[Opensim-users] Banning "bad" viewers was Re: Can this be done?

[John Ward]

Karen Palen wrote:
> --- On Tue, 1/12/10, John Ward <jward at uci.edu> wrote:
>> In your analogy the "fragile filtering" is the equivalent of a dummy fire
>> extinguisher.  Unlike dummy fire extinguishers which don't put out any
>> fires, fragile filters, at least the one asked for, would actually block
>> based on how a client identifies itself. It does more then provide good
>> feelings.  The situation is more analogous to equipping with too few fire
>> extinguishers rather then fake ones.  I suggest you ask your local fire
>> department if you would be better off with one fire extinguisher, a fake
>> one, or none!
> 
> You take issue with my analogy which I will admit was overstated at least
> in part for the sake of brevity.
> 
> Still you miss my point which is that there are no such things as "good" or
> "bad" viewers!

I guess I missed that in the diatribe.

> Identifying the viewer thus really does NOTHING apart from "feelgood"!

I understand that you see this as nothing.  We disagree on this point.  Not 
being effective against a man-in-the-middle attack is not equivalent to doing 
nothing.  Lots of security measures can be defeated by such attacks.  We still 
make use of such techniques and layer them with others to shore up those 
deficiencies.

> Banning of viewers (ANY viewers!) is based on a false assumption.

The false assumption is that a technique that doesn't solve all problems does 
nothing.

> The problem is not the software, but how that software is used.

This is true of security software too.