Redzone on a Hud is it legal?

[LilFlowers]

 

 Hello everybody

The other day while me and a friend was hanging out someone got my IP then began shouting it across the region the IP address with location my question is is this legal ? Because my feelings were my real life was private unless I shared it.

My friend had talked with the griefer pretending to be like him to find out how he did it after awhile he was giving a link to a website that sales them for secondlife .LINK to public internet site http://www.shellshock.ws/

Is their anything else I can do to protect myself ? I just come to secondlife to chat and have fun.

[KarenMichelle Lane]

We just discussed something similar in a previous thread...

http://community.secondlife.com/t5/General-Discussion-Forum/About-the-IP/td-p/2420623

Your Response: Abuse Report the person who blurted out your IP address in open or group chat.

By the way, this is not RedZone on a HUD. All this is is a newly scripted IP address capturing product. It allows a person that can manage to fool another into selecting a link in chat, or running their music or media player on a parcel they control to expose their ISP owned routers  IP address.

RedZone [laughably called a security system] was a full product with an external database that organized this captured data and sorted it by IP address to discover ALTs [and colleges, businesses, coffee shoppes] for the purposes of banning them via IP address. Of course this idiotic product also managed to get avatar accounts from whole colleges & businesses and coffee shops banned as well as the occasional thief using a copybot enabled viewer. I remember so many drama queens & kings purchasing this product to and I quote "protect themselves" from exes and stalkers and cheating BFs & GFs.

RedZone was finally banned by Linden Lab. The exact reason is not known of course. I venture to think because of it's use by merchants in-world. Imagine the wholesale banning of all the avatar accounts from colleges and businesses by merchants in SL. That had to be also embarrassing to Linden Research when inviting businesses to embrace SL as a potential Marketing platform to meet potential and existing customers. As I recall the TOS was amended accordingly as a result.

I guess the new rules of engagement for those fearful of their IP address being known [and thus their rough geographical location and/or ALTs] are:

1) Don't talk to strangers; - [Especially in Sandboxes] Talking only opens up a way for them to fool you as noted below.

2) Never click on links passed to you in chat - [Duh! - Who does this ever?] Why? IP address passed to page for content return.

3) Never allow your Music or Media to play automatically - [Duh! - Who does this ever?] Why? IP Address needed for players.

4) Never accept a scripted gift from a stranger that you need to wear or rez unless you trust them 110%

5) Never Grant Permission for anything to debit your account unless you are expecting this feature to be active.

6) Never accept an invitation to visit someone's region in the OSGrid. - [You manage your own regions here]  Why? Because your IP address is known to the regions and to those of us who own, host & manage them.

That pretty much closes off the spy HUD's options. Nothing new, just new techniques [Like a HUD to make this easy for dummy's!] using standard features that are needed in order for SL to function properly.

 

P.S. To be honest, you give your routers IP address away to each and every web page you visit and web based service you use using your PC/Phone/Tablet/Whatever. All an IP address is, is a return address to your ISP owned router. Since ISPs are the real owner of your IP address all this can potentially do is indicate your rough geographic location. [The location of the owner of the IP address range.] My IP address is owned by AT&T and on the geo-locater services comes up sometimes as close as my real life city and sometimes 50 miles away in downtown Los Angeles.

The majority of us are safe behind these ISP routers because our PC/Phone/Tablet/Whatever is assigned a local IP address managed from a NAT [Network Address Translation] table and our individual devices can't be addressed [or attacked] directly. They all appear to have the same IP address to the outside world.

 

 

 

[Madelaine McMasters]

In addition to your six rules, I'll add that one should be careful out here in the forums as well. When you click an external link in a post, it may take you to a place that will scrape your IP address. If you then return to the forum and comment on whatever you saw/read/heard at the linked page, you have provided both your IP address and your SL name, though not connected. But, the small population of residents here makes it possible for someone to correlate your name and IP address with just a few well crafted posts.

No matter how sophisticated your technical defense against the malicious, the most powerful (and squishiest) tool in your arsenal will always be the weakest link.

Damned brains.

[Ceka Cianci]

Redzone hud didn't scan and get IP's from your connection

it did user name scans and matched the name up to see if  it's in it's database as a kind of profiling..

more than likely they got it from the music stream or some sort of place you are connecting to that they can see in some way..

 

AR the asshats for Disclosure..

posting an IP is no big deal..

it's when they post up an ip and say who's it is ,is when they crossed over..

 

 

 

 

 

 

[KarenMichelle Lane]

Please update your question with the requested information as follows:

Select the Options drop-down menu to the right of your question and select Edit Question.

---

Ceka Cianci wrote:

 

Redzone hud didn't scan and get IP's from your connection. It did user name scans and matched the name up to see if  it's in it's database as a kind of profiling.. More than likely they got it from the music stream or some sort of place you are connecting to that they can see in some way.. 

---

Exactly correct Ceka,

https://jira.secondlife.com/browse/ARVD-38?

 

Description

UPDATE

I've moved this to read-only archive section, as RedZone is not the issue anymore.

For IP discoverability issues, feel free to comment on VWR-17812, VWR-17044, or issues linked from those. Alternately, create new JIRAs if you have other ideas for privacy features.

For the concerns below about resi groups collecting other content non-programmatically or outside of SL, these can't be addressed by code changes. For these, contact Governance with specific complaints about things that have been shared or linked from within SL. Or, start a forum thread. Governance is unlikely to see issues in the JIRA. In the forum, you can propose and explore rules that may make you more comfortable in SL, and you can highlight existing concerns as examples. – Soft

SecondLife TOS 8.3: Post or transmit viruses, Trojan horses, worms, spyware, time bombs, cancelbots, or other computer programming routines that may harm the Service or interests or rights of other users, or that may harvest or collect any data or personal information about other users without their consent;

zF RedZone. Detect Copybot viewers, their alts, log visitors, Web Control, Grid Wide..... Uses Secondlifes servers to gather and store personal information, to compile and offer a list of private, or public held alts, with out users explicit consent.

Redzone uses media bugs to gather IP addresses so that it may formulate a list of possible user alts, to use in SL... The use of such knowledge is a break in the SL TOS...

"zF Redzone is a system created by zFire Xue which relies on a bug in Second Life's parcel media system to harvest the names and IP addresses of visiting avatars without their knowledge. The names of avatars which logged into Second Life from the same IP address (ie. alt accounts, accounts belonging to family members, room-mates, colleagues, etc.) are then cross-linked and disclosed to end-users of the system. At the time of writing, zF Redzone is being used in 17,480 locations and contains IP addresses linked to 8,624,865 avatar accounts. We would like you to ban zF Redzone due to the obvious privacy issue it represents, and fix the parcel media bug which makes systems like it possible.".

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Mind you, the need for the FMOD & Quicktime media software to know your IP address has always been a feature of these well used library of services. FMOD & Quicktime are how the SecondLife viewer and other 3rd Party Viewers perform media playback tasks as needed. The task is passed onto the appropriate module in these libraries. In the case of Quicktime a texture is also mapped to be replaced by the results of the media rendering. The Media on a Prim feature works like this as well utilizing the Adobe Flash routine library.

The ability to script an in-world method to "easily" capture an IP address was corrected [we hope]. The earlier concerns about the them new SL 2 Beta Viewer pre-prompting media and music sources concerned many [VWR-17812 & VWR-17044].

Unfortunately this is easily circumvented by tricking someone in chat or with a NC into clicking on a link that leads to  to a custom adapted webpage and/or by having them listen to a stream or view a media presentation hosted on a compromised relay service on a parcel they control.

Based on the prior reasons "never published" that allowed Linden Lab to ban and then delete from all asset servers any of RedZones products, this new product may qualify for this treatment as well.

 

[Ceka Cianci]

ya the redzone system itself was more lethal than the hud and would get IP's and match times people would enter.

 

so it was ip match to time of someone entering  the sim..store it in the database..then anyone checking can get results of any accounts related by ip..

any char showing up with that IP could be matched up on the database to show any other accounts related that have been scanned,,

IP being inaccurate because of many reasons..this made the system very flawed.

 

 it was a system that gave a lot of people a false sense of security..

because if you have music streaming off it was useless if you never been scanned before..

people were using it to out other peoples alts and everything..

 

the thign that got it bit was users bringing up the fact that  it's announcing information not in the profile..

that alts are personal accoutn information of the user and not public unless the user decided so..

there is more too it than that..but  i was in that war back then and still not too energetic about going back into all those details..it was a terrible time back then..

soo much energy felt wasted..

good did come from it ..from a lot of great people doing really cool stuff to beat that system..like Sione..one of the biggest contributors with his media filters..

 

bleh i better stop..i don't want to start down that road again..

i start thinking about asshats of the past and i really don't like renting them that space i like to use for better thoughts.

lol

[Perrie Juran]

Thanks for posting that. 

Last night I looked at the Web page for that item and found it very interesting they claimed it could identify which Viewer someone was using. That raised a red flag for me because we know that the Servers no longer broadcast that information.

If somehow it is scraping that info from the Servers that in itself could be a violation.

I do love it that Soft Linden said contact the Governance Team but didn't say how to. 

[Hoshi Kenin]

LL banned Redzone in no small part because the Greenzone group formed to combat this spyware and were effectively blacklisting stores and malls and clubs with redzone and using the Greenzone hud to broadcast this.   LL were, imo, perfectly happy to rake in cash from Redzone's creator for a very long time before having to act.

The whole thing is still a grey area, the paranoid people you mention now buy other dubious security devices such as a certain alt detector , which is sold to - cough - stop all those 'millions' of alts stealing sploder prizes from gambling, oops.....sorry.... I meant 'skill', um,  games.   This device's creator even more audaciously listed all members of Greenzone on a site of his own, and in SL sent them a threatening message to leave the Greezone group or by labelled as 'griefers'. 

What did LL do about this flagrant abuse/blackmail?  Sweet F.A.  Greenzone group chat is still regularly trolled by his 'staff'......for want of  a better name.

Re. your points, no. 3 is a grey area.  As I understood it, the more recent viewers - even if media is set to default - relay a warning about the type of media a particular sim is requesting?   Plenty people like to have their music on, in particular, and even if they decide to be cautious, how do they know what a sim is doing to them when they visit somewhere new?

It is a right royal mess, as per usual.

[Aethelwine]

---

KarenMichelle Lane wrote:

3) Never allow your Music or Media to play automatically - [Duh! - Who does this ever?] Why? IP Address needed for players. 

 

---

Anyone following the advice of one of the inworld TV and video support people. I know that is the advice I was given.

That said I now keep it turned off, but that is because of the way media is setup on my sim. Many if not most people probably have media on autoplay.

[Ceka Cianci]

shared media on a prim is enough for me to never turn mine on auto..

even with MOA filters..by the time it triggered it would be too late..

where the steams filters stop the connection before it happens..

[KarenMichelle Lane]

---

Aethelwine wrote:

---

KarenMichelle Lane wrote:

3) Never allow your Music or Media to play automatically - [Duh! - Who does this ever?] Why? IP Address needed for players. 

---

Anyone following the advice of one of the inworld TV and video support people. I know that is the advice I was given.

That said I now keep it turned off, but that is because of the way media is setup on my sim. Many if not most people probably have media on autoplay.

---

As an amendment to the advise I gave in 3)  I should add...

                              "Only turn on your media players [hit the play button] after you arrive at your performance destination."

The DJs at most clubs are usually not the data collector types wanting to out their listeners geographic locations or IP addresses. But that said I have done a "Shout Out" to thank everyone joining us at my sets from "the US" or from "the UK" or from "Down Under" or from "Romania" when I take a quick look my relay streams map of listeners by country. That's as far as I take it in-world.

[Czari Zenovka]

---

Ceka Cianci wrote:

Redzone hud didn't scan and get IP's from your connection

it did user name scans and matched the name up to see if  it's in it's database as a kind of profiling..

more than likely they got it from the music stream or some sort of place you are connecting to that they can see in some way..

 

 

---

Hey Ceka!  This isn't a response to the above quote per se, but kind of on topic.   It is a response to your post awhile back when you mentioned always missing T-shirt day. *Grins*  Greenzone was a response from some merchants who posted a sign in their shops that indicated to customers that they did not participate in Redzone annnndddd of course someone came out with...a T-shirt!!!  It was the "All My Alts Belong to Me" shirt.  Just sent that to you in world along with:

*Just Ignore and Let This Die (The post that began one of the longest-running threads on the old RA forums, affectionately known as "The Undying Thread")

*SL5B (The only SL birthday I attended; back when LL was still involved)

*XGreed - I think that was when SL purchased XStreet

*No Voice - Remember the brewhaha when voice was introduced to SL?

There you go...all the T-shirts I snagged.   Since you said you don't go in world often, I posted this here as well.

(If anyone wants any of these shirts, please send an IM to me in world.)

[LilFlowers]

Thanks for the help, Good advice, I wont share my further opinion on this very bad thing being done to people, I'll just have to look at what options are available to me online in the meantime.

Thanks everyone & stay blessed

lilflowers

 

[Ceka Cianci]

---

Czari Zenovka wrote:

---

Ceka Cianci wrote:

Redzone hud didn't scan and get IP's from your connection

it did user name scans and matched the name up to see if  it's in it's database as a kind of profiling..

more than likely they got it from the music stream or some sort of place you are connecting to that they can see in some way..

 

 

---

Hey Ceka!  This isn't a response to the above quote per se, but kind of on topic.

  It is a response to

your post

awhile back when you mentioned always missing T-shirt day. *Grins*  Greenzone was a response from some merchants who posted a sign in their shops that indicated to customers that they did not participate in Redzone annnndddd of course someone came out with...a T-shirt!!!  It was the "All My Alts Belong to Me" shirt.  Just sent that to you in world along with:

*Just Ignore and Let This Die (The post that began one of the longest-running threads on the old RA forums, affectionately known as "The Undying Thread")

*SL5B (The only SL birthday I attended; back when LL was still involved)

*XGreed - I think that was when SL purchased XStreet

*No Voice - Remember the brewhaha when voice was introduced to SL?

There you go...all the T-shirts I snagged.

  Since you said you don't go in world often, I posted this here as well.

(If anyone wants any of these shirts, please send an IM to me in world.)

---

LOL oh i remember that post now hehehe

 

thank you for all the T-shirts hehehe :smileyhappy: