Jump to content

Catznip 12.1 (+Animesh)

Coffee Pancake

By Coffee Pancake,
in Second Life Viewer

 Share
You are about to reply to a thread that has been inactive for 1856 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Coffee Pancake

Coffee Pancake

Posted
Posted (edited)

CatznipR12_1.thumb.jpg.8ba636e825379788bf4f127716859b19.jpg

Well, here we go again ... 12.1 adds Animesh, fixes and performance voodoo.

Next up .. maybe possibly, perhaps, potentially, probably an OSX version ... wish us luck.

Release Notes http://catznip.com/index.php/Catznip_R12_1_Release_Notes

Download : https://get.catznip.com/downloads

Edited by CoffeeDujour
  • Like 8
  • Thanks 1
Link to comment
Share on other sites
  • Replies 65
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Coffee Pancake
Coffee Pancake

Well, here we go again ... 12.1 adds Animesh, fixes and performance voodoo. Next up .. maybe possibly, perhaps, potentially, probably an OSX version ... wish us luck. Release Notes : http://

Fionalein
Fionalein

Please take your private viewer wars to your own Forums...

Whirly Fizzle
Whirly Fizzle

It's against the Policy on Third-Party Viewers not to have publicly accessible source code.  

Posted Images

Coffee Pancake

Coffee Pancake

Posted
  • Author
Posted

Linux SL development is in the long grass and there are no updates coming from LL or vivox, to cut a very long story short. Use firestorm or run the windows client with wine (the only way to get voice working).

This situation will not improve tills someone manages to build and run the viewer stand alone (using system libs .. if it's even possible), and then submit the code changes back to LL. There is almost no possibility of Linux voice support and nothing we can do about it.

  • Haha 2
Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted
4 hours ago, CoffeeDujour said:

Linux SL development is in the long grass and there are no updates coming from LL or vivox, to cut a very long story short. Use firestorm or run the windows client with wine (the only way to get voice working).

This situation will not improve tills someone manages to build and run the viewer stand alone (using system libs .. if it's even possible), and then submit the code changes back to LL. There is almost no possibility of Linux voice support and nothing we can do about it.

Just pointing out an inaccuracy: Voice works on Linux, as long as a few libraries - some a bit older - are on your system. 

The problem is - unfortunately - that not all client developers use the same libraries or are even aware you need to use certain ones. This is compounded by needing to use the terminal to install a few of them (something I personally discovered after verifying most were installed through the Software Manager), something not many at all are comfortable doing. I know I'm not! 

If you're at all curious, see Firestorm's support pages for Linux and select the distribution closest to the one you use or know your developer used. 

It's been long enough that I do not remember which library I had to install through the console. 

  • Like 3
Link to comment
Share on other sites
Whirly Fizzle

Whirly Fizzle

Posted
Posted (edited)
6 hours ago, Solar Legion said:

Just pointing out an inaccuracy: Voice works on Linux, as long as a few libraries - some a bit older - are on your system. 

For now yes, but not for much longer.
Once LL disable older voice versions from connecting to the voice service (for security reasons), Linux voice is dead unless you run it through Wine.
Linux is stuck on an ancient vivox version because vivox stopped Linux support.
I have no idea when this will be happening though.

Edited by Whirly Fizzle
  • Like 1
  • Thanks 2
Link to comment
Share on other sites
Whirly Fizzle

Whirly Fizzle

Posted
Posted
3 hours ago, Ethan Paslong said:

i don't use this "brand" .. but why would you need the source code?

It's against the Policy on Third-Party Viewers not to have publicly accessible source code.

Quote

You must provide a publicly viewable source code repository for all source code licensed under the LGPL or GPL

 

  • Like 1
  • Thanks 3
Link to comment
Share on other sites
Coffee Pancake

Coffee Pancake

Posted
  • Author
Posted

There isn't any missing source code ... we just don't develop our betas on public repositories because we don't trust you not to gank it and release it before we can, especially when credit tends to be attributed to the first viewer a feature is seen in.

On 2/21/2019 at 4:00 AM, Phil Deakins said:

The reason is possibly to do with memories of Emerald.

Catznip has zero Emerald code and zero connection to Emerald, that would be the Katamari viewer :P

Link to comment
Share on other sites
Ansariel Hiller

Ansariel Hiller

Posted
Posted (edited)
6 hours ago, CoffeeDujour said:

There isn't any missing source code ... we just don't develop our betas on public repositories because we don't trust you not to gank it and release it before we can, especially when credit tends to be attributed to the first viewer a feature is seen in.

Didn't know your last two "releases" were betas. Now excuse me, I got something to do...

/me starts scanning... 😁

Edited by Ansariel Hiller
Link to comment
Share on other sites
Phil Deakins

Phil Deakins

Posted
Posted
13 hours ago, CoffeeDujour said:

Catznip has zero Emerald code and zero connection to Emerald, that would be the Katamari viewer :P

I didn't mean that Catznip has/had anything to do with emerald. I meant the fact that a 3rd party viewer (emerald) was used unscrupulously by one of the developers could be the reason why some people might be wary of any 3rd party viewer that doesn't reveal the source code. Using a 3rd party viewer is giving totally unknown people (strangers) the ability to do whatever they want with your computer - which is what one of the emerald people actually did.

Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted
6 hours ago, Phil Deakins said:

I didn't mean that Catznip has/had anything to do with emerald. I meant the fact that a 3rd party viewer (emerald) was used unscrupulously by one of the developers could be the reason why some people might be wary of any 3rd party viewer that doesn't reveal the source code. Using a 3rd party viewer is giving totally unknown people (strangers) the ability to do whatever they want with your computer - which is what one of the emerald people actually did.

Wasn't Emerald open source?   Nevertheless, no one noticed the problems until one of the own devs (who certainly had access to the code and repositories and, more importantly, understood the code he was reading) became suspicious about the behaviour of some of his colleagues and started to dig deeper into the code.

I used, thoughtlessly, to repeat the mantra that open source means it's safe.   But then, after Emerald, I realised that hadn't stopped their rogue devs from getting up to mischief, since viewer source code is even less widely-read, and certainly even less comprehensible to most of us, than are the terms and conditions of click-through software agreements.

I have no hesitation in using Catznip because I know Kitty and I trust her.    If the source code was available to me I wouldn't have time to read and study it,  and I wouldn't understand it even if I did.   Yes, doubtless others would be able to do that and alert us to any wrongdoing, but since I trust Kitty and her colleagues, I don't need that reassurance.

As to giving totally unknown people the ability to do whatever they want to with my computer, I  -- like most people, I think -- use a service (Malwarebytes in my case) that alerts me to any potentially suspicious behaviour by a programme and asks me what I want to do about it.    I'm used to the alerts I see when I install and update the Official Viewer and Firestorm, and they are the same as the ones I see with Catznip, so I'm not that worried my trust in Kitty and her associates is misplaced.

  • Thanks 1
Link to comment
Share on other sites
Phil Deakins

Phil Deakins

Posted
Posted

Most of the emerald code was open source, and all of it was intended to be completely open to the developers. But one of the main developers (I think it was the guy who actually started emerald - the creator of copybot) decided that a small part of the code was open only to him. He hid what he'd put in it from the other developers. What he'd put in it was described by LL as DDoS attack code that operated every time someone either opened emerald or logged in with it. I don't know which. It was never a DDoS attack though, because there were never enough users opening/logging in with emerald to deny the target from servicing requests.

It may be that those of us who remember that are loathe to trust strangers with running SL software in our computers, knowing that it's just a hobby to those strangers, and not a profession.

Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted
5 minutes ago, Phil Deakins said:

Most of the emerald code was open source, and all of it was intended to be completely open to the developers. But one of the main developers (I think it was the guy who actually started emerald - the creator of copybot) decided that a small part of the code was open only to him. He hid what he'd put in it from the other developers. What he'd put in it was described by LL as DDoS attack code that operated every time someone either opened emerald or logged in with it. I don't know which. It was never a DDoS attack though, because there were never enough users opening/logging in with emerald to deny the target from servicing requests.

It may be that those of us who remember that are loathe to trust strangers with running SL software in our computers, knowing that it's just a hobby to those strangers, and not a profession.

I can't now remember the exact details.   I know that the guy in question was also the guy in whose name the (closed-source, paid for) licence for some proprietary graphics (I think) library was held, so that part was closed source.   I'm not sure that he used that software for his "shenanigans"  (as Emerald's PR woman tried to dismiss the episode).

I do know it came to light when one of the other devs became suspicious about unusual commits that the rogue dev in question was making to the code repository and, when he wasn't satisfied with the explanation he was given, started examining the code himself, and realised the checksums on the clean code he had didn't match the checksums on the code in the viewer as distributed, which got him pulling things apart line by line until he found the underlying exploit.

My point, I think, is the same as yours -- it's a matter of trust.   

Whether or not code is open source is, for most of us, irrelevant when it comes to security issues, since for most of us it might as well be written in ancient Etruscan.   I certainly trust Kitty and her colleagues not to play games with my PC, so the fact that, for whatever reason, they haven't published the code in a timely manner doesn't bother me, since even if they had it wouldn't mean much to me even if I did bother to read it.

 

  • Like 1
Link to comment
Share on other sites
Whirly Fizzle

Whirly Fizzle

Posted
Posted
2 hours ago, Innula Zenovka said:

Wasn't Emerald open source?

Yes.

2 hours ago, Innula Zenovka said:

Nevertheless, no one noticed the problems until one of the own devs (who certainly had access to the code and repositories and, more importantly, understood the code he was reading) became suspicious about the behaviour of some of his colleagues and started to dig deeper into the code.

The problem code (lots of hidden iframes pointing to one particular website) was on the login page of Emerald.  As far as I remember, the login page code was not publicly available.

I was on the Emerald support team at the time & I remember exactly how it all went down as I happened to be in the beta testers chat at the time.
One of our very competent beta testers came into the beta chat & explained what they had found on the login page of Emerald & they were obviously alarmed & asked what the hell was going on.
I poked person X on the Emerald team to come into chat & have a look at what had been reported.
Person X reacted to this very badly, basically called this beta tester a troll & ejected them from the group.
I then had an IM conversation with this beta tester & verified what they said was true.
We were all discussing this in the Emerald support team chat & poked Jess, who was in charge of the support team.
Jess also tested & confirmed what was reported was true.  Jess then raised merry hell with the developers & the ***** hit the fan & we all know the rest of the story.

In short - a certain developer of Emerald was engaged in a long running e-peen war with a developer of a griffer viewer. To be honest, both of them were as bad as each other & were behaving like idiots.
Said Emerald developer came home drunk one night & decided it would be "funny" to add lots of hidden iframes to the Emerald login screen that pointed to the griffer developers website in an attempt to DDOS the griffer developers web site.
Said Emerald developer said they then "forgot" they had done this & they did plan to remove the iframes. There was some evidence that certain other Emerald developers knew this had been done though & kept quiet.
It didn't take long for that beta tester to spot it though & we all know what happened then.


 

 

  • Thanks 4
Link to comment
Share on other sites
animats

animats

Posted
Posted
On 2/20/2019 at 2:59 AM, Whirly Fizzle said:

For now yes, but not for much longer.
Once LL disable older voice versions from connecting to the voice service (for security reasons), Linux voice is dead unless you run it through Wine.
Linux is stuck on an ancient vivox version because vivox stopped Linux support.
I have no idea when this will be happening though.

Ouch. That's when I leave SL.

Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted

Thanks, @Whirly Fizzle  I think there was more to it than that, though, wasn't there?   I recall I first became of it when one of the "whitehat" devs (LordGregGreg) went public about it, and warned everyone on his friends list (including me) that he was no longer confident Emerald was safe to use.   It's too long ago to remember the details but I'm sure I recall mysterious commits to the repository and checksums played some role in it all.

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 1856 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...