[Opensim-users] Banning "bad" viewers was Re: Can this be done?

Karen Palen karen_palen at yahoo.com
Thu Jan 14 17:51:36 UTC 2010 

You are quite correct in saying that the traffic camera comments belong elsewhere! Sorry.

http://camerafraud.wordpress.com/ is a website devoted to this issue and is the appropriate place for any more discussion.

I will merely note that so far 11 states have banned the cameras and 17 out of 17 ballots on the issue have also done so.

I do agree with your comments on the ID string, although I have other posts which cover my thoughts in more detail.

Karen

--- On Thu, 1/14/10, Kyle Hamilton <aerowolf at gmail.com> wrote:

> From: Kyle Hamilton <aerowolf at gmail.com>
> Subject: Re: [Opensim-users] Banning "bad" viewers was Re: Can this be done?
> To: "opensim-users" <opensim-users at lists.berlios.de>
> Date: Thursday, January 14, 2010, 10:40 AM
> My apologies, Karen;  I was
> actually directing most of this to Imago.
> 
> (My comments about Arizona, photo radar, red-light cameras,
> and
> California are all still directed toward you, but they open
> a
> different topic which is outside the scope of this list.)
> 
> -Kyle H
> 
> 2010/1/14 Kyle Hamilton <aerowolf at gmail.com>:
> > This is completely off-topic at this point, and after
> this (unless someone adds useful signal) I'm ignoring this
> thread.
> >
> > On Thu, Jan 14, 2010 at 8:36 AM, Karen Palen <karen_palen at yahoo.com>
> wrote:
> >> In fact it takes a certain amount of effort to
> change the default ID which is built into the viewer code.
> Effort that no malware writer will expend!
> >
> > ...until you issue a challenge like that. Further, the
> 'default ID' can be changed *on the commandline*. Because of
> this, there's no requirement to recompile/relink the viewer
> when you want to change that ID string, which reduces (by
> several orders of magnitude) the amount of time necessary to
> brute-force the string necessary. And, since you've
> essentially stated that you want the "official" Linden
> viewer, all someone has to do is figure out which version
> string(s) of the released viewer your grid will accept.
> >
> > If you want security through obscurity, that's
> wonderful... but when you make it no longer obscure, it's no
> longer secure. You have definitely removed the obscurity
> from your system through your announcement of your plans in
> this thread.
> >
> > I have already stated the only even-remotely-secure
> way to do it, and even that, if you want any kind of grid
> population at all, is going to require some kind of
> automation. (That way is server/client mutual cryptographic
> authentication, handled via TLS.) Personally, I'd rather
> each change to a primitive be written to a log as a
> revertable changeset... but I'll let you know when I figure
> out how to do that.
> >
> >> There are a great many crazy ideas that hide under
> the banner of "security".
> >>
> >> Here in Arizona we have a traffic camera scam
> which is being promoted as "safety". The huge amount of
> statistical evidence which proves this to be false is simply
> ignored.
> >
> > Traffic cameras have been held unconstitutional in the
> state of California. I used to live in Arizona; I pity that
> you do.
> >
> > The problem that those traffic cameras were supposed
> to stop can be resolved, much more effectively, by
> increasing the length of the yellow light to at least 2
> seconds. The bigger problem is that most city councils were
> convinced that it could be a revenue-generation system, and
> thus most councils directed that yellow lights be shortened,
> thus increasing the danger of entering an intersection in
> the first two seconds after a green light.
> >
> >> Many people are receiving citations for speeding
> when in fact they are sick or travelling outside the US.
> >
> > ...which is why they've been held unconstitutional in
> CA. (As has photo-radar, since the operator of the vehicle
> is the one responsible for the violation -- not the owner or
> registered owner of the vehicle used for the violation.)
> >
> >> Karen
> >
> > The point is to identify the end result of what you
> want, and you've identified it as "I don't want anyone
> fucking with the prims on my grid unless I grant them
> permission." You have generalized this to "I don't want
> anyone I can't trust not to fuck with the prims on my grid
> to connect to my grid," and are now trying to find a way to
> enforce that. We've all told you *why* your approach is
> flawed. We've all told you *how* your approach is flawed.
> We've even tried to provide you with *better directions* to
> find the solution to your problem.
> >
> > All the while, you've been stubbornly refusing to
> accept any solution more complex than the not-a-solution
> that you've come up with, and have been vocally defending
> something that, to be effective, must be kept secret. (Since
> it's no longer a secret, it no longer has any effectiveness.
> Congratulations on shooting yourself in the foot.)
> >
> > -Kyle H
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
>

More information about the Opensim-users mailing list