________
> >> > Opensim-users mailing list
> >> > Opensim-users at lists.berlios.de
> >> > https://lists.berlios.de/mailman/listinfo/opensim-users
> >> >
> >>
> >>
> >>
> >> _______________________________________________
> >> Opensim-users mailing list
> >> Opensim-users at lists.berlios.de
> >> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>
> >
> >
> >
> > --
> > John Mieske / Winword Exonar
> > http://johnmieske.org
> > Space Grid Station
> >
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
>



-- 
John Mieske / Winword Exonar
http://johnmieske.org
Space Grid Station
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20100225/48915d48/attachment.html>

More information about the Opensim-users mailing list