[Opensim-users] Banning "bad" viewers was Re: Can this be done?

Bill billnickels at cableone.net
Fri Jan 15 05:37:36 UTC 2010 

*Sorry for the double. My first post and just hit reply the first time.*

I have read most all of the comments concerning this issue. IMO viewer 
identification will just be a hassle to the user. Earlier today I used a 
Seamonkey browser and was prevented from transacting business because of 
using it. My desire to use a particular browser, Seamonkey, was denied. 
I certainly didn't want to harm the company that owned or hosted the 
website. I guess since Seamonkey is used by more Linux/Unix users that 
all Seamonkey users are up to no good and deserve to be banned. My point 
is to ban based to ID strings that are true or false is guilt by 
association just as it is in the above analogy for Seamonkey users.

I know the points taken in this very long discussion thread are towards 
trying to come up with a proactive approach to Opensim security. I don't 
think there is a proactive approach that will work well. I think it must 
be a reactive approach. If someone offends, ban. But, automation can 
certainly help with identification and culling bad doers.
I propose that the ID of the offensive party be based on the MAC address 
that I think is part of the HTTP header, if not, there are trace back 
procedures that will reveal it. Then, maybe a database of offending 
MAC's could be established and keyed inversely with number of bans 
across Opensims.
The worst offenders are on top of the stack.

Representatives from several OS organizations could form a group to 
maintain the database and  it could be built into OS. Then all of 
opensim would be doing the same thing. The database could be replicated 
has a background process so that all have close the same data at some 
point. This approach uses a hardware/frimware address that can only be 
changed with a great deal of work or by going to another computer. This 
is not guilt by association but identification of hardware from wince 
bad deeds have come. I suppose someone with low level knowledge could 
send the header through a buffer and change the MAC address on the way 
out but, I don't think it would be successful as most ISP's use it to 
identify authorized equipment attached to their network.

Thanks for reading.

Bill

More information about the Opensim-users mailing list