The road to hell…..?

I use the Emerald Viewer. Over the years I’ve used a wide range of Viewers to experience Second Life, from the official Viewer through Snowglobe to Meerkat, Imprudence, Cool Viewer for Windows, KristenLee’s Viewer  – and even Viewer 2.0 and the Snowglobe iteration of Viewer 2.0.

But it is with Emerald I’ve found my “home”; of all the Viewers, this is the most stable for my PC configuration and provides the fastest fps rate of any (although KristenLee’s Viewer isn’t that far behind. Truth be told, if KLee’s Viewer incorporated RLV functionality, I’d swap over in a heartbeat, as her rendering pipe just blows everything else to pieces on a good graphics card).

It is true that Emerald has features that could be a nuisance if incorrectly used: the ability to locate anyone on a sim and Tp right into their face is one. I’m also aware of the claims of data scraping and the like surrounding Emerald and the claims relating to it ignoring permissions (generally made by those who have not sought to actually use the Emerald export tool). But the fact is, Emerald includes much that has been lacking in the official Viewer for general users, builders and estate managers – and these make it a winner.

As such, I applaud the efforts of the Emerald Dev team in building and maintaining a versatile Viewer.

However, even good intentions can go a step too far. Today, members of the Emerald Viewer group received a Notice and attachment I’d venture to suggest is questionable.  The attachment came in the form of a wearable prim. The Text of the Notice accompanying it reads thus:

This neat little prim has certain magical properties about it that causes viewers that do not respect permissions to crash when selecting it.

We turned it into a sort of “copybot shield” you can wear.
Fractured thought you guys should have these, they won’t hurt any viewer that respects permissions.
Come by Emerald Point to see us if you liked it.

So in essence, it is a prim that can be worn and which contains a script that identifies malicious Viewers and crashes them.

Now *IF* this prim is for real (there are no visible scripts, so exactly how it detects / communicates with “illegal” Viewers is beyond my ken), then on the surface it would appear to be a neat trick in deterring copybotters. However, *IF* it is for real, the tool raises concerns on a number of fronts.

  • At the very least, it would appear to violate the Terms of Service, to whit, Section 4.1, which includes the statement: In addition to abiding at all times by the Community Standards, you  agree that you shall not: (v) take any actions or upload, post, e-mail or otherwise  transmit Content that contains any viruses, Trojan horses, worms,  spyware, time bombs, cancelbots or other computer programming routines  that are intended to damage, detrimentally interfere with,  surreptitiously intercept or expropriate any system, data or personal  information. Given this prim has the ability to crash suspect Viewers, it could be argued that it is a form of Trojan horse  / time bomb intended to detrimentally interfere with other systems
  • While copybotting is a major concern, and it could be argued that Linden Lab should be doing more to control / eliminate the worse cases, this same argument does not entitle users and /or content creators to undertake what amounts to be vigilantism in lieu of firmer action on the part of Linden Lab (and I say this as a creator of content myself). Two wrongs simply do not make a right
  • There is already a degree of controversy surrounding the Gemini CDS system marketed by members of the Emerald team – not in terms of whether or not it hack people’s computers (it doesn’t) – but rather in the number of “false positives” it has been reported as giving. Can we be sure this tool is actually foolproof, even if vetted?
  • What gives a group outside of LL the right to determine  which Viewers should or should not connect to Second Life? LL themselves are already in the process of rolling out their Third Party Viewer (TPV) Policy. While it has a number of flaws within the revised wording, it is nevertheless the official means be which the use of malicious Viewers is to be contained. What gives one or two developers who have no direct accountability to Linden Lab or anyone else the right to take matters into their own hands?
  • The means by which Viewers are added to this tool (assuming it is going to be maintained) is far from transparent. While the best of intentions may have been behind its creation, it is therefore open to potential abuse
  • What happens should a rogue coder decide to retaliate?  If this tool can be developed to target “illegal” Viewers, how hard would it be for someone to target a specific Viewer – the one supported by this tool’s creator(s)? If the tool can be worn, it can be rezzed in-world as a mass griefing tool. Do we then enter a war of escalation?

I’m genuinely curious as to whether anyone in authority at Linden Lab was consulted during the development of this tool or prior to its release. I’m also very interested to see how they respond to its presence on the grid.

Again, I have little doubt the intentions behind the tool were good. The major problem with good intentions is the manner in which they invariably pave all the roads leading to hell….

9 thoughts on “The road to hell…..?

  1. Especially your last point makes a LOT of sense. The technical knowledge the 3rd party viewer developers have (both white hat and black hat) could really turn SL into a minefield where the normal user can too easily become a casualty.

    In this aspect LL should make it very clear with affirmative, transparent action that deliberately crashing someone’s viewer is not tolerated.

    But then again, transparency from the Lab would be nice in the first place, and would have prevented quite a lot of wrong turns in retrospect. But that is a different topic altogether.

    Like

    1. I agree: while Linden lab has done much to stir up the waters (both through the release of the original copybot LSL library hack and by remaining complacent over the misuse of Viewers – that simply doesn’t entitle other to go throwing rocks into the pool.

      Another concern that I skipped over in my original post (it was late at night!) is the risk that this tool, even moreso than the TPV Policy is going to force content rippers into ever more devious means of scamming content – remember, the original copybot code is still out there, and this weapon can do absolutely nothing against that code.

      Like

      1. I have read a few times by now that the original copybot code was releases by LL. I also read many times comments that say ‘If you state this, it only shows what a misinformed twit you are and therefore nothing you say has any worth’.

        You don’t seem to be a misinformed twit, as far as I can see. Can you shed some light on those conflicting views?

        Like

        1. Hi, Peter – and no problem.

          Well, technically, the code wasn’t released per se by LL – but they weren’t entirely unaware that it existed ahead of its release.

          Originally, Copybot was a part of libsecondlife (now the libopenmetaverse), a library of applications and tools that could be used by third party developers to communicate with the the SL servers. It was originally intended as a debugging / back-up tool – however, the potential for it to be abused was actually known and debated within the Libsecondlife community over “releasing” the code with some members even acknowledging that the tool could be used illicitly, but giving a “so what?” response. And these debates didn’t take place in a vacuum – LL were actively involved in libsecondlife.

          So, where LL can be said to be complicit is that a) their own people active in the libseocndlife movement were not more proactive in discouraging the dissemination of the code; b) LL itself didn’t issue a warning to the libsecondlife developers ahead of time (i.e. issuing a warning from the top, rather than their technical bods simply saying, “this is not a good idea”); c) in their overall lukewarm response to the code being published.

          While it can be argued that “once the code is out there, it is out there”, LL compounded the issue as to whether Copybot was “legal” or not by giving a very ambiguous update to their ToS. It was only after there had been in-world protests (forerunners of the OpenSpace / Homestead protests of 18 months ago) that LL firmed-up their policy…without actually taking any hard-core action.

          But again, in fairness to those who have suffered both from Copybot and from content-ripping Viewers and all the other tools that can be used to grab avatar information – “lukewarm” remains the best adjective to describe LL’s involvement in the entire content ripping situation for nigh-one four years.

          Like

        2. Thanks a lot – that sounds like a very good summary. I’m from 2006 but my “awakening” took a while so that I did not know about almost everything of this.

          Maybe for completeness, maybe you can also write a few lines about the origins and goals of Libsecondlife, and who originated it?

          I encourage you to make these historical summaries a post of their own, which can be linked and forwared, instead of burying this in the comments.

          Like

          1. Many thanks for the feedback and the idea. I’ll cogitate and see what I can put together as a summary. CopyBot, content ripping and all have been so heavily flogged over the years, separating fact from fiction and shaping my own grey matter where events are concerned my take a bit of sorting!

            Like

  2. This confirms a tendency I have been watching with some concern for a while now, i.e. that the fear of copybotting is growing out of all proportion and with increasing frequency seems to cross the border into outright paranoia. While content theft undoubtedly is a problem, I very much doubt it is as much of one as many people (a lot of which, incidentally no doubt, profit in one way or another from that fear) would have us believe. And there are more than enough historical precedences (some of them quite recent) where some supposedly righteous cause ended up being even more oppressive than the evil it set out to smite.

    Like

    1. The paranoia is worrying; one only has to glance at the official flogs to see how utterly out-of-control the rumour-mill is on both sides of the coin: those claiming content ripping is a pandemic and those claiming the tools for fighting it are “useless” or “hack computers”.

      We even have people using tools such as LOOK AT to identify others who focus on their Avatar for more than a few seconds as “proof” they are being copybotted, and ARing on the spot and boasting about doing so in the flogs!

      And I agree, I do believe there are those – even content creators – who are trying to engineer the situation to their own ends.

      In the case of content creators, it was the persistent calls made to LL to limit people’s ability to sell content based on criteria such as “sales turnover”: only those exceeding a certain limit would be able to sell. Quite how this would “stop” content ripping was never explained – but copybotting was one of the excuses they openly used in the flogs for promoting their agenda.

      And you’re right – the situation is becoming oppressive; even reasoned debate on the subject can end up being flamed by people in both camps: those that are outraged be content theft (whether or not they’ve actually suffered it) and those who hold up the technical meme that “if it is on your computer it can be ripped” (hardly a justification for IP theft), when half the time neither side actually understands what they are talking about.

      Like

  3. I’m not a fan of Emerald, I didn’t like the double first login, it made me uncomfortable. I know it was a glitch but it still put me off. Enough people use the viewer to make me feel there’s nowt devious going on, but that’s not the point.

    This does sound like a griefing tool, good intetions or not, sometimes good intentions go bad and this sounds like good intentions gone bad.

    Like

Comments are closed.