[sldev] How Far For Security?

Jake Simpson jake at lindenlab.com
Mon Jun 9 15:34:01 PDT 2008
Previous message: Hubris, was Re: [sldev] Cache politics: performance vs obfuscation
Next message: [sldev] How Far For Security?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'd just like to make the point that a lot of LL reads these threads and 
we have lots of internal discussions about exactly stuff like this. We 
have one currently going regarding a feature we are talking about adding 
thats very much along these lines.

"How far do we go to obstrufacate the data stream?" is the question.

Bear in mind that some of the economy of Second Life is built upon 
people being able to build and have some degree of confidence that what 
they build won't get ripped off immediately by those who can, so they 
can be sure of getting some return on their investment of time. I'm sure 
you can understand how many in LL will be sympathetic to this thinking. 
Sure, technically anything can be reversed engineered (save scripts 
since they don't come to the client in any way) so the question becomes 
"how hard do we make it?" (or even "how hard CAN we make it?") - which 
is basically paraphrasing what's already been said in this thread. 
Stating "Well, because it's possible, don't even bother trying to stop 
it" doesn't (unfortunately) solve the issue of "how can I protect what I 
make" which is the root cry of anyone who spends time building things; 
it just undermines the Second Life economy to the point where it might 
potentially not be viable, obviously something people within in LL are 
keen to avoid.

Please understand we are having the same discussions internally and what 
is said here is taken on board by those making the internal decisions, 
so keep at it.

I'd like to rename this thread since it's quote a contentious name.

Cheers

Jake

Dante Tucker wrote:
> Now don't forget everything here is just opinion. The ultimate 
> decision of what happens with the client is up to Linden Labs. My 
> point is they will listen to everyone before making a decision, not 
> just the few that rant here in this list. We look at things from a 
> technical perspective, others will argue a different perspective. And 
> in the end LL will take all into account. It's a balance really, no 
> reason to get mad.
>
> On Mon, Jun 9, 2008 at 5:22 PM, <ordinal.malaprop at fastmail.fm 
> <mailto:ordinal.malaprop at fastmail.fm>> wrote:
>
>
>     On 9 Jun 2008, at 11:34, Thomas Grimshaw wrote:
>
>         Dante Tucker wrote:
>
>             Lets all just stop pretending anyone who wants to steal
>             textures can't with the current system. Anyone who wants
>             them can already get them. The only thing storing data raw
>             would do is make them more accesable to people who don't
>             want them and have no knoledge of how to get them
>             currently. And if they don't want them then whats the harm?
>
>         Agreed.
>
>         I tire of people moaning about IP security.
>
>         Your stuff is already stolen, deal with it.
>
>         ~Tom
>
>
>     Not to pick on Tom particularly here, but this is the sort of m
>     message that reinforces my opinion that:
>
>     (a) the people involved in discussing assets don't understand what
>     those _creating_ the assets want or think;
>     (b) they don't care.
>
>     The level of snobbery applied here is breathtaking, endless
>     references to pitchforks ho ho, you know, they're all irrational
>     peasants. But even in the current situation, textures not being
>     instantly obtainable by just going to the right directory and
>     dragging to somewhere else is a disincentive to pirates.
>
>     YES, we do all know about glintercept and all the other ways to
>     get hold of textures. YES, we know that there is an intrinsic
>     problem here, that displaying the damn assets implies that they
>     are received by the client. YES, we've all heard these teenage
>     extropian "information wants to be free" tropes, thanks all the same.
>
>     Amazingly enough, people appreciate the practical issues. What
>     they don't like is the idea that they are being treated as idiots
>     and rubes by LL and assorted geeky types because they dare to get
>     worried about the reason that they are there and building the
>     world for you lot to play about with in the first place. Because,
>     you know, if it wasn't for people who make content, you and I
>     would not be here discussing this stuff, as I've said before.
>
>     If you can't offer anything to content creators apart from "ha ha
>     your stuff has already been stolen stupid n00bs" then you might as
>     well close the whole company down right now.
>     _______________________________________________
>     Click here to unsubscribe or manage your list subscription:
>     /index.html
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Click here to unsubscribe or manage your list subscription:
> /index.html
>
Previous message: Hubris, was Re: [sldev] Cache politics: performance vs obfuscation
Next message: [sldev] How Far For Security?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the SLDev mailing list