[sldev] [Upcoming Changes] Website Viewer Authentication

[SL - Farallon Greyskin]

The automatic viewer launch from the website after you've logged in and till 
you specifically log out is a NON-STARTER. (boy I hope I read that wrong)

That is an account hacking nightmare. The incidents of having people hijack 
accounts by running SL on other people's computers will be horrifically 
high. I run into this ALL  the time when going to friends houses to play SL, 
I launch their SL and there is one of their secret alts there in the login, 
thankfully most people are smart enough to uncheck the "remember password" 
button (Which really should be off by default or not even there if 
"security" were really a concern)

We are talking about REAL MONEY DAMAGE here. If the goal is to have a more 
secure login then it cannot be "persistent" It MUST log you out when you 
close the viewer and not back in till you type your password again /every 
time/.

The forums? Blog? Meh, who cares, mischief at best. The viewer?!?!? OMG no 
way!!!

Not to mention (as others have) that this sounds like logging in multiple 
characters at once is not an option any more? That is also a non-starter. 
Anyone that conducts business or rents land or does any other type of 
management NEEDS multiple characters because of the insane group limitations 
and being able to log in an alt to do store business and log out without 
having to log out your main account is VERY VERY HANDY. Especially if the 
two accounts need to interact which frequently happens.

Sorry, but this needs much more work before it even approaches "more secure" 
or even "as secure" and definitely not "as usable" The data stream may be 
more secure but the methodology is very very not secure. :(

Farallon

----- Original Message ----- 
From: "David Kaprielian (Sabin)" <sabin at lindenlab.com>
To: "Second Life Developer Mailing List" <sldev at lists.secondlife.com>
Sent: Friday, September 28, 2007 2:31 PM
Subject: [sldev] [Upcoming Changes] Website Viewer Authentication


> Hey all.  I'm Sabin Linden, a developer here at Linden Lab.  You may know 
> me as that Linden with the pixel avatar or maybe... well... actually I 
> don't do much external facing work so you probably don't know me at all. 
> Don't worry, you're not missing out on much.
>
> In any case, I wanted to take a moment and send to this list some security 
> changes Linden is going to make in order to further the efforts of 
> anti-fraud and phishing prevention.  Pretty soon we're going to 
> consolidate logins to our website so we can eventually centralize the 
> process.  In other words, residents will not have to type their name and 
> password into SL viewers and applications, they'll type them into our 
> website instead.  The process that occurs is as follows:
> 1: After logging into the website, you'll be taken to a new page that has 
> the same login location options the current SL viewer has.
> 2: When you hit the Go button, a form is submitted to a php page, which 
> redirects to a secondlife:/// url that has a web key appended to it.
> 3: The secondlife:/// url itself will launch Second Life with locational 
> details and the web key will authorize your account for login.
> Note: You can find more detailed information (the whys and hows) on the 
> public wiki at https://wiki.secondlife.com/wiki/Viewer_Authentication
>
> This method works for Windows and Mac machines, but unfortunately due to 
> the nature of how Linux handles secondlife:/// links (it doesn't), we have 
> been unable to come up with a proper, catch-all solution that would allow 
> this method of login to work for 100% of the Linux using population.  We 
> estimate (aka: make an educated guess) that we can catch about 70% of 
> Linux users at first and will be working to get that number as close to 
> 100% as possible.  However, because there are so many different 
> distributions and configurations of Linux available, there's always the 
> possibility of people who cannot launch Second Life from the website. 
> Fortunately, we will be implementing a login screen for each of our 
> viewers (similar to the one you see now) which goes through our website. 
> Although this doesn't allow as much security as we would like (since 
> you're still technically typing your password into the viewer) it will, at 
> least, allow all Linux users to log in.  Additionally, it will provide a 
> fall-back for those who are used to the current way of logging in.
>
> With this information, I wanted to get your feedback!  Do you think 
> there's a way we could make website viewer authentication work for all 
> Linux users?  Do you have any specifications for how this will interact 
> with your third party viewers and applications?  Anything I haven't 
> covered that you're worried about?  Thanks for your time everyone, we'd 
> love to hear what you have to say.
>
> ~Sabin
> _______________________________________________
> Click here to unsubscribe or manage your list subscription:
> /index.html