[opensource-dev] Viewer blacklist to replace the TPV directory ?
Tigro Spottystripes
tigrospottystripes at gmail.com
Thu Apr 29 12:54:58 PDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Discrete, in both ways you can have viewers that the users think can be
trusted, but actually shouldn't
On 29/4/2010 15:04, Discrete Dreamscape wrote:
> A list of trusted entities is virtually always more robust and reliable
> than a list of untrusted ones.
>
> Weigh the two possibilities that would occur and their consequences,
> given that the user is making assumptions, as you say:
> - User believes viewers ON the whitelist are the ONLY ones that can be used
> - User believes viewers NOT on the blacklist can ALL be used
>
> The latter is clearly not a situation that benefits users in any way.
>
> Discrete
>
> On Thu, Apr 29, 2010 at 1:59 PM, Henri Beauchamp <sldev at free.fr
> <mailto:sldev at free.fr>> wrote:
>
> On Thu, 29 Apr 2010 05:40:15 -0700 (PDT), Nicky Perian wrote:
>
> > +1
> > A blacklist would just give potential bad actors a menu and
> > template to use for more bad viewers that could be modified and get
> > past the login screens.
>
> What you must understand is that the TPV policy is in no way a mean
> to prevent pirates from connecting to SL with hacked viewers (or
> through hacked proxies)...
> All what pirates have to do is to make sure these viewers impersonate
> an official (Linden) one (which is done very simply) and then they can
> pursue their illegal activity without even being spotted...
>
> The TPV policy might give some better ground to LL to sue such pirates
> when they are lucky enough to spot and trace one, but the true aim of
> the TPV is to set acceptable standards for non-hacked viewers as well
> as to provide their user with some minimum confidence that such viewers
> will not try to steal their private data or put them into troubles.
>
> As such, the blacklist would provide a much better service to the users
> by clearly identifying viewers which are *known* to be not compliant.
>
> With the current directory, you only got a *partial* list of *possibly*
> compliant viewers (without any guarantee from LL) and know nothing at
> all about non-listed viewers.
>
> Henri.
> _______________________________________________
> Policies and (un)subscribe information available here:
> http://wiki.secondlife.com/wiki/OpenSource-Dev
> Please read the policies before posting to keep unmoderated posting
> privileges
>
>
>
>
> _______________________________________________
> Policies and (un)subscribe information available here:
> http://wiki.secondlife.com/wiki/OpenSource-Dev
> Please read the policies before posting to keep unmoderated posting privileges
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEUEAREKAAYFAkvZ5A4ACgkQ8ZFfSrFHsmXOBQCfcpptZyKU+Tr1uv+FsJVUj04s
6c8AmPF6F2bQpBxhVHCTLY4yrcC38sM=
=Cbvj
-----END PGP SIGNATURE-----
More information about the opensource-dev
mailing list