[opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?

[Discrete Dreamscape]

This was one person's decision, and was deliberately done for the sole
purpose of messing with the owner of the victim site (although I'd
hardly call the particular individual a victim). Regardless, the team
was pretty disappointed. The one person currently owns all parts of
Emerald's hosting, so it was their decision, albeit a ridiculous one.
They don't take the project seriously, and it's more than a little
embarrassing to the rest of the people associated with the team that
this kind of thing keeps happening, over and over again.


Discrete


On Aug 21, 2010, at 10:33 AM, Brian McGroarty <soft at lindenlab.com> wrote:

> On Sat, Aug 21, 2010 at 7:04 AM, Thomas Grimshaw <tom at streamsense.net> wrote:
>>  Loading 1mb of content per user is hardly a denial of service attack.
>> Crosslinking occurs everywhere on the web, this is simply nothing but
>> paranoid bull.
>
> "Crosslinking" drops the context of hiding gibberish requests to a
> critic's website in a hidden frame that will never be revealed to the
> user. This isn't a mere hyperlink to another page or naively stealing
> someone else's image hosting.
>
> My read (but I'm no lawyer) is that this looks like 2.d.iii of
> http://secondlife.com/corporate/tpv.php and we're already having that
> discussion. If anyone can come up with specific reasons why this might
> have had legitimate reason to be there, or how this one could be yet
> another oversight or mistake, that would be helpful. I sure haven't
> heard any to date.
>
> --
> Brian McGroarty | Linden Lab
> Sent from my Newton MP2100 via acoustic coupler
> _______________________________________________
> Policies and (un)subscribe information available here:
> http://wiki.secondlife.com/wiki/OpenSource-Dev
> Please read the policies before posting to keep unmoderated posting privileges