Jump to content
CoffeeDujour

Catznip 12.1 (+Animesh)

Recommended Posts

CatznipR12_1.thumb.jpg.8ba636e825379788bf4f127716859b19.jpg

Well, here we go again ... 12.1 adds Animesh, fixes and performance voodoo.

Next up .. maybe possibly, perhaps, potentially, probably an OSX version ... wish us luck.

Release Notes http://catznip.com/index.php/Catznip_R12_1_Release_Notes

Download : https://get.catznip.com/downloads

Edited by CoffeeDujour
  • Like 8
  • Thanks 1

Share this post


Link to post
Share on other sites
32 minutes ago, CoffeeDujour said:

Next up .. maybe possibly, perhaps, potentially, probably an OSX version ... wish us luck.

1

Good luck, but please provide a Linux version as well.

  • Like 2

Share this post


Link to post
Share on other sites

Linux SL development is in the long grass and there are no updates coming from LL or vivox, to cut a very long story short. Use firestorm or run the windows client with wine (the only way to get voice working).

This situation will not improve tills someone manages to build and run the viewer stand alone (using system libs .. if it's even possible), and then submit the code changes back to LL. There is almost no possibility of Linux voice support and nothing we can do about it.

  • Haha 2

Share this post


Link to post
Share on other sites
4 hours ago, CoffeeDujour said:

Linux SL development is in the long grass and there are no updates coming from LL or vivox, to cut a very long story short. Use firestorm or run the windows client with wine (the only way to get voice working).

This situation will not improve tills someone manages to build and run the viewer stand alone (using system libs .. if it's even possible), and then submit the code changes back to LL. There is almost no possibility of Linux voice support and nothing we can do about it.

Just pointing out an inaccuracy: Voice works on Linux, as long as a few libraries - some a bit older - are on your system. 

The problem is - unfortunately - that not all client developers use the same libraries or are even aware you need to use certain ones. This is compounded by needing to use the terminal to install a few of them (something I personally discovered after verifying most were installed through the Software Manager), something not many at all are comfortable doing. I know I'm not! 

If you're at all curious, see Firestorm's support pages for Linux and select the distribution closest to the one you use or know your developer used. 

It's been long enough that I do not remember which library I had to install through the console. 

  • Like 3

Share this post


Link to post
Share on other sites
6 hours ago, Solar Legion said:

Just pointing out an inaccuracy: Voice works on Linux, as long as a few libraries - some a bit older - are on your system. 

For now yes, but not for much longer.
Once LL disable older voice versions from connecting to the voice service (for security reasons), Linux voice is dead unless you run it through Wine.
Linux is stuck on an ancient vivox version because vivox stopped Linux support.
I have no idea when this will be happening though.

Edited by Whirly Fizzle
  • Like 1
  • Thanks 2

Share this post


Link to post
Share on other sites
23 hours ago, Ansariel Hiller said:

What about the source code for this release? 😇

Well... apparently another closed-source release then... 😕

Share this post


Link to post
Share on other sites

It looks pretty good compared with old version, but really need profile viewer and shortcut of teleport history :D

Edited by elixdude

Share this post


Link to post
Share on other sites
9 hours ago, Ansariel Hiller said:

Well... apparently another closed-source release then... 😕

i don't use this "brand" .. but why would you need the source code?

Share this post


Link to post
Share on other sites
15 minutes ago, Ethan Paslong said:

i don't use this "brand" .. but why would you need the source code?

The reason is possibly to do with memories of Emerald.

Share this post


Link to post
Share on other sites
3 hours ago, Ethan Paslong said:

i don't use this "brand" .. but why would you need the source code?

It's against the Policy on Third-Party Viewers not to have publicly accessible source code.

Quote

You must provide a publicly viewable source code repository for all source code licensed under the LGPL or GPL

 

  • Like 1
  • Thanks 3

Share this post


Link to post
Share on other sites
15 hours ago, CoffeeDujour said:

No .... our priority when getting a release out is the people who use Catznip. 

That explains the missing source code of the last 3... 4... releases?

Share this post


Link to post
Share on other sites

There isn't any missing source code ... we just don't develop our betas on public repositories because we don't trust you not to gank it and release it before we can, especially when credit tends to be attributed to the first viewer a feature is seen in.

On 2/21/2019 at 4:00 AM, Phil Deakins said:

The reason is possibly to do with memories of Emerald.

Catznip has zero Emerald code and zero connection to Emerald, that would be the Katamari viewer :P

Share this post


Link to post
Share on other sites
6 hours ago, CoffeeDujour said:

There isn't any missing source code ... we just don't develop our betas on public repositories because we don't trust you not to gank it and release it before we can, especially when credit tends to be attributed to the first viewer a feature is seen in.

Didn't know your last two "releases" were betas. Now excuse me, I got something to do...

/me starts scanning... 😁

Edited by Ansariel Hiller

Share this post


Link to post
Share on other sites
13 hours ago, CoffeeDujour said:

Catznip has zero Emerald code and zero connection to Emerald, that would be the Katamari viewer :P

I didn't mean that Catznip has/had anything to do with emerald. I meant the fact that a 3rd party viewer (emerald) was used unscrupulously by one of the developers could be the reason why some people might be wary of any 3rd party viewer that doesn't reveal the source code. Using a 3rd party viewer is giving totally unknown people (strangers) the ability to do whatever they want with your computer - which is what one of the emerald people actually did.

Share this post


Link to post
Share on other sites
6 hours ago, Phil Deakins said:

I didn't mean that Catznip has/had anything to do with emerald. I meant the fact that a 3rd party viewer (emerald) was used unscrupulously by one of the developers could be the reason why some people might be wary of any 3rd party viewer that doesn't reveal the source code. Using a 3rd party viewer is giving totally unknown people (strangers) the ability to do whatever they want with your computer - which is what one of the emerald people actually did.

Wasn't Emerald open source?   Nevertheless, no one noticed the problems until one of the own devs (who certainly had access to the code and repositories and, more importantly, understood the code he was reading) became suspicious about the behaviour of some of his colleagues and started to dig deeper into the code.

I used, thoughtlessly, to repeat the mantra that open source means it's safe.   But then, after Emerald, I realised that hadn't stopped their rogue devs from getting up to mischief, since viewer source code is even less widely-read, and certainly even less comprehensible to most of us, than are the terms and conditions of click-through software agreements.

I have no hesitation in using Catznip because I know Kitty and I trust her.    If the source code was available to me I wouldn't have time to read and study it,  and I wouldn't understand it even if I did.   Yes, doubtless others would be able to do that and alert us to any wrongdoing, but since I trust Kitty and her colleagues, I don't need that reassurance.

As to giving totally unknown people the ability to do whatever they want to with my computer, I  -- like most people, I think -- use a service (Malwarebytes in my case) that alerts me to any potentially suspicious behaviour by a programme and asks me what I want to do about it.    I'm used to the alerts I see when I install and update the Official Viewer and Firestorm, and they are the same as the ones I see with Catznip, so I'm not that worried my trust in Kitty and her associates is misplaced.

  • Thanks 1

Share this post


Link to post
Share on other sites

Most of the emerald code was open source, and all of it was intended to be completely open to the developers. But one of the main developers (I think it was the guy who actually started emerald - the creator of copybot) decided that a small part of the code was open only to him. He hid what he'd put in it from the other developers. What he'd put in it was described by LL as DDoS attack code that operated every time someone either opened emerald or logged in with it. I don't know which. It was never a DDoS attack though, because there were never enough users opening/logging in with emerald to deny the target from servicing requests.

It may be that those of us who remember that are loathe to trust strangers with running SL software in our computers, knowing that it's just a hobby to those strangers, and not a profession.

Share this post


Link to post
Share on other sites
5 minutes ago, Phil Deakins said:

Most of the emerald code was open source, and all of it was intended to be completely open to the developers. But one of the main developers (I think it was the guy who actually started emerald - the creator of copybot) decided that a small part of the code was open only to him. He hid what he'd put in it from the other developers. What he'd put in it was described by LL as DDoS attack code that operated every time someone either opened emerald or logged in with it. I don't know which. It was never a DDoS attack though, because there were never enough users opening/logging in with emerald to deny the target from servicing requests.

It may be that those of us who remember that are loathe to trust strangers with running SL software in our computers, knowing that it's just a hobby to those strangers, and not a profession.

I can't now remember the exact details.   I know that the guy in question was also the guy in whose name the (closed-source, paid for) licence for some proprietary graphics (I think) library was held, so that part was closed source.   I'm not sure that he used that software for his "shenanigans"  (as Emerald's PR woman tried to dismiss the episode).

I do know it came to light when one of the other devs became suspicious about unusual commits that the rogue dev in question was making to the code repository and, when he wasn't satisfied with the explanation he was given, started examining the code himself, and realised the checksums on the clean code he had didn't match the checksums on the code in the viewer as distributed, which got him pulling things apart line by line until he found the underlying exploit.

My point, I think, is the same as yours -- it's a matter of trust.   

Whether or not code is open source is, for most of us, irrelevant when it comes to security issues, since for most of us it might as well be written in ancient Etruscan.   I certainly trust Kitty and her colleagues not to play games with my PC, so the fact that, for whatever reason, they haven't published the code in a timely manner doesn't bother me, since even if they had it wouldn't mean much to me even if I did bother to read it.

 

  • Like 1

Share this post


Link to post
Share on other sites
18 minutes ago, Innula Zenovka said:

My point, I think, is the same as yours -- it's a matter of trust. 

Yes, we do share that point.

Share this post


Link to post
Share on other sites
2 hours ago, Innula Zenovka said:

Wasn't Emerald open source?

Yes.

2 hours ago, Innula Zenovka said:

Nevertheless, no one noticed the problems until one of the own devs (who certainly had access to the code and repositories and, more importantly, understood the code he was reading) became suspicious about the behaviour of some of his colleagues and started to dig deeper into the code.

The problem code (lots of hidden iframes pointing to one particular website) was on the login page of Emerald.  As far as I remember, the login page code was not publicly available.

I was on the Emerald support team at the time & I remember exactly how it all went down as I happened to be in the beta testers chat at the time.
One of our very competent beta testers came into the beta chat & explained what they had found on the login page of Emerald & they were obviously alarmed & asked what the hell was going on.
I poked person X on the Emerald team to come into chat & have a look at what had been reported.
Person X reacted to this very badly, basically called this beta tester a troll & ejected them from the group.
I then had an IM conversation with this beta tester & verified what they said was true.
We were all discussing this in the Emerald support team chat & poked Jess, who was in charge of the support team.
Jess also tested & confirmed what was reported was true.  Jess then raised merry hell with the developers & the ***** hit the fan & we all know the rest of the story.

In short - a certain developer of Emerald was engaged in a long running e-peen war with a developer of a griffer viewer. To be honest, both of them were as bad as each other & were behaving like idiots.
Said Emerald developer came home drunk one night & decided it would be "funny" to add lots of hidden iframes to the Emerald login screen that pointed to the griffer developers website in an attempt to DDOS the griffer developers web site.
Said Emerald developer said they then "forgot" they had done this & they did plan to remove the iframes. There was some evidence that certain other Emerald developers knew this had been done though & kept quiet.
It didn't take long for that beta tester to spot it though & we all know what happened then.


 

 

  • Thanks 4

Share this post


Link to post
Share on other sites
On 2/20/2019 at 2:59 AM, Whirly Fizzle said:

For now yes, but not for much longer.
Once LL disable older voice versions from connecting to the voice service (for security reasons), Linux voice is dead unless you run it through Wine.
Linux is stuck on an ancient vivox version because vivox stopped Linux support.
I have no idea when this will be happening though.

Ouch. That's when I leave SL.

Share this post


Link to post
Share on other sites
17 minutes ago, CoffeeDujour said:

-

Hmm. Yeah, I guess dismissing Copybot as a silly toy isn't compatible with promoting the integrity of other SL-related software.

Share this post


Link to post
Share on other sites

Thanks, @Whirly Fizzle  I think there was more to it than that, though, wasn't there?   I recall I first became of it when one of the "whitehat" devs (LordGregGreg) went public about it, and warned everyone on his friends list (including me) that he was no longer confident Emerald was safe to use.   It's too long ago to remember the details but I'm sure I recall mysterious commits to the repository and checksums played some role in it all.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...