[opensource-dev] Viewer blacklist to replace the TPV

Boy Lane boy.lane at yahoo.com
Fri Apr 30 01:49:26 PDT 2010


Your credentials are very much up for discussion if you engage in here. Firstly, you do not link to your sources where you post your binary, that is in the alternate viewer directory. A posting here in the mailing list is not sufficient. As such you are violating GPL. You are also violating redistribution licenses by distributing the vivox voice components in the same place. But that's not what this whole thing is about.

As for the points you brought up, I'm not the one supposed to answer anything in regards of legal status, registration, permanent bans, newly created accounts etc. of Modularsystems and their key developers. I wrote what is publically available information. As this is limited I asked the question here about this because I do not know the details and I'd like to get an answer how this is possible and why permanently banned accounts can circumvent that ban by just creating new avatars. 

The ToS violations and bans are verifyable by the very own statement of JCool/Fractured, also the acknowledgment of the malicious Onyx viewer: http://www.youtube.com/watch?v=SRbV9SIbdCA

Again, these are facts people should be aware of. Henri raised a legitimate qestion about creation of a blacklist of known malicious viewers, instead of relying on FUD spread by LL about the validity of listings in the viewer directory. Everyone can list a viewer here, self certify, and residents believe this viewer is legitimate. Which is nothing but wrong. LL has neither the resources nor capacity to verify every single viewer entry.

In addition they also stated clearly that the Viewer Directory is meant as a marketing tool for those who need the publicity it may create. What I think it only creates is a false sense of security, and it will be only a question of time until a malicious project will be listed, and be it for the LULZ of some script kiddie.

I have nothing against you personally, but I have serious concerns that made me stopping developing viewers. Even though they never had any malicious features at all.

Boy

  ----- Original Message ----- 
  From: Brandon Husbands 
  To: Boy Lane 
  Cc: Discrete Dreamscape ; opensource-dev at lists.secondlife.com 
  Sent: Friday, April 30, 2010 4:29 PM
  Subject: Re: [opensource-dev] Viewer blacklist to replace the TPV


  My credentials are not up for discussion. Most in Second Life are well aware of who I am and what I stand for. Additionally most creditable and active community members know my contributions and projects. Though i could be mistaken in the extent to which this information travels. If I am wrong in my assumption then perhaps we can use a different forum or venue to discuss these things.

  Now on to your questions let us take a look at what you are saying and implying.

  1 The company.
  Please show me what Government databases you looked in that also covers DBAs and assumed operating names, You place accusations here without proper proof nor justification. 

  2. The bans you mention.
  As far as I know, Linden Labs does not discuss with anyone outside of its company and the people which they take action upon the conditions relevant information regarding disciplinary actions and bans. So unless you are a Linden or have been one in the past i Highly doubt that the information is truly factual.

  3. Are you accusing Linden Labs of pandering to the almighty dollar instead of standing up for the company integrity on their own list? Sir, that is a huge accusation. I ask again where is your factual information that has brought you to this conclusion? I would honestly say that this is indeed not a true thing you state and is borderline slander against the very company which you supposedly are a third party contribute for. 

  4. The toxic viewer source is posted. If you care to look at it here is the link. 
  https://dcs.sourcerepo.com/dcs/tox_view/ feel free to look at it and take what ever changes you see that you like. Be warry as its just a general repo for my dir i work in.  The Voice component is not included in the installer btw. Furthermore the Toxic Viewer is no longer in active development as it was something that was asked of me to do by my wife. And trust me you do not wanna go there. Youll just have to trust me on that. So in all honesty its a null point. 

  Now on to my own conclusions regarding your communications.
  I really do not have much more to say to you in this subject. But I will offer some advice in regards to point 3. As I tell my kids. "You do not *** where you eat and you do not bite the hand which feeds you. Now its not my place to parent you nor is it my place to tell you what to do.. I only offer this advice as a human being that is concerned with the direction this discussion is going.

  So in a nutshell I do not believe and will safely assume that no one on this list thinks that this is a proper forum for this type of accusation/discussion. May i give you one more piece of advise. Have you tried the proper channels for this type of inquisition? If I am not mistaken the url is support.secondlife.com. Once your on that page you can select new ticket/issue. That would probably be the best avanue to question these things. On a side note if you need assistance filing a ticket I would be more than happy to assist.

  Dim.


  On Fri, Apr 30, 2010 at 3:12 AM, Boy Lane <boy.lane at yahoo.com> wrote:

    Sorry, seems I have to correct myself. Mr. Brandon Husbands seems to be Dimentox Travanti. Creator of the "Toxic Viewer". A project that violates GPL by not providing sources as well as distributing non-redistributable components such as the Vivox voice packages.

    This adds very well to your credibility Mr. Brandon Husbands :).


      ----- Original Message ----- 
      From: Boy Lane 
      To: Brandon Husbands ; Discrete Dreamscape 
      Cc: opensource-dev at lists.secondlife.com 
      Sent: Friday, April 30, 2010 3:57 PM
      Subject: Re: [opensource-dev] Viewer blacklist to replace the TPV


      I don't know who you are Mr. Brandon Husbands, you are certainly not a viewer developer but a fly-by-night who want's to add some oil to the drama fire. It does not really matter.

      I stated facts here, not flames.

      Modularsytems is a "company" with a legal status we dont't know, created and owned by a person with permanently banned accounts due to ToS violations.

      Modularsystems is registered as this entity in the viewer directory.

      Modularsystems develops and uses malicious viewers, namely "Onyx", with several other malicious projects done by key developers such as Fractured, Phox, Skills or Cryo. All who had their accounts permanently banned for ToS violations.

      I asked a legitimate question to LL, to repeat it once again: How can for repeated ToS violations permanently banned people just circumvent that ban by creating new accounts as many of the Emerald developers did? Is it money spent for SL that counts rather than ToS?

      As you haven't read my posting, rather add irrelevant accusations in your own posting, Mr. Brandon Husband, that are supposedly to confuse the reader and discredit legitimate questions, lI can only conclude you are the troll here.

      Boy





        ----- Original Message ----- 
        From: Brandon Husbands 
        To: Discrete Dreamscape 
        Cc: Boy Lane ; opensource-dev at lists.secondlife.com 
        Sent: Friday, April 30, 2010 3:55 PM
        Subject: Re: [opensource-dev] Viewer blacklist to replace the TPV


        I do not add much to the list.. But I will say... Mr lane, what ever your problem is with Emerald... You should probably let it go.  This blatant flaming and trolling does not help the open source community. Your actions and flames are actually a hindrance to the community as a whole. You see i say community as we typically work together to make things better etc. 

        It Seems you mostly wish to sabotage and wreck havoc. It is counter productive and plain rude. 
        SO i must request... Either take this offline directloy with the people you have a problem with or quit posting this crap as I do not want to have to read it. So as they say either *** or get off the pot.... So either become a active positive contributing member of this community or go away. I am quite fed up with the Trolls and will no longer personally tolerate it. So please go stroke your ego else where and lets get back to discussing code and things that actually matter to us besides your grievance against emerald.

        Dim.



        On Fri, Apr 30, 2010 at 1:00 AM, Discrete Dreamscape <discrete.dreamscape at gmail.com> wrote:

          I'd like to remark that the information you found is just the data of the ModularSystems website, and all of the other viewer directory listings look about the same as Emerald's. The actual real-life name(s) of people involved aren't required to be publicly viewable, but Linden Lab does have them. Also, consider the possibility that .sl was chosen as a domain because it could be an abbreviation for SecondLife. Cute, eh? 


          I seriously doubt anyone with malicious intent is going to bother trying to register their viewer in the directory. 



          On Thu, Apr 29, 2010 at 8:38 PM, Boy Lane <boy.lane at yahoo.com> wrote:

            We certainly should follow the bright example of Emerald / Modularsystems,
            where you Discrete are a member of. A pseudo company set up and owned
            by known banned griefer JCool aka who revived his banned account(s) under
            the names of Fractured Crystal/Fractured Modularsystems.

            Back to their registration. JCool set up Modularsystems. A mailbox company
            with the following contact details:

            http://modularsystems.sl/
            P.O. Box 5702
            West Columbia, South Carolina 29171-5702
            United States
            administrator at modularsystems.sl

            That is an untraceable anonymized entity without any name attached to it and
            unknown legal status, registered with a domain name in Sierra Leone, a
            country
            that does not even have a WHOIS.

            This information was used to register and self-certify Emerald in the Viewer
            Directory.

            As I as a legally uniformed hobby programmer without commercial interest can
            evaluate this situation and validity of the Emerald listing, it is meant to
            circumvent
            any means of the viewer directory to hold a developer accountable for their
            viewers. It is also meant to avoid any possible litigation from LL in case
            indeed
            some malicious code may be found in their viewer(s). Besides Emerald,
            Modularsystems
            also develops and uses a malicious viewer named "Onyx" that is in clear
            violation of
            ToS/TPV.

            So no, Discrete, all these things completely contradict your argument. As
            shown a
            listing in Lindens viewer directory doesn't add a single piece of safety or
            security. To
            look for a legitimate viewer the Alternate Viewer list in the community
            edited SL Wiki
            is a better place to, for the simple reason malicious clients may not easily
            slip in as
            this is possible with self-certification. A blacklist is a good thing and
            could at least
            complement Viewer Directory and Alternate Viewers list. But of course it
            would
            include most of the malicious viewer from the key developers behind
            Modularsystems
            which obviously you try to avoid.

            Additional question to Linden Lab: How can for repeated ToS violations
            permanently
            banned people just circumvent that ban by creating new accounts as many of
            the
            Emerald developers did? Is it money spent for SL that counts rather than
            ToS?

            Boy

            ----- Original Message ----- > Date: Thu, 29 Apr 2010 16:39:16 -0400
            > From: Discrete Dreamscape <discrete.dreamscape at gmail.com>
            > Subject: Re: [opensource-dev] Viewer blacklist to replace the TPV
            > directory ?
            > To: Tigro Spottystripes <TigroSpottystripes at gmail.com>
            > Cc: opensource-dev at lists.secondlife.com
            > Message-ID:
            > <g2nc38195a91004291339p41f404edgfe05a593c813c6c1 at mail.gmail.com>
            > Content-Type: text/plain; charset="utf-8"
            >
            > This discussion seems to have been created with misleading intentions.
            >
            > Because some TPV creators don't want to reveal any personal information
            > about themselves, they can't be posted on the TPV directory, and because
            > of
            > this, it's understandable they might view the directory as unfair. But,
            > this
            > doesn't strike me as a valid reason to criticize the list.
            >
            > It's certainly valid to say that the viewers on the list are not
            > absolutely
            > trustworthy unless a full code audit is done, but even then, do you really
            > know that what's in the code is the same as what's in the binary? Isn't
            > there a limit to what LL can do, given a lack of resources to perform such
            > audits, especially when what you download requires trust that it's the
            > same
            > as what they've audited?
            >
            > But really, trust is supposed to be provided by the fact that the viewer
            > has
            > indeed registered using real-life contact information, because who would
            > give such a thing knowing they could be held liable if they indeed decided
            > to include malicious code? In general, there is no way to certify purity
            > here, you can only provide a level of trust as a guideline. You can't rely
            > on babysitting the users, because LL isn't going to compile every third
            > party's code and release the binaries themselves.
            >
            > In this regard, you may begin to argue that indeed, a blacklist would
            > better
            > serve users. I argue that this is exactly the opposite. You may be able to
            > pick out which viewers are explicitly untrusted, but you make no
            > statements
            > about the trustworthiness of any others. In this situation, a user is left
            > to choose between either a viewer which is in the grey about its status,
            > or
            > an official Linden viewer. This point is key, as far less warranty is
            > provided for users that they won't be banned for using a third party
            > viewer.
            > I suspect that in this case, many would simply give up and use the
            > official
            > client rather than risk their business, etc.
            >
            > If you want to provide a system where users can trust the clients they
            > use,
            > it seems like our current one is decent enough. In any case, a blacklist
            > doesn't appear to be any safer.
            >
            > Discrete
            >


            _______________________________________________
            Policies and (un)subscribe information available here:
            http://wiki.secondlife.com/wiki/OpenSource-Dev
            Please read the policies before posting to keep unmoderated posting privileges




          _______________________________________________
          Policies and (un)subscribe information available here:
          http://wiki.secondlife.com/wiki/OpenSource-Dev
          Please read the policies before posting to keep unmoderated posting privileges




        -- 
        -------------------------------------------------------------------------------------------------------------------------------
        This email is a private and confidential communication. Any use of email may be subject to the laws and regulations of the United States. You may not Repost, Distribute nor reproduce any content of this message.
        -------------------------------------------------------------------------------------------------------------------------------
        -------------------------------------------------------------------------------------------------------------------------------




  -- 
  -------------------------------------------------------------------------------------------------------------------------------
  This email is a private and confidential communication. Any use of email may be subject to the laws and regulations of the United States. You may not Repost, Distribute nor reproduce any content of this message.
  -------------------------------------------------------------------------------------------------------------------------------
  -------------------------------------------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/opensource-dev/attachments/20100430/0111a97f/attachment-0001.htm 


More information about the opensource-dev mailing list