[Opensim-users] Announcement of inventory tool (MyInventory), mostly of interest to grid operators/grid nauts
Snowcrash Short
snowcrash.short at gmail.com
Sun Nov 18 12:11:21 UTC 2012
On Sun, Nov 18, 2012 at 11:11 AM, Teravus Ovares <teravus at gmail.com> wrote:
> "I am a bit saddend by the vitriol in some of the replies I have received,
> they do not bode well for the future co-operation."
>
> 1. I'd like the content downloading portion of the code to be closed
> source so that it can't be easily mirrored by someone who doesn't care
> about permissions and working with the community. As it stands now,
> tools that make stealing content easy are generally shunned by the
> community. To your earlier statements about there being things out there
> that already steal content.. yes, I'm aware however, they're typically
> buggy, their maintainer is awol, the tool barely works.. or they're not
> really 'content downloaders by purpose', they're a dev library to implement
> a client (libOMV) and trying to get the library to download a full item is
> like pulling teeth. Yes, the viewer /can/ download things, BUT, as you
> note from the boards getting the viewer to do anything other then view is
> like pulling teeth also.. LibOMV nor a custom viewer are 'easy' to
> implement a full downloader like you're proposing... so keeping it
> closed source /DOES/ assist in preventing wide scale content theft.
>
Some of the videos I have seen of ripping tools seems to suggest otherwise:
http://www.youtube.com/watch?v=jWVsByboNok
http://www.youtube.com/watch?v=1ClL_cX7dLs
http://www.youtube.com/watch?v=kHblR9-X_tI&feature=watch-vrec
http://hidemyass.com/?gclid=CPvpn6Sz2LMCFdB8cAodpTcACg
As you can see from the videos copy-botting is quite different from backing
up the inventory. With your knowledge of programming you really should know
that any protection scheme based on obscurity if bound to fail, which to
above links to videos about already existing content theft tools clearly
demonstrates.
>
> 2. I'd also like there to be a 'grid transfer permission implemented
> techincally so that content creators can denote whether or not they want
> users to take content off grid. As it stands now, the 'ordinary course of
> business'(legal term) expectations are that content will stay where it was
> uploaded because that's how it's been except where hypergrid is
> activated. Hypergrid is not activated by default... therefore... because
> that's the norm, approving a tool to transfer content from grid to grid
> without a way to check if the content creator is allowing it... isn't
> going to happen. Content Creators wouldn't have expected that to be an
> option and couldn't have foreseen this change in expectations.
>
That may very well be, but unless a different agreement has been made
between the content creator and the licensee the rights of the user and
creator is governed by the rights assigned to each party by law, very
likely the law of the country where the licensee resides. This is really a
legal matter, and a grid transfer permission is a technical thing, which
has no real bearing in terms user/creator right unless there exists a
specific agreement on the meaning of said "grid transfer flag". Further
compounding the issue is standalone grids which are reachable via
hyper-grid.
The good news is that there already exists a model for how this can be
dealt with, it's called "the web". If you think of a region (or a grid) as
a web-site. Then the buildings, trees etc. can be considered content on
that web-site. The grid/region operator (which is a legal entity) clearly
is responsible for the content he or she has uploaded to that region. A
visitor to the site represented as an avatar (backed by a user who is a
legal entity) has no rights as such to the content within the region. The
user is solely responsible for the content which is used to represent the
avatar. If the user rezes an item and leaves it on the grid, the "safe
harboring" and DMCA provisions (which is a model quite a few countries have
adapted) should take place, unless the grid operator either lives in a
country or is hosting the grid from a server in a country where "safe
harboring" isn't applicable, then the grid operator may very well
responsible for the content rezed by the user, maybe even the appearance of
the avatar, depending on that countries interpretation of the word
distribution in an internet context.
>
> 3. I have not seen much cooperation here from you. You're shooting
> down valid feedback under the guise of 'I'm not sure I agree with you and a
> false understanding of user's rights'... You've flatly ignored the
> things that I brought to your attention... so, it shouldn't be a
> surprise that I'm expressing the consequences of your actions should you
> decide to not take the community's views into consideration.
>
>
Whether my understanding of user's rights if false or not is a matter of
opinion and differs wildly from country to country, in the end, only the
courts can determine who is right.
I don't think I have flatly refused much of anything in terms of
co-operation, e.g. I have agreed to let the community have a preview of the
functionality prior to releasing the source. On the contrary I have the
impression that unless I do exactly as even the most oppressive thinker
wants me to, then I am uncooperative, liable for legal action and the
application will be banned outright from connecting to any grid.
Digging trenches doesn't really help anything, if I were convinced that
opt-in wouldn't be a pillow used by grid operators to continue depriving
users of their legitimate rights then I would probably go for that model,
as well as the other things I have already conceded. Closed source is
however IMO bordering on the ludicrous, which doesn't provide any real
tightening of security, content creators don't get any additional
protection by going closed source as the above links clearly demonstrates.
I have, during my research for this project, discovered a number of
vulnerabilities, some of which has been a topic between Dahlia and I. I
have offered to help identify these vulnerabilities and help design fixes
for these, but of course that's probably also being uncooperative in your
eyes?
Best regards
Snowcrash
> Mckayla Maroney is Not Impressed.
>
> Teravus
>
>
> On Sun, Nov 18, 2012 at 3:31 AM, Snowcrash Short <
> snowcrash.short at gmail.com> wrote:
>
>>
>>
>> On Sun, Nov 18, 2012 at 1:41 AM, Dahlia Trimble <dahliatrimble at gmail.com>wrote:
>>
>>> Perhaps you could implement an "opt-in" policy, where a grid has to ask
>>> to be put on a list that enables export of items where one is not the
>>> creator, rather than the other way around as you have been proposing.
>>>
>>>
>>> I have given some thought about an "opt-in" policy and I am not really
>> convinced. It is my feeling that unless there exists a binding agreement
>> limiting the use rights of assets in the users inventory e.g. an accepted
>> TOS, then the user should be afforded the rights granted to him or her by
>> law.
>>
>> Hence my initial request for grids where a TOS is in place, so that I can
>> help prevent the user from violating the TOS.
>>
>> Best regards
>> Snowcrash
>>
>>>
>>> On Sat, Nov 17, 2012 at 6:30 AM, Snowcrash Short <
>>> snowcrash.short at gmail.com> wrote:
>>>
>>>> HI
>>>>
>>>> Whether your effort is worth while is a question only you can answer.
>>>>
>>>> What I can tell you is that my software will not change anything to the
>>>> assets on your server, it won't remove any assets or copy any assets,
>>>> except those that are in the users inventory, and if you tell me the domain
>>>> name you are using, I will implement the same protection against theft as
>>>> is required for third party viewers on Linden Labs grids.
>>>>
>>>> I hope this puts you somewhat at ease.
>>>>
>>>> Best regards
>>>> Snowcrash.
>>>>
>>>>
>>>> On Sat, Nov 17, 2012 at 2:11 PM, InuYasha Meiji <
>>>> inuyasha.meiji at gmail.com> wrote:
>>>>
>>>>> I am sorry, I am a bit prone to mood swings, on account of being both,
>>>>> an insulin dependent diabetic and after an 8 year wait on dialysis, I am
>>>>> on kidney transplant immune suppressants. This whole conversation is
>>>>> starting to depress the %^&* out of me, wondering if all of this is worth
>>>>> my time and money anymore. When I discovered Opensim, I thought, finally I
>>>>> can have enough land to build something impressive. I once built the most
>>>>> important building of Shuri called the Seiden of Shuri in a sim called
>>>>> Butler in Secondlife. Now I could build the entire castle on my own grid,
>>>>> and choose a time period and scale. With enough research to build a
>>>>> historically accurate Castle during its golden era.. I have researched
>>>>> more then 5 years on this project, only to be sure I had enough detail and
>>>>> knowledge of the culture to create what was around in the late 16th early
>>>>> 17th century.
>>>>>
>>>>> I have been saving money by not eating as well, I lost 32 pounds in
>>>>> three months. It should be another year, or year and a half, to get a
>>>>> monster of a server to run it on. As I save up, prices cme down to built
>>>>> a twin AMD 3+ Bulldozers each with 16 cores to run it on.
>>>>>
>>>>> This conversation has me thinking only about people stealing my
>>>>> assets, makeing me think, why bother. To me the realease of Snowcrashe's
>>>>> software makes it easy for anyone to just freely grab all my work, I give
>>>>> on my grid, for use on my grid, and drag it off someplace, even SL to
>>>>> resell and use no matter how I try to protect myself and my work. Also
>>>>> from what he said other "black hatters" can do it ANYWAYS. To me this
>>>>> means hours of hand texturing, the hours I spent building, till my one good
>>>>> eye gives me such a headache I pop tylonol like candy.
>>>>>
>>>>> IT takes me more time and effort to do as much as some with only one
>>>>> working eye. I want it to stay here on my grid unless I choose to sell it
>>>>> in another grid like Secondlife. I also don't want my grid a 16th-17th
>>>>> century grid becoming filled with airplanes and cars and other modern
>>>>> items. Can someone tell me now, why should I even put more work into
>>>>> creating this world and taking any more of my life creating anything
>>>>> anymore??
>>>>>
>>>>> InuYasha.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 11/17/2012 2:47 AM, Snowcrash Short wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Nov 15, 2012 at 3:50 PM, What Virtual World - Martin Forster <
>>>>>> blackberry at forsterinternet.nl <mailto:blackberry@**forsterinternet.nl<blackberry at forsterinternet.nl>>>
>>>>>> wrote:
>>>>>>
>>>>>> Hello Snowcrash,
>>>>>> I think it is good having software to backup your items but....
>>>>>> As melanie sayed before, the ability to backup "Any" item would
>>>>>> not be a good idea as your software will be banned from major
>>>>>> grids due to this.
>>>>>> To be honest we would also blacklist your software if we think it
>>>>>> can be at harm for the creators in our grid.
>>>>>> Please think if this:
>>>>>> Most people can not make a "copybot vieuwer" as the things people
>>>>>> need for that are available but also complicated to build if you
>>>>>> dont have any experiance.
>>>>>> If your software is easy to compile without any knowledge it will
>>>>>> be a base for people to create these "copybot's" with.
>>>>>> This will not be the best advertisment for your software in my
>>>>>> believe.
>>>>>> I think it will be best not to make it an opensource project ..
>>>>>> but just distribute only in binary form.
>>>>>> Also making it TPV compliant will be even better.
>>>>>> If it protects content from beeing ilegaly copied on "any grid" we
>>>>>> will support it for sure.
>>>>>> Just my two cents ...
>>>>>>
>>>>>> The backup feature, which really is only a small part of the overall
>>>>>> featureset, currently operates in one of two modes, TPV compliant mode and
>>>>>> unrestricted mode. MyInventory forces the download component to be TPV
>>>>>> compatible when connecting to any known Linden Labs grid (and similar
>>>>>> protection is underway for other grids), My original mail had two topics.
>>>>>>
>>>>>> 1) Which grids would like to have the same hardcoded protection level
>>>>>> against unrestricted download as Linden Labs
>>>>>> 2) This tool may - if it becomes popular - create a lot of duplicate
>>>>>> assets, therefore I came up with a suggestion on how to alleviate this
>>>>>> problem.
>>>>>>
>>>>>> Going closed source is simply "security by obscurity" under a
>>>>>> different name, the "black hatters" already have the ability to take what
>>>>>> they want, claiming that content creators assets are safe is simply not
>>>>>> true, and that fact holds for Linden Labs grids as well.
>>>>>>
>>>>>> Even if you decide to block MyInventory, the blocking tools are so
>>>>>> inadequate in these days of fast recycling DHCP servers, that all you will
>>>>>> manage to do is to block out legitimate users, the "black hatters" can
>>>>>> easily get around these limitations. And is that really what you want?
>>>>>>
>>>>>> Best regards,
>>>>>> Martin Forster
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> *From:* Snowcrash Short <mailto:snowcrash.short at gmail.**com<snowcrash.short at gmail.com>
>>>>>> >
>>>>>> *To:* opensim-users at lists.berlios.de
>>>>>> <mailto:opensim-users at lists.**berlios.de<opensim-users at lists.berlios.de>
>>>>>> >
>>>>>> *Sent:* Thursday, November 15, 2012 10:44 AM
>>>>>> *Subject:* [Opensim-users] Announcement of inventory tool
>>>>>>
>>>>>> (MyInventory), mostly of interest to grid operators/grid nauts
>>>>>>
>>>>>> Hi
>>>>>>
>>>>>> I've been working on a client side tool for decentralizing
>>>>>> user inventories, which I will release as an open source tool
>>>>>> in two weeks, some of the features may be relevant to grid
>>>>>> operators.
>>>>>>
>>>>>> The basic premise of the tool is that the inventory and the
>>>>>> backing assets of the inventory items really should be
>>>>>> controlled by the user. The tool is born out of a frustration
>>>>>> of having visited a number of grids. Each visit to a new grid
>>>>>> presents me with an empty inventory, and I can then spend time
>>>>>> searching for suitable item, clothing, attachments and
>>>>>> other accessories.
>>>>>>
>>>>>> For this purpose I have created a tool which will allow me to
>>>>>> backup my inventory to a local cache and then upload the
>>>>>> contents to another grid.
>>>>>>
>>>>>> If my tool becomes popular, both the upload and download
>>>>>> mechanisms may have some impact on the grid-operators, hence
>>>>>> this email to serve as a notice.
>>>>>>
>>>>>> The basic architecture is pretty simple, consisting of a
>>>>>> number of import agents, which can import the users inventory
>>>>>> and backing assets to a local database, and a number of upload
>>>>>> agents which can upload inventory content to a specific
>>>>>> account.
>>>>>>
>>>>>> Backup/Import
>>>>>> There are two import agents, one which will import .iar files
>>>>>> and one which works very much like I believe "Stored
>>>>>> Inventory" works, which can backup the inventory of an avatars
>>>>>> inventory. Avatar backup/Import is governed by a policy.
>>>>>> Currently there are two policies, one complying with a very
>>>>>> restrictive interpretation of the Linden Labs policy on
>>>>>> backups, and a completely unrestricted policy, where anything
>>>>>> that can be downloaded will be downloaded.
>>>>>>
>>>>>> When a new account is registered in MyInventory it checks if
>>>>>> the account is for a Linden Lab grid and limits the choices of
>>>>>> policies to policies suitable for LL's TOS, I cannot and do
>>>>>> not know if other grids have similar policies, I can well
>>>>>> imagine that Avination has a similar restrictions, and would
>>>>>> like similar logic implemented to restrict the download. Any
>>>>>> grid operator which would like to have backup governed by a
>>>>>> more restrictive policy are invited to notify me and I will
>>>>>> attempt to implement the policy prior to the first release of
>>>>>> the source code. or supply patches at a later time.
>>>>>>
>>>>>> Upload/Export
>>>>>> MyInventory supports two mechanisms for uploading inventory
>>>>>> content, traditional upload using UDP/CAPS and direct access
>>>>>> to the inventory and asset web-services.
>>>>>> Due to limitations in the UDP/CAPS protocol each upload will
>>>>>> create new assets, and as of my latest read of the Open
>>>>>> Simulator code the asset store does not support "single
>>>>>> instance assets", i.e. it does not use a checksum to verify if
>>>>>> the asset already exists, for this reason MyInventory prefers
>>>>>> to upload using direct access to asset and inventory
>>>>>> web-services.
>>>>>>
>>>>>> I would propose that the grids which chooses to support
>>>>>> MyInventory augment their "GridInfoService" entries with the
>>>>>> url's for the asset and inventory web-services, e.g.
>>>>>>
>>>>>> [GridInfoService]
>>>>>> assets = http://assets.osgrid.org
>>>>>> inventory = http://inventory.osgrid.org
>>>>>>
>>>>>> Best regards
>>>>>> Snowcrash
>>>>>>
>>>>>> ------------------------------**
>>>>>> ------------------------------**------------
>>>>>>
>>>>>> ______________________________**_________________
>>>>>> Opensim-users mailing list
>>>>>> Opensim-users at lists.berlios.de
>>>>>> <mailto:Opensim-users at lists.**berlios.de<Opensim-users at lists.berlios.de>
>>>>>> >
>>>>>>
>>>>>> https://lists.berlios.de/**mailman/listinfo/opensim-users<https://lists.berlios.de/mailman/listinfo/opensim-users>
>>>>>>
>>>>>>
>>>>>> ______________________________**_________________
>>>>>> Opensim-users mailing list
>>>>>> Opensim-users at lists.berlios.de <mailto:Opensim-users at lists.**
>>>>>> berlios.de <Opensim-users at lists.berlios.de>>
>>>>>>
>>>>>> https://lists.berlios.de/**mailman/listinfo/opensim-users<https://lists.berlios.de/mailman/listinfo/opensim-users>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ______________________________**_________________
>>>>>> Opensim-users mailing list
>>>>>> Opensim-users at lists.berlios.de
>>>>>> https://lists.berlios.de/**mailman/listinfo/opensim-users<https://lists.berlios.de/mailman/listinfo/opensim-users>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> ______________________________**______________________________**
>>>>> ____________
>>>>>
>>>>> Opensim User: In Gridmode on Version 0.7.4. Nine Instances with 56
>>>>> Regions. on Windows 7, 64-bit. Phenom 9500 2.2 GHz Quad Core, Terabyte Hard
>>>>> Drive, 8gig DDR2 RAM. Used XAMPP to load PHP Version 5.3.0, Apache
>>>>> and MySQL 5.1.41-community edition. Groups, Profiles, Vivox Voice and
>>>>> Offline Messages all working. (Not yet Public, 6 users allowed Now).
>>>>> ______________________________**______________________________**
>>>>> ____________
>>>>>
>>>>> ______________________________**_________________
>>>>> Opensim-users mailing list
>>>>> Opensim-users at lists.berlios.de
>>>>> https://lists.berlios.de/**mailman/listinfo/opensim-users<https://lists.berlios.de/mailman/listinfo/opensim-users>
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Opensim-users mailing list
>>>> Opensim-users at lists.berlios.de
>>>> https://lists.berlios.de/mailman/listinfo/opensim-users
>>>>
>>>
>>>
>>> _______________________________________________
>>> Opensim-users mailing list
>>> Opensim-users at lists.berlios.de
>>> https://lists.berlios.de/mailman/listinfo/opensim-users
>>>
>>
>>
>> _______________________________________________
>> Opensim-users mailing list
>> Opensim-users at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-users
>>
>
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20121118/35b19475/attachment.html>
More information about the Opensim-users
mailing list