[sldev] 3rd party viewer policy post on blogs.secondlife.com

Tigro Spottystripes tigrospottystripes at gmail.com
Wed Oct 21 08:23:21 PDT 2009


the secret isn't "ALLEN", the secrent is some sort of formula tha twill
give an answer to a question, no matter what the question, on eahc check
the question is different and the asnwer is different, but if both sides
are using the same formular, the side that asked the question will see
the answer it is expecting. It's how GSM chip identification works, you
can't sniff the radio waves to figure out how to clone a chip, the
questions and answers always change. The secret formula might as well be
somthing along the lines of a one time pad
http://en.wikipedia.org/wiki/One-time_pad


Mike Dickson escreveu:
> On Wed, 2009-10-21 at 15:03 +0000, Anders Arnholm wrote: 
>   
>> The big problem is whan you send your viewer out, if it should be in any
>> whay possible to send data to the server "HEY I'm the good viewer from
>> Balp. My secret is, ALLEN" The users computer have to get the secret,
>> The minute the user have the secret oin there own computer that can
>> extraxt it. Put in into there own what ever to tell the servers "HEY
>> I'm the good viewer from Balp. My secret is, ALLEN". This will make any
>> try to use this for any identifications on the LL side impossible.
>>     
>
> Right, code signing could tell a *user* the original source of the
> viewer but can't in any way that I know be used to identify over the
> wire that the viewer is valid in a way thats not spoofable. 
>
> Perhaps if the focus is making content creators happy that's enough.
> Though I don't see a mechanism here for LL to enforce attempts to grief
> or steal content using a specific viewer. 
>
> Mike
>
>
>
>   



More information about the SLDev mailing list