[Opensim-users] Banning "bad" viewers was Re: Can this be done?

Wed Jan 13 02:27:05 UTC 2010

There is also another angle to this, the single dev/script kiddy/call
them what you want, that creates a 'bad' viewer, poses it as a
legitimate viewer and distributes it to the masses. Then you are faced
with the fact that you do not know whether a connected viewer is bad or
not. So you have but a handful of options; complete lockdown using IP
ban and invitation only, right the way to the other side, let everyone
in no matter what. The middle ground is of course, automating the task
of detecting a specific connection or viewer and creating an action
based upon that specific detection of said connection/viewer.

Any loose security mechanism will probably be subject to attempted
compromise by script kiddy's, as that is what they do. They love wooden
fences they can plough through easily as opposed to the time and hassle
it takes to knock down iron mountains. The only way to stop 'bad'
viewers is to create an iron mountain, which OpenSim is far far off
being and until it has its own proprietary viewer, will probably stay
that way (though ANY open source client poses a constant security threat
to OpenSim, as does any open source simulator to the client).

To block a road with traffic cones is just asking for them to be kicked
out of the way. OpenSim is not secure, period. It's a harsh reality, but
it is true and would be foolish to think otherwise.

The best course of action, IMHO, is to backup. Backup backup backup and
verify you can use your backups to restore to a good state in as faster
time as possible; though that only combats griefing. If people are
concerned about having their objects/assets stolen by people using 'bad'
viewers then there really isn't a lot you can do at the present time,
except only invite people who you trust to your sims. On that note
anyone trying to make money from selling objects/assets when connected
to an open grid (i.e. not a walled garden) using OpenSim should be
prepared for the worst, if they really are worth stealing, and that is
something that plagues the Linden grid still to this day.

The above, though harsh, is only my opinion but I feel my time being
active in an open grid has taught me that. Open grids/standalones are
among a very harsh cruel world and every silver lining has a cloud.

Adelle