[Opensim-users] Banning "bad" viewers was Re: Can this be done?

[Karen Palen]

--- On Wed, 1/13/10, John Ward <jward at uci.edu> wrote:


> 
> I understand that checking an ID string can be
> defeated.  That has never 
> been my point.  

Yes you seem to feel that checking the string does some good in some sense. I claim that it does no good whatsoever apart from keeping out "goodguys" who have a problem with your "approved" viewer.

> You point out that it takes some
> effort to change the 
> string.  

Effort that the "good guys" will perform, but the "bad guys" won't!

If I want to produce a "griefer" or "piracy" tool there is absolutely no reason to change the IDs, revision codes or anyt6hing else apart from whatever hack I am performing.

The ID strings are in the code, not automatically generated by Visual Studio 2005!




> > Which makes the check essentially useless as a
> security tool.
> 
> That assumes keeping out all bad guys is the only measure
> of a security tool.  

I have seen no other claim made for checking this ID string, nor can I imagine any other usefulness unless you simply want to exclude some competitor.


> I see.  Your choice of viewer is more important then
> the grid operators 
> choices.  It's OK to limit their tools.

That depends entirely on why they are operating the grid. If their intent is to promote the sale of their particular viewer (or whatever) then you are correct.

However if the grid operator is trying to actually attract casual users and to make the grid useful to a reasonable number of people then it is counter productive.

Even the legendary script kiddies will go to more trouble than the first time user who really is not willing to invest time and money into something they know nothing about! That is what demos are all about after all.

Karen