[Opensim-users] Banning "bad" viewers was Re: Can this be done?

Thu Jan 14 17:38:23 UTC 2010

This is completely off-topic at this point, and after this (unless
someone adds useful signal) I'm ignoring this thread.

On Thu, Jan 14, 2010 at 8:36 AM, Karen Palen <karen_palen at yahoo.com> wrote:
> In fact it takes a certain amount of effort to change the default ID which is built into the viewer code. Effort that no malware writer will expend!

...until you issue a challenge like that.  Further, the 'default ID'
can be changed *on the commandline*.  Because of this, there's no
requirement to recompile/relink the viewer when you want to change
that ID string, which reduces (by several orders of magnitude) the
amount of time necessary to brute-force the string necessary.  And,
since you've essentially stated that you want the "official" Linden
viewer, all someone has to do is figure out which version string(s) of
the released viewer your grid will accept.

If you want security through obscurity, that's wonderful... but when
you make it no longer obscure, it's no longer secure.  You have
definitely removed the obscurity from your system through your
announcement of your plans in this thread.

I have already stated the only even-remotely-secure way to do it, and
even that, if you want any kind of grid population at all, is going to
require some kind of automation.  (That way is server/client mutual
cryptographic authentication, handled via TLS.)  Personally, I'd
rather each change to a primitive be written to a log as a revertable
changeset... but I'll let you know when I figure out how to do that.

> There are a great many crazy ideas that hide under the banner of "security".
>
> Here in Arizona we have a traffic camera scam which is being promoted as "safety". The huge amount of statistical evidence which proves this to be false is simply ignored.

Traffic cameras have been held unconstitutional in the state of
California.  I used to live in Arizona; I pity that you do.

The problem that those traffic cameras were supposed to stop can be
resolved, much more effectively, by increasing the length of the
yellow light to at least 2 seconds.  The bigger problem is that most
city councils were convinced that it could be a revenue-generation
system, and thus most councils directed that yellow lights be
shortened, thus increasing the danger of entering an intersection in
the first two seconds after a green light.

> Many people are receiving citations for speeding when in fact they are sick or travelling outside the US.

...which is why they've been held unconstitutional in CA.  (As has
photo-radar, since the operator of the vehicle is the one responsible
for the violation -- not the owner or registered owner of the vehicle
used for the violation.)

> Karen

The point is to identify the end result of what you want, and you've
identified it as "I don't want anyone fucking with the prims on my
grid unless I grant them permission."  You have generalized this to "I
don't want anyone I can't trust not to fuck with the prims on my grid
to connect to my grid," and are now trying to find a way to enforce
that.  We've all told you *why* your approach is flawed.  We've all
told you *how* your approach is flawed.  We've even tried to provide
you with *better directions* to find the solution to your problem.

All the while, you've been stubbornly refusing to accept any solution
more complex than the not-a-solution that you've come up with, and
have been vocally defending something that, to be effective, must be
kept secret.  (Since it's no longer a secret, it no longer has any
effectiveness.  Congratulations on shooting yourself in the foot.)

-Kyle H