[Opensim-users] Banning "bad" viewers was Re: Can this be done?
Frisby, Adam
adam at deepthink.com.au
Tue Jan 12 21:25:35 UTC 2010
While I hate to rain on anyone's parade - but you can use the "-channel" commandline switch to edit the version string to whatever you want. I really wouldn't rely on it.
Adam
> -----Original Message-----
> From: opensim-users-bounces at lists.berlios.de [mailto:opensim-users-
> bounces at lists.berlios.de] On Behalf Of Imago
> Sent: Tuesday, 12 January 2010 9:34 AM
> To: diva at metaverseink.com; opensim-users at lists.berlios.de
> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can this be
> done?
>
> Thanks, I've been looking over the code, and yeah, I know people could.
> But
> really how many regular joes out there would be interested enough to
> download, compile, and play with the code. *laughs* I don't think
> there's
> many, because a lot of them would much rather have instant
> gratification
> rather then having to work for it.
>
> But in my opinion even fragile filtering is better then none at all.
> Because
> while some could get in the population en masse wouldn't be able to.
>
> ----- Original Message -----
> From: <diva at metaverseink.com>
> To: <opensim-users at lists.berlios.de>
> Sent: Tuesday, January 12, 2010 8:15 AM
> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can this be
> done?
>
>
> > As Teravus said, the LL viewer sends a string identifying itself and
> a
> > version. In the new login procedure that is captured by the
> > LLLoginHandlers as
> > if (requestData.Contains("version"))
> > clientVersion = requestData["version"].ToString();
> >
> > Right now we're not doing anything interesting with this information.
> > When this refactoring makes it to the master branch, people can
> replace
> > / augment the existing LLLoginHandlers to do other things including
> > filtering logins according to this field.
> >
> > But as others said here, this is a very fragile filtering, as any
> viewer
> > can send that field saying that it's an LL viewer.
> >
> > Imago wrote:
> >> Ah! Thank you. I did read something on the subject, but then
> suffered a
> >> hard
> >> drive death and it wiped out any settings I had. :( Google comes up
> with
> >> way
> >> too much junk when you look for stuff as well as Mantis stuff and
> Jiras.
> >> I
> >> will check in to this. So, now I know it is possible. :D Now, it's
> just
> >> finding a way to do it. *shrugs and laughs* If it keeps a few kids
> out
> >> than
> >> that's fine. I'd rather have fun then to have to police my console
> for
> >> logins. :D
> >>
> >> ----- Original Message -----
> >> From: "Teravus Ovares" <teravus at gmail.com>
> >> To: <opensim-users at lists.berlios.de>
> >> Sent: Monday, January 11, 2010 11:56 PM
> >> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can this
> be
> >> done?
> >>
> >>
> >>> The viewer information is sent when the viewer logs in. If you
> >>> check the viewer channel version string when the viewer logs in,
> you
> >>> can deny based on a string match. That's the easy (and least
> >>> effective way) to lock only specific viewers.
> >>>
> >>> I believe that diva and Melanie_T were the last to work on these
> >>> areas.. so they would probably be able to tell you where to
> check
> >>> 'best'.
> >>>
> >>> One thing to note, however, is..
> >>>
> >>> The viewer logs into the 'user service' by sending an XMLRPC
> request
> >>> to the HTTP Service with the login_to_simulator method. It's at
> >>> this time that the 'viewer channel string' should be checked.
> >>>
> >>> Teravus
> >>>
> >>> On Tue, Jan 12, 2010 at 12:34 AM, Imago <imagorabbit at gmail.com>
> wrote:
> >>>> Mostly I want this because of piece of mind, but also because I am
> >>>> considering compiling a viewer on Hippo code that will have a
> different
> >>>> channel code altogether that I will probably use for the sim. If I
> can
> >>>> lock
> >>>> off viewers that don't have my exact channel or code then I can be
> sure
> >>>> only
> >>>> official viewers can get in. Right now the sim is only for friends
> but
> >>>> if
> >>>> I
> >>>> open it up to more I wouldn't want idiots coming in and mucking
> about
> >>>> the
> >>>> place. Which is why I was asking. I know that some opensim
> *shaking
> >>>> head*
> >>>> I
> >>>> wish I could remember who and where banned certain viewers from
> logging
> >>>> in.
> >>>> I'm not sure how she/he did it, though, but it got me curious as
> to how
> >>>> it's
> >>>> done. That and I wouldn't really want someone using something like
> Cryo
> >>>> or
> >>>> even Meerkat, but as you said... They probably all have the same
> >>>> default
> >>>> code. But if I put in another code and compiled it off of hippo or
> >>>> Linden's
> >>>> viewer I could put in my own channel and have others not able to
> enter.
> >>>> I
> >>>> like security and peace of mind, but security in this day and age
> is a
> >>>> myth.
> >>>> (Like those stupid broadcasting things that were supposed to stop
> >>>> copybot.)
> >>>>
> >>>> But I was just curious if anyone had done it or heard of it. I
> want to
> >>>> say
> >>>> openlifegrid did it, but I can't remember so I don't want to say
> for
> >>>> sure
> >>>> until I find it again. (computer crashes suck.)
> >>>> ----- Original Message -----
> >>>> From: "Karen Palen" <karen_palen at yahoo.com>
> >>>> To: <opensim-users at lists.berlios.de>
> >>>> Sent: Monday, January 11, 2010 11:24 PM
> >>>> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can
> this be
> >>>> done?
> >>>>
> >>>>
> >>>>> As I think of it the answer is the same.
> >>>>>
> >>>>> The Linden Labs viewer does send an identification and version
> number,
> >>>>> bat
> >>>>> that really does very little. Almost every viewer out there is
> based
> >>>>> on
> >>>>> the current LL viewer and many people don't bother changing this
> code
> >>>>> for
> >>>>> their experimental versions.
> >>>>>
> >>>>> For example I just checked and I have a customised LL viewer
> where the
> >>>>> only change is that it will log on to my private sim by default.
> The
> >>>>> ID
> >>>>> codes are identical to the original since I never bothered to
> change
> >>>>> them.
> >>>>>
> >>>>> I use it to make sure that my private sim will run OK with the
> >>>>> "official"
> >>>>> viewer.
> >>>>>
> >>>>> I am not really sure why you would want that restriction though.
> >>>>> Should
> >>>>> I
> >>>>> be considering that for my sim? Have I missed something here?
> >>>>>
> >>>>> Sorry.
> >>>>>
> >>>>> Karen
> >>>>>
> >>>>> --- On Mon, 1/11/10, Imago <imagorabbit at gmail.com> wrote:
> >>>>>
> >>>>>> From: Imago <imagorabbit at gmail.com>
> >>>>>> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can
> this
> >>>>>> be
> >>>>>> done?
> >>>>>> To: opensim-users at lists.berlios.de
> >>>>>> Date: Monday, January 11, 2010, 10:05 PM
> >>>>>> I don't think anyone is
> >>>>>> understanding. :D It's not just Cryo. I want only
> >>>>>> Linden Lab viewers to be able to login. I've seen it done
> >>>>>> on other
> >>>>>> opensim's. I know people can get around that. But the point
> >>>>>> is... Not
> >>>>>> everyone is a coder. So, while they could compile and make
> >>>>>> it look like a
> >>>>>> Linden Lab viewer then so be it. I just want to know if
> >>>>>> there's a mod or
> >>>>>> string that I can put in to opensim to see what channel the
> >>>>>> viewer is
> >>>>>> sending, and if it's not the right one than to display an
> >>>>>> error message that
> >>>>>> would tell them to download an official release in order to
> >>>>>> login.
> >>>>>>
> >>>>>> Maybe I should have chosen my words better. Mentioning Cryo
> >>>>>> is like
> >>>>>> mentioning copybot, and responses only seem to be based on
> >>>>>> theft and copy
> >>>>>> protection. I just want to know if there's a string to
> >>>>>> block a viewer. I
> >>>>>> know people have done it I just can't remember what opensim
> >>>>>> I saw it done
> >>>>>> on. I also know that if I had Cryo source code I could
> >>>>>> compile and make it
> >>>>>> look like a Second Life release viewer. But not everyone is
> >>>>>> a hacker or a
> >>>>>> coder or both. Most people don't know how or can't compile
> >>>>>> a viewer or are
> >>>>>> too lazy to. So, they go look for one, and that's the basis
> >>>>>> for my thinking
> >>>>>> most theives are too lazy to try to figure out a way and
> >>>>>> will move on to the
> >>>>>> next target.
> >>>>>>
> >>>>>>
> >>>>>> So, the question I'm asking is:
> >>>>>> Is there a way for OpenSim to check a viewer string and
> >>>>>> allow or disallow
> >>>>>> based on that, and if so please let me know where that code
> >>>>>> is, and if
> >>>>>> not... Then I'll be burning the midnight oil again coding
> >>>>>> one up.
> >>>>>>
> >>>>>> ----- Original Message -----
> >>>>>> From: "Karen Palen" <karen_palen at yahoo.com>
> >>>>>> To: <opensim-users at lists.berlios.de>
> >>>>>> Sent: Monday, January 11, 2010 10:44 PM
> >>>>>> Subject: [Opensim-users] Banning "bad" viewers was Re: Can
> >>>>>> this be done?
> >>>>>>
> >>>>>>
> >>>>>>> The short answer is no.
> >>>>>>>
> >>>>>>> The more complete answer is that you while can easily
> >>>>>> detect some
> >>>>>>> characteristic of a viewer (or other software) which
> >>>>>> identifies that
> >>>>>>> viewer and use that to ban it, nothing can stop the
> >>>>>> authors of that viewer
> >>>>>>> from changing whatever characteristic you use.
> >>>>>>>
> >>>>>>> Worse yet, whatever characteristic you select to
> >>>>>> identify the "bad"
> >>>>>>> software will inevitably turn up in some other
> >>>>>> (innocent) viewer sooner or
> >>>>>>> later and will cause them to be banned for no reason.
> >>>>>>>
> >>>>>>> The best you could hope to achieve is some sort of
> >>>>>> "arms race" between
> >>>>>>> "bad" viewer creators and sim operators.
> >>>>>>>
> >>>>>>> In addition any viewer could be adapted for piracy.
> >>>>>> The original
> >>>>>>> experiments that resulted in
> >>>>>> libsecondlife/openMetaverse were based on
> >>>>>>> analysing the data stream between the Second Life
> >>>>>> Servers and the viewer
> >>>>>>> software (at the time ONLY the Linden Labs viewer) and
> >>>>>> had access to all
> >>>>>>> of that information. This was all done without
> >>>>>> modifying the viewer in any
> >>>>>>> way - it was proprietary at the time.
> >>>>>>>
> >>>>>>> Sadly the lesson of the endless failures of DRM
> >>>>>> schemes elsewhere shows
> >>>>>>> that the real losers are the honest/innocent users who
> >>>>>> are unable to do
> >>>>>>> the things that they really should expect to do with
> >>>>>> the content that they
> >>>>>>> have purchased.
> >>>>>>>
> >>>>>>> For example, I have completely stopped buying anything
> >>>>>> in Second Life
> >>>>>>> since I want to use the inventory I buy in my private
> >>>>>> sims as well. Sure I
> >>>>>>> can use pirate tools to do this, but if I have to do
> >>>>>> that to use my
> >>>>>>> purchases where I want to use them then why not just
> >>>>>> steal the stuff in
> >>>>>>> the first place?
> >>>>>>>
> >>>>>>> This is very similar to the situation with music CDs
> >>>>>> and DVDs, why build
> >>>>>>> an expensive collection if you will just have to
> >>>>>> re-purchase it in a few
> >>>>>>> years for the next technology and some DRM scheme
> >>>>>> tries to keep me from
> >>>>>>> playing my collection on the new equipment?
> >>>>>>>
> >>>>>>> There are several efforts being directed at come sort
> >>>>>> of "portable"
> >>>>>>> content. I hope that one or more actually proves to
> >>>>>> work, but I have no
> >>>>>>> illusions about that actually happening any time
> >>>>>> soon.
> >>>>>>> My opinion is that the best we can do at present is
> >>>>>> similar to the real
> >>>>>>> life piracy situation: stop the commercial marketing
> >>>>>> of pirated
> >>>>>>> merchandise as it is detected and reported. Ban anyone
> >>>>>> who engages in such
> >>>>>>> activities and if they persist bring real world law
> >>>>>> enforcement to bear.
> >>>>>>> For once Linden Labs seems to be using a reasonable
> >>>>>> version of this when
> >>>>>>> they state that the viewer is not the problem, it is
> >>>>>> the use of the
> >>>>>>> viewer. They have promised to act promptly to ban
> >>>>>> anyone using any viewer
> >>>>>>> for piracy.
> >>>>>>>
> >>>>>>> Karen
> >>>>>>>
> >>>>>>> --- On Mon, 1/11/10, Imago <imagorabbit at gmail.com>
> >>>>>> wrote:
> >>>>>>>> Is it possible to stop
> >>>>>>>> certain viewers from logging
> >>>>>>>> in to your opensim? Like Cryo?
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> _______________________________________________
> >>>>>>> Opensim-users mailing list
> >>>>>>> Opensim-users at lists.berlios.de
> >>>>>>> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>>>>>
> >>>>>> _______________________________________________
> >>>>>> Opensim-users mailing list
> >>>>>> Opensim-users at lists.berlios.de
> >>>>>> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>>>>>
> >>>>>
> >>>>>
> >>>>> _______________________________________________
> >>>>> Opensim-users mailing list
> >>>>> Opensim-users at lists.berlios.de
> >>>>> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>>> _______________________________________________
> >>>> Opensim-users mailing list
> >>>> Opensim-users at lists.berlios.de
> >>>> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>>>
> >>> _______________________________________________
> >>> Opensim-users mailing list
> >>> Opensim-users at lists.berlios.de
> >>> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>
> >> _______________________________________________
> >> Opensim-users mailing list
> >> Opensim-users at lists.berlios.de
> >> https://lists.berlios.de/mailman/listinfo/opensim-users
> >>
> > _______________________________________________
> > Opensim-users mailing list
> > Opensim-users at lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-users
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
More information about the Opensim-users
mailing list