CO19 Posted May 5, 2012 Share Posted May 5, 2012 If I started a website external from sl and somebody was browsing my website from within sl using the ingame browser.Would it be it possible to find information about the avatar browsing, for example: their name?Thanks,:D Link to comment Share on other sites More sharing options...
Rival Destiny Posted May 5, 2012 Share Posted May 5, 2012 Sorry am unsure of the answers to your q's. However, I have a question - when you say 'website' are you referring to your personal website or your sl profile/sl websites? Link to comment Share on other sites More sharing options...
outtaspace Posted May 5, 2012 Share Posted May 5, 2012 using PHP you can find which browser they are using by: $_SERVER['HTTP_USER_AGENT'] Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 I am reffering to my personal website external from sl. Should have been more clear :smileyembarrassed: Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 Thanks :matte-motes-smile: But is there anyway to find information about the avatar browsing the website? Maybe their name for example? Link to comment Share on other sites More sharing options...
outtaspace Posted May 5, 2012 Share Posted May 5, 2012 i dont think it is possible to get the SL username when using the inword browser.. you could if you were to make a prim media browser Link to comment Share on other sites More sharing options...
Darkie Minotaur Posted May 5, 2012 Share Posted May 5, 2012 If it were, it would be against the ToS. And as far as the browsers and the browser information is concerned, it's not really true that you can detect which browser is using - all you can see is what browser information people decide (intentionally or not) to have sent to the webserver. Many rowsers even let you set that. Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 Thanks for your reply. I am starting a sl fansite where each account on the fansite has a corresponding account on sl. The issue here is that anybody could register an account on my fansite and claim to be a certain person in sl, so I need a way of verifying each avatar that signs up to my fansite. I was hoping to use the ingame browser for account creation, so when a resident wants to join my fansite, they do so from within sl. And their account name (and maybe some other information) is automatically detected for them. If it is not possible to get the information this way could you think of any other way I could verifng each avatars identity? Once again, thanks for your reply; I certainly wouldnt want to break the ToS. Link to comment Share on other sites More sharing options...
Darkie Minotaur Posted May 5, 2012 Share Posted May 5, 2012 There are several ways. One way would be that you do the actual signing up in SL through a 'terminal' using the http features of LSL you could do the signing up in SL. Another way would be, that they sign up on your website, but have to verify their identity inworld. And I'm sure other will come up with even better ideas. ETA If on sign up on the website people would be required to leave their key, you could at least check whether that's a valid key or not Link to comment Share on other sites More sharing options...
outtaspace Posted May 5, 2012 Share Posted May 5, 2012 Darkie, why do you say it would be against TOS to collect username on an external website? Link to comment Share on other sites More sharing options...
PeterCanessa Oh Posted May 5, 2012 Share Posted May 5, 2012 When someone touches something you know their avatar's name and UUID. At that time tell them a random temporary password. Send the name, UUID and temporary password to your web site. Your web site creates the account with the temporary password. When the person logs in first time they use this password and are immediately directed to the change-password screen. Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 The ingame terminal is a really cool idea. The main challange is that the process has to be automatic and fast. Thanks for your advice. Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 Would work perfectly, but I am slightly worried that the inconvience of finding the ingame object would put some users off registering. Link to comment Share on other sites More sharing options...
Darkie Minotaur Posted May 5, 2012 Share Posted May 5, 2012 You can make it all fully automatic and pretty fast. - You could e.g. it this way: user registers on your website at the end of the registration, you give the user a SLURL to go to at this inworld location, there is a terminal, which the user touches and types in their username or a code they hve gotten at the end of the web-registration - the terminal sends that information straight to your website - user is verified Link to comment Share on other sites More sharing options...
Rolig Loon Posted May 5, 2012 Share Posted May 5, 2012 outtaspace wrote: Darkie, why do you say it would be against TOS to collect username on an external website? I think Darkie is referring to the notorious IP snooping violations a little over a year ago that resulted in a widely publicized banning of RedZone and the guy responsible --- or maybe to the equally notorious case of the Emerald viewer, which was banned a year before that. The relevant portion of the Community Standards (referenced un the TOS) says "Residents are entitled to a reasonable level of privacy with regard to their Second Life experience. Sharing personal information about your fellow Residents without their consent -- including gender, religion, age, marital status, race, sexual preference, alternate account names, and real-world location beyond what is provided by them in their Resident profile -- is not allowed." It's one thing to ask people to sign up for membership in a group and ask them to give information voluntarily. It's something entirely different to scrape it from their login without their knowledge. I'm NOT saying that's what the OP is doing. I'm just answering your question about where the pitfalls may lie. Link to comment Share on other sites More sharing options...
Darkie Minotaur Posted May 5, 2012 Share Posted May 5, 2012 Thank you for answering that for me - it's exactely what I had in mind - the havok that RedZone caused. Now, after the OP stated hisor her intentions, the ways Peter and I suggested certainly do not offend against the ToS - the users can freely decide to give the information or not. Link to comment Share on other sites More sharing options...
Rival Destiny Posted May 5, 2012 Share Posted May 5, 2012 I think there are 2 different questions here. One is against TOS the other isn't. The first one, grabbing an sl users name via internal browser to an external website without their knowledge - against TOS. CO19 wrote: If I started a website external from sl and somebody was browsing my website from within sl using the ingame browser. Would it be it possible to find information about the avatar browsing, for example: their name? Thanks, The second, which is totally different inquiry than the first, Avatars knowingly registering for a website. CO19 wrote: If I started a website external from sl and somebody was browsing my website from within sl using the ingame browser. Would it be it possible to find information about the avatar browsing, for example: their name? Thanks, Link to comment Share on other sites More sharing options...
outtaspace Posted May 5, 2012 Share Posted May 5, 2012 i ask because i am building a HUD that will automatically create an account for the extneral website and to backup the HUD data in a DB. To access the website i was going to create an auto-login which passes their username and password direct to the login. All i could find on this was in the privacy policy.. Further, you agree and understand that Linden Lab does not control and is not responsible for information, privacy or security practices concerning data that you provide to, or that may otherwise be collected by, Second Life users other than Linden Lab. For instance, some services operated by Second Life users may provide content that is accessed through and located on third party (non-Linden Lab) servers that may log IP addresses. Link to comment Share on other sites More sharing options...
Rival Destiny Posted May 5, 2012 Share Posted May 5, 2012 I think when it comes to that level of privacy, an avatar's name is not the same at all. When you log into any website, your IP addy is always logged. But other info, such as a person's name, is never logged unless voluntarily given. Link to comment Share on other sites More sharing options...
Darkie Minotaur Posted May 5, 2012 Share Posted May 5, 2012 Let people know that you are passing their data to an outworld server and store it there - then you should be safe. Logging IPs is something very different from logging names - and the more so, if you don't tell people that you are doing it. An IP is not very easily traced to a person. In the country I life in, at least, it requires a court's decision to get the name of a person that used a certain IP address at a given time. Link to comment Share on other sites More sharing options...
Rolig Loon Posted May 5, 2012 Share Posted May 5, 2012 @ outtaspace: Yeah, that section of the TOS you quoted is just LL's own indemnification clause. All it's saying is that THEY are not responsible if someone else violates your privacy. It's not saying that they give other people the right to do it. The thing that got RedZone and Emerald in big time trouble was connecting bits of information (avatar name and IP address -- and thus, potentially, RL identity) and making it public. That's a violation of the bit that I quoted earlier, so that's what you have to watch out for. Personally, I value my own privacy so highly that I am very cautious about asking anyone else about theirs, so I avoid even coming close to that line. I don't ask who anyone I meet in SL might be in RL, and I don't care. But that's just me. Again, though, I think that asking people to register voluntarily to participate in a service is fine, so the direction that Darkie and others are suggesting here ought to be no problem. Link to comment Share on other sites More sharing options...
CO19 Posted May 5, 2012 Author Share Posted May 5, 2012 Thanks for your advice. I have no intention of loggin ip address on the fansite I am developing. Link to comment Share on other sites More sharing options...
outtaspace Posted May 5, 2012 Share Posted May 5, 2012 Thanks for all your responses.. ok so if i put in a dialog saying 'You must have an account on our website to be able to play, your SL username will be stored in our DB' then accept or deny buttons.. that will give them the option Do you think this is ok? Link to comment Share on other sites More sharing options...
Rolig Loon Posted May 5, 2012 Share Posted May 5, 2012 Sounds good to me. Link to comment Share on other sites More sharing options...
PeterCanessa Oh Posted May 5, 2012 Share Posted May 5, 2012 Don't check IPs are unique, it's just too unreliable. There are many students, for instance, who log-in through their college's connections and all appear to have the same IP (false positives). This is why so many people have been wrongly-banned from sims, events and even SL. You certainly don't want to bother storing IPs. Not only is it against the TOS but many people will be given a new address by their ISP every time they start their router/modem anyway so appear to not be genuine (false negatives). Before you ask - no, there is no reliable way to check. You might want to try cookies. At least then you can be fairly sure not to get false positives, although there isn't much you can do to avoid false negatives. Link to comment Share on other sites More sharing options...
Recommended Posts
Please take a moment to consider if this thread is worth bumping.
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now