[sldev] Re: [META] Formal critique of new auth mechanism?

[SL - Farallon Greyskin]

Wow Nicholaz,

Great summary. I hate to "me to" this but I 100% agree with everything you 
said and you really condensed it down well.

Otherwise, yes, actually, because for once everyone DOES seem to be 
agreeing, I was being quiet after saying my initial piece.

Farallon

----- Original Message ----- 
From: "Nicholaz Beresford" <nicholaz at blueflash.cc>
To: "Rob Lanphier" <robla at lindenlab.com>
Cc: <sldev at lists.secondlife.com>
Sent: Saturday, September 29, 2007 4:03 PM
Subject: Re: [sldev] Re: [META] Formal critique of new auth mechanism?


>
> Rob Lanphier wrote:
> > We generally respond a lot better when light is shed on a problem rather
> > than heat.  While I think the conversation so far has been very civil,
> > it's only now getting organized, so that's what I'm focusing on.
> >
> > That's not to say that we won't respond to the issues that smaller
> > groups have, but I want to make sure we're apply our energy in the right
> > proportions.
>
> I think (and would be surprised otherwise) there currently consensus among
> those who replied here on the list that ...
>
> 1) the new auth mechanism does nothing to significantly increase security
>    in terms of protecting user assets from malicious viewers (once the
>    viewer is logged in, you're at the mercy of the viewer, no matter how
>    you logged in)
>
> 2) the new auth mechanism  makes login to SL cumbersome and breaks many
>    ways in which people are currently using SL (alts, switching between
>    viewers, etc.)
>
> 3) the new auth mechanism will make it impossible for some environments
>    to log in from at all (proxies, firewalls, security software, ...)
>    or prevent specific forms of viewers (lean viewers, mobile systems,
>    viewer on a memory stick, ...)
>
> 4) the new auth mechanism will break existing applications (bots, libsl,
>    etc.) and these will have to work around these.
>
> 5) Allowing these (4) to work around it, means that 3rd party viewers can
>    also work around it, meaning that you'll end up with 3rd party viewers
>    which are a lot more convenient than the official viewer, essentially
>    driving people away from the official viewer.
>
> 6) other mechanisms exist, which a) actually increase security and which
>    b) do not break existing use and c) are less cumbersome
>
> 7) (this is my personal addition but I'd be amazed if anyone disagreed)
>    people are losing a lot more assets and value through Linden
>    malfunctions (lost inventory,  search & classifieds being not seen
>    because of outages, etc.) than have ever been lost through spoofing
>    or malicious viewers.
>
> 8) __whatever mechanism is implemented, should be a *choice* with the__
>    __existing mechanisms remaining in place__
>
> 9) (see (8) )
>
> 10) (see (9) )
>
>
> Bottom line is that the new auth mechanism is something that offers 
> neglectible
> improvement in security and will cause countless problems or developer 
> hours
> on both sides.
>
>
> Nick
>
>
> (Matt, feel free to copy that to the Wiki)
>
> ---
> Second Life from the inside out:
> http://nicholaz-beresford.blogspot.com/
> _______________________________________________
> Click here to unsubscribe or manage your list subscription:
> /index.html