[sldev] Re: [META] Formal critique of new auth mechanism?
Nicholaz Beresford
nicholaz at blueflash.cc
Sat Sep 29 16:03:46 PDT 2007
Rob Lanphier wrote:
> We generally respond a lot better when light is shed on a problem rather
> than heat. While I think the conversation so far has been very civil,
> it's only now getting organized, so that's what I'm focusing on.
>
> That's not to say that we won't respond to the issues that smaller
> groups have, but I want to make sure we're apply our energy in the right
> proportions.
I think (and would be surprised otherwise) there currently consensus among
those who replied here on the list that ...
1) the new auth mechanism does nothing to significantly increase security
in terms of protecting user assets from malicious viewers (once the
viewer is logged in, you're at the mercy of the viewer, no matter how
you logged in)
2) the new auth mechanism makes login to SL cumbersome and breaks many
ways in which people are currently using SL (alts, switching between
viewers, etc.)
3) the new auth mechanism will make it impossible for some environments
to log in from at all (proxies, firewalls, security software, ...)
or prevent specific forms of viewers (lean viewers, mobile systems,
viewer on a memory stick, ...)
4) the new auth mechanism will break existing applications (bots, libsl,
etc.) and these will have to work around these.
5) Allowing these (4) to work around it, means that 3rd party viewers can
also work around it, meaning that you'll end up with 3rd party viewers
which are a lot more convenient than the official viewer, essentially
driving people away from the official viewer.
6) other mechanisms exist, which a) actually increase security and which
b) do not break existing use and c) are less cumbersome
7) (this is my personal addition but I'd be amazed if anyone disagreed)
people are losing a lot more assets and value through Linden
malfunctions (lost inventory, search & classifieds being not seen
because of outages, etc.) than have ever been lost through spoofing
or malicious viewers.
8) __whatever mechanism is implemented, should be a *choice* with the__
__existing mechanisms remaining in place__
9) (see (8) )
10) (see (9) )
Bottom line is that the new auth mechanism is something that offers neglectible
improvement in security and will cause countless problems or developer hours
on both sides.
Nick
(Matt, feel free to copy that to the Wiki)
---
Second Life from the inside out:
http://nicholaz-beresford.blogspot.com/
More information about the SLDev
mailing list