Personal media in Second Life

January 8, 2007

Second Life client is Free Software now!

Filed under: Free / Libre, Politics — Signore Iredell @ 5:30 pm

senza-titolo-1.jpg

Resources
Open Source Portal
Open Source: Overview
Bug Tracker

Interesting posts on
taotakashi.wordpress.com
blog.webreakstuff.com
www.kittenlulu.com
marshallk.com
www.boingboing.net
www.ethanzuckerman.com
www.redmonk.com/sogrady
www.gigagamez.com
secondtense.blogspot.com

Excerpts from comments to the official blog announcement

  • Peer review is what makes applications secure.
  • Security by obscurity is no security, and just imagine the countless people submitting bug reports and diffs improving on the code base to LL in the near and intermediate future. And new LSL and Prim editing tools will shoot out of the ground like mushrooms.
  • Localized versions in all sorts of languages will appear
  • Firefox is open source and it’s way more secure than IE and anyone can download the code but you don’t hear all kinds of nightmare stories about Firefox being hacked. I don’t think there’s any reason to worry about SL being hacked any more than before. In fact, with more eyes on the code, security will likely tighten up.
  • Some people don’t like open source (or, as in the case of the use of the GPL, Free Software), which is acceptable. Thinking that open sourcing the *client* will adversely affect the economy is somewhat alarmist – certainly, bad things *could* be done, but more likely bad things will be *patched* before they are done.
  • The client is what you connect to SecondLife with. The server code isn’t publicly available, though from what I understand much of the infrastructure is based on open source code.
  • Open Source/Free Software has a demonstrated track record in this regard – projects such as Linux, Apache, Mozilla… to name some… have already demonstrated the benefit of code as a commons.
  • Proprietary code, on the other hand – well, we’ll see how many patches Microsoft releases tomorrow.
  • If you are just a regular user, this probably won’t affect you – except, perhaps, give a more stable client with less LL resources.
  • Opening this source to the development community will do:
    1. Improve the quality (stability & performance) of the client app in the long run
    2. Generate some excellent utilities and spin-off applications from SL
    3. Shut alot of ppl up about the amount of work Lindens have to do
  • this is what the folks at OpenSSL do with their code – the benefits of having so many eyes look over it to find and fix its flaws far outweigh the costs of having unscrupulous eyes able to see it.
  • Linden Lab maintains a large portion of their control over the content in Second Life by keeping the server side closed. Indeed, expect to see script decompilers, just don’t expect them to decompile scripts the client otherwise wouldn’t have access to. Releasing the client’s source is not an all-expense-paid ticket to do everything. The servers can and do deny access to certain content if the content is locked, regardless of the way the client requests the content. This means that the permissions system does provide protection to notecards and scripts and that this protection is in no way impinged upon by the releasing of the client’s source.
  • that privacy or security which was “granted” viewer-side was largely illusory anyway. It is good that the view is now open, so that everyone knows the weaknesses. The LL servers are our “trusted computing base”, that’s where privacy and security need to be dealt with.
  • The copybot, I think, was and is inevitable. Textures and other “content-y” stuff that are downloaded to the client are and have been always copyable – it was security-by-obscurity at best. The open source code will make this eminently clear (if Copybot didn’t already do that) and people will have a harder time making money with “content”. However, “services” – scripts that stay server-side, real-life services, etcetera, will always be unique and value-adding. I expect a shift in the marketplace towards this end. Content = commodity so either you grab free stuff or pay for bespoke work, services = value-adding so you’ll keep paying for them. Is that good or bad? I don’t know. Just a fact waiting to happen. The WWW seems to have happily survived the exact predicament, so I’m optimistic here.
  • While it’s appropriate to worry about the hackers and griefers having access to client-side source code, don’t forget that the public security experts will also have access to it. Maybe we’ll see a McAfee or Symantec or AVG plug-in for the SL client to secure all that precious content. Or maybe secure certificates for content transactions. It’s not just the bad guys who will be playing with the code.

Smart answers

– I expect to see LSL script decompilers/rippers, object duplicators ala CopyBot and much more in the coming months.
I already have a script disassembler. Of course, since there’s no way of getting the compiled version of a script from the server (the only way of getting it is to snag it as it goes out to the server when you save it), it’s pretty much useless for content theft and hacking. The source is actually easier to obtain – and even that requires you to have the correct permissions.

– The silliest decision ever. We knew it was coming, but there is absolutely no security right now in the SL protocols. Once again LL is making the right decisions at the wrong time.
– Errm… yes there is. The server won’t just blindly do anything the client tells it; most of the security restrictions are already implemented server-side and have been for a while, barring a few mistakes and things that can only be done on the client (e.g. blocking texture/prim shape copying).

– You thought copybot was bad ? Wait until someone comes up with a free L$ generator, a sim/grid nuker or a permission modifier. I’m pretty sure the server side of SL is creaking with the security holes that allowed that kind of hack in the past.
– If there were any holes like this, most of them probably got found and fixed already (thanks either to libsecondlife or malicious hackers – I’m not sure how many security holes libsecondlife has reported, since neither they nor Linden Labs like to talk about it, but I’ve heard there were some.)

– I predict that in the next couple of weeks we shall see at least one “universal object replicator” and one “grid nuker”. I sure hope I’ll be proved wrong
– Predicting security problems/sim crashers is like predicting the sun rising tomorrow — source code or not.

Advertisements

January 6, 2007

Linux/WP test with BlogHUD

Filed under: Uncategorized — Signore Iredell @ 3:24 pm


GO!
posted by Signore Iredell on Hwaegi using a blogHUD : [blogHUD permalink]

December 27, 2006

Zikrid Redgrave @ Necrotica Isle

Filed under: Performance, Snapshots — Signore Iredell @ 12:42 am

lordofcubes-2.jpg

lordofcubes-1.jpg

lordofcubes-3.jpg

December 25, 2006

Necrotica Isle

Filed under: Snapshots — Signore Iredell @ 11:03 pm

necrotica-island.jpg
Doic Sinatra

December 23, 2006

Glitch after avatar change

Filed under: glitches, Snapshots — Signore Iredell @ 2:43 am

glitch2.jpg
Abstract Avatars strike again ? 😦

This happens to me when I take off my Bliss v0.2 avatar from Abstract Avatars.

glitch.jpg

December 21, 2006

Bizarre Berry’s wonderful work

Filed under: Avatars, Snapshots — Signore Iredell @ 1:58 am

My profile proudly features only one Pick, and it is about Bizarre Berry’s Bucolic Burrow, where you can find uncommon avatars and whacky stuff with close attention to detail. More important, you may find here Bizarre Berry himself!

Berry’s Bazaar and Caves of Lascaux
Modesta (125, 55, 66)

berry_001.jpg berry_003.jpg berry_002.jpg
Signore Iredell wearing the UN-REZZED skin and Bizarre Berry as a fountain

I personally met Bizarre Berry some weeks after I entered Second Life and it’s been a really nice meeting. He is a lovely and funny person: he kindly explained me how some things work in world, we exchanged jokes and had a good time.

berry_004.jpg
Detailed artwork

His work is currently featured at the well-known New World Notes – the article is about the wonderful Caves of Lascaux, but don’t forget to give a look to the funny Bizarre’s Berry avatars and skins as well!

berry_005.jpg
Avatars include appropriate gestures

December 20, 2006

Adding Technorati support to this blog

Filed under: Blogged from SL — Signore Iredell @ 2:20 pm

Just a “Post claim” …

Technorati Profile

December 16, 2006

Snow glitches

Filed under: glitches, Snapshots — Signore Iredell @ 12:21 am

I love interface glitches.

avatarsnowcrash.jpg

I was walking on a hill in a snow-themed sim when I met a couple, then I met a strange thing. A right-click told me that it was an avatar – or that the Second Life application thought it was an avatar.
Actually it wasn’t, and it disappeared just seconds after I took a snapshot. By the way, the Profile belonged to one of the two persons I had met there a minute before. The texture of the object appear to be the same of the Snowboard Boots created by Eric Linden that I, and possibly other people on that area, were wearing.

November 24, 2006

Italians in Second Life

Filed under: Italia — Signore Iredell @ 12:00 pm

Since a couple of weeks I have been managing a blog and a forum about Second Life. Both of them are italian-language based: you can find lots of information about in Second Life on the internet, but it’s mostly written in english. Unfortunately, italian people often lacks a good knowledge of english language, and reading documentation in a language you are not comfortable with is quite boring. Even worst, you probably won’t have fun if you try to chat with other people in a language  you don’t know 🙂

So, at the present, I’m writing some italian basic documentation, short photo-reports and I’m trying to help italian people meet themselves and -who knows?- maybe building a community.

November 14, 2006

3pedia: a wiki about media from and towards Second Life

Filed under: Italia — Signore Iredell @ 3:08 pm

From 3pedia.com: 3pedia is intended to be an editable encyclopedia whose articles describe technologies and applications that connect people in space, whether that space be real or virtual, as well as related subjects. Of particular interest are technologies that enhance the functionality of multi-user 3D online spaces (…)

3pedia‘s birth looks interesting for me, since I started this blog in order to cover some of 3pedia topics. Now I could choose to close this blog and move my little efforts about SL media into 3pedia. I believe in wiki cooperation – and I would like to join the forces with other SL residents that share an interests in media from and towards Second Life.

More, I recently started blogging on Second Life Italia Blog (in italiano) and participating to the italian community web-based forum (forum in italiano dedicato a Second Life), so I really should optimize my spare time 🙂

« Newer PostsOlder Posts »

Blog at WordPress.com.