[sldev] Re: "But your IP wouldn't be safe"

[Argent Stonecutter]

On 09-Jul-2007, at 19:18, Jason Giglio wrote:
> Since when is getting someone's IP address an "attack"?

I didn't say "getting someone's IP address" was an attack.

I said that web textures make it practical for an attacker to get  
someone's IP address in a way that media streams don't.

What makes them an attacker is that they are attempting to perform an  
attack... for example, to determine the identity of someone in SL  
(knowing their identity in RL) or in RL (knowing their identity in  
SL) who doesn't want them to. Their goals and intentions are what  
makes them an attacker, not every little detail of their actions in  
between... however, if an intermediate step helps them reach their  
goal, then that step is a component of their attack.

> I guess that makes anyone running a DNS server a criminal.

While someone who is running your DNS server has the ability to cause  
you considerable problems, it would be the act of following through  
on that capability to cause those problems that would be criminal,  
and would make their control of your DNS part of an attack. I suspect  
you wouldn't want to have someone with the intent of causing you harm  
running your DNS server.

As we found out when Network Solutions had complete control over the  
"com" domain, and they hijacked the root.

> IP addresses are *how computers talk to one another* on the net.   
> It's *how the net works*.

Which is exactly why they're SO useful for someone who wants to  
determine someone else's identity.