Automatic Hidden Media

Second Life is a unique environment (compared to basic web browsing) for two reasons I want to mention.

1. IP addresses are NOT public information to the sim owner.

2. Sim owners can make users go to a web site without them knowing where they are being led

Normally on the web, your IP address is basically public information, it is critically required by any site you connect to, because without it, it doesn’t know where to send the data.  However sense SL is set up such that LL internal servers handle all of the routing, IP addresses are not necessarily to be known by sim administrators.

This lead’s to a few consequences.

1.  It makes it very difficult for the sim administrator to be able to identify individuals, which can lead to issues in security and control.  (Griefers using multiple alts that can not be linked together)

2. It provides users and visitors the perception that their alternate accounts are private information that they can control.

Now clearly, once you leave second life servers (by opening a web browser, media url, radio station, etc), the interesting phenomenon caused by LL taking care of the IP addresses is gone, and they are once again public information to the administrator.

Most people do not realize this, and possibly some education would fix any issues that are arising; but I see more to it than this. (specially when looking for a solution).  In secondlife, LL has provided sim owners the ability to run scripts that can direct it’s users to open up an external server, and for the best user experience (and by default) this is automatic.  The other mode is full manual (where the play/stop button at the bottom toggle the auto/none), an the last mode is totally off.

This really does not leave much security or control to the user, as when they have it turned on, it is automatic.

Perhaps as a power user (or paranoid) feature, I am planning on adding a third mode which will make the viewer prompt before each media change completes, and will let the user choose to let it complete or not.

For example, if you have media on and someone turns the tv in front of you to go to http://www.youtube.com, you will receive a dialog similar to “Media change requested to http://www.youtube.com, do you wish to continue?”  and options of “Yes”,”No”,”Always yes for this domain”,”Always No for this domain”,”Always yes for this parcel”,”Always no for this parcel”.

This would then allow the user to stop a media request to http://www.thisIsAIlligalBombMakingSite.com.

This is all great and shiny.. unfortunately there is a big complication, the brilliant people at LL decided it was a good idea to NOT ALLOW PEOPLE TO SEE WHERE THEY ARE GOING.  This is a check box setting that sim admins can set, which prevents the data from being viewable to the client interface (though of-course the backend must still have it to be able to load that page).

Emerald Devs were very strong against any bending of that rule, even to the extent that simply showing the domain that is about to be loaded would be a horrible sin.

The other issue is that there are some scripts that rely on a type of security that expects a very fast response time from the client (that would be lost if the user takes to long clicking apply), so basically, it might break some content.

Personally, I feel that (not just technologically) that people have a right to control every aspect of what they want, so far as that it doesn’t mess with other people.  If they want to block something and break that content, they should be allowed to.  If they want to choose which sites they visit and which ones they don’t, they should be allowed to.  And also, with undesirable thing’s on the internet, I think it is extremely important for people to be able to see where the data they are about to download comes from.

The final version of this in emerald will probably be just a third option, with the buttons mentioned, that will have to hide the URL if the land floater hides it as well, probably with a big warning box about how it might break content.

Ill be happy with that then nothing at least. Rant over. (P.S. Laura hasn’t been around for a week, exams and cramming now too, and ive just been on a really frustrated emotional streak that tends to drive me to my core.  Security issues and stuff have been pumping my blood sockets, I’ve already (stupidly and very rudely) reverted someones code that I didn’t agree with/ understand fully, broken down in tears over another issue that doesn’t even matter, as well as commit a patch to allow users to control what user agent information is sent to web sites (this was reverted as well, as aparently that is also a evil thing to do)) So I figured I’d rant it out here so I don’t do anything stupid.

7 Comments

  1. good post

  2. how about making somthing kinda like a firewall rules control panel, where you can define rules like allow connection to http://*goodsite.com/* , deny connections if you’re in the sim *sandbox* , ask permission if it’s from an object owned by * Linden, always ask permission if no other rule took over (have rules have priority, like the top ones run first), and show a log of all connections live etc

  3. LGG, don’t forget about PARCEL_MEDIA_COMMAND_PLAY, even with auto play off, a script in the parcel can force the client’s viewer to load media URL.

  4. this is perfect timing for this type of control feature coding to be implemented to launch your OWN version of Emerald distinct from the children abusing this exploit.

    not like yer ever gonna compete with the starving ignorant masses who have adopted the Emerald juggernaut, you just might do some good for your own piece of mind and one or two other devotees. less’n yer chicken! haha.

    if these thoughts are revealing secrets that could lead to your death, please, for God’s sake be careful.

  5. LGG, I’m with you; I would recommend any viewer with this feature, likely over the whole rest of the Emerald feature set. I proposed something like it in VWR-18371; you might find something there worth stealing.

  6. […] within the team had apparently been strained for some time – LordGregGreg had fought for viewer controls over a hidden media exploit that can be used by Second Life landowners to silently harvest other […]

  7. […] remember before hand how I was upset over this and then even more upset when phox took out the little protection I did add to emerald after I […]


Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s