Anyone heard of "Speed Light Web Viewer?"

[Tari Landar]

I have a question, and it's probably a stupid one (and doesn't necessitate exact specifics as I realize that's a bit of a look behind the proverbial curtain, so...cliff's notes perhaps?)

How can your service allow users to switch between devices, without logging off, when it would require multiple instances of the same credentials, even if only temporarily? I have always been under the impression that this is, or should be, an impossibility for any client (and I haven't yet found any other client that can, or will, do such, so one could presume it may be some kind of requirement, even if only as another security measure).

Like I said, I realize specifics would be a peek behind the curtain and totally not necessary, I just see this as a potentially serious security risk (multiple logged on instances simultaneously of pretty much any services/things increase security risks, sometimes exponentially, and often require numerous prevention methods..like..not doing it) although others may not see it as such. I can see it being problematic and can fully understand why others might consider it to be an unnecessary risk. It might help ease that concern if people understood how multiple instances on multiple devices (which in and of themselves are going to vary widely as far as security is concerned), of the same credentials isn't a risk, perhaps.

I do hope it works out wonderfully for all, both end users and the company, I"m certain it's a service people will enjoy

[Madelaine McMasters]

18 minutes ago, Tari Landar said:

I have a question, and it's probably a stupid one (and doesn't necessitate exact specifics as I realize that's a bit of a look behind the proverbial curtain, so...cliff's notes perhaps?)

How can your service allow users to switch between devices, without logging off, when it would require multiple instances of the same credentials, even if only temporarily?

Here's how I suspect it works...

When you log into SpeedLight using your SpeedLight credentials, you're connected to their cloud database, much as if you'd logged into the forums from your PC. From there, you can then log into your SL account. Your SL login credentials are passed directly to SL, and are (if I understand Glaznah correctly) never seen by SpeedLight. Those SL credentials are used to establish a secure connection between SL and SpeedLight's cloud instance of "you", which appears to SL as a viewer. Should you attempt to log directly into SL from your computer while SpeedLight is connected, you'd get the message that you're already logged in. As expected, SL allows only once instance of "you" to be connected at any one time.

It's different for SpeedLight itself however. Much like the SL forums, a bank account, or Amazon, you can access your SpeedLight account from multiple devices simultaneously. That multiple access is handled by service's database. I have multiple devices logged into the forums 24/7, and switch between them regularly during the day. It's no different for access to SpeedLight. Just as my multiple devices connections to the forum produce a single coherent(I hope!) representation of Madelaine McMasters, multiple connections to the SpeedLight viewer instance of Tari Landar will all resolve to a single coherent instance of Tari Landar in SL.

 

[Glaznah Gassner]

16 hours ago, Tari Landar said:

How can your service allow users to switch between devices, without logging off, when it would require multiple instances of the same credentials, even if only temporarily?

This works in the following way:

1. When you login, your browser sends your credentials directly to SL login servers (directly and SSL-encrypted)
2. SL server checks the credentials. If everything is ok, the avatar logs in without connecting to any sim. Thus, avatar is logged in but still "nowhere".
3. Then SL server returns the one-time login token. This token can be used only once to connect to a sim.
4. Your browser picks this login token and forwards it to the SpeedLight server.
5. SpeedLight server picks the token, connects you to a sim and keeps your avatar online.

From this moment, SpeedLight server receives the binary data from SL and forwards it to all your connected devices (browser, mobile, app). SpeedLight server also receives commands from your devices and forwards them to SL. That's how you can switch your devices seamless. There's no multiple instances logged in - there's a single instance on the SpeedLight server which is being controlled from your devices.

SpeedLight server does not see your credentials. And it can't login back if you logout (since the login token is one-time).

This scheme utilizes the native abilities provided by Second Life.
We've got through them with Linden Lab. SpeedLight got approved as TPV after LL checked we comply with TPV requirements..

[Garnet Psaltery]

@Glaznah Gassner I looked into your viewer but I did not proceed.  I felt that there was too much involvement by commercial interests gaining access to my data, and I was concerned about your use of WhoisGuard to shield your domains.  Do you have any comments on these concerns?

[Tari Landar]

I was mostly curious  as to how SL maintains your connection information within the viewer itself if the device through which you're connected changes (ie, go into the about section to see one's system information) If the system changes, that information should change as well.  It seemed doubtful it could change so seamlessly without presenting some potential security issues, and without a new login instance that records that information and sends it on to the LL servers.  I appreciate you taking the time to respond, thank  you. 

7 hours ago, Glaznah Gassner said:

 SpeedLight got approved as TPV after LL checked we comply with TPV requirements..

However, this last bit here....

 LL doesn't "approve" TPVs, you merely approve yourselves and provided you don't do anything that would otherwise put yourself under a microscope, LL largely stays out of the process. TPVs approve themselves by saying "yes, we agree to follow the rules", and then, doing exactly that, following the rules. There is no rigorous approval process required, nor does LL regularly check for compliance, they only check when there's concern of non-compliance being reported (and they won't put the TPV on the list if they fail to agree to the terms). They're by and large,hands off when it comes to TPVs, whenever possible, lol. (though, they could learn a lot from some of them)

[Wulfie Reanimator]

8 minutes ago, Tari Landar said:

I was mostly curious  as to how SL maintains your connection information within the viewer itself if the device through which you're connected changes (ie, go into the about section to see one's system information) If the system changes, that information should change as well.  It seemed doubtful it could change so seamlessly without presenting some potential security issues, and without a new login instance that records that information and sends it on to the LL servers. 

The device that logs into SL is not your desktop/tablet/phone/fridge. The "device" is within Speedlight itself. No matter which device(s) you use to view the webpage at any (or the same) time, only one "device" is constantly logged in.. and it's none of the ones you're touching.

It's "seamless" because there literally isn't a seam that could exist. The webpage is there only to display the data received by the viewer, but the viewer doesn't depend on the webpage to stay open or even exist. 

Edited February 4, 2020 by Wulfie Reanimator

[Glaznah Gassner]

2 hours ago, Garnet Psaltery said:

@Glaznah Gassner I looked into your viewer but I did not proceed.  I felt that there was too much involvement by commercial interests gaining access to my data, and I was concerned about your use of WhoisGuard to shield your domains.  Do you have any comments on these concerns?

We try to stay away off user's personal data as much as possible.

For example, SpeedLight has to store IMs to show them across the devices (and to allow the offline IMs history). But we understand that this can be unacceptable by some users. We've added the end-to-end IMs encryption so IMs are stored encrypted, and being decrypted in your browser only (more details here).

SpeedLight is the commercial viewer: we charge the money for the "Gold facility" features. This is how we earn money to maintain the project.

As for WhoisGuard: the domains contacts contain the sensitive data (phone and address). I do not conceal my name, company and location but don't want to reveal my personal details.

 

19 minutes ago, Tari Landar said:

t seemed doubtful it could change so seamlessly without presenting some potential security issues, and without a new login instance that records that information and sends it on to the LL servers.

The new login instance is created only when your avatar logins. And yes, this instance contains the sensitive data, that's why LL demands it to be sent to SL servers directly (without any proxy). Once you are logged in, SpeedLight server is able to keep your avatar connected. But it does not have an access to any login data (and not able to re-log you if, for example, sim restarts).

 

19 minutes ago, Tari Landar said:

 LL doesn't "approve" TPVs, you merely approve yourselves and provided you don't do anything that would otherwise put yourself under a microscope, LL largely stays out of the process. TPVs approve themselves by saying "yes, we agree to follow the rules", and then, doing exactly that, following the rules. There is no rigorous approval process required, nor does LL regularly check for compliance, they only check when there's concern of non-compliance being reported (and they won't put the TPV on the list if they fail to agree to the terms). They're by and large,hands off when it comes to TPVs, whenever possible, lol. (though, they could learn a lot from some of them)

Correct, there's no microscope examination. However, the SpeedLight login procedure has been examined more thoroughly by Linden Lab (we had about a month working on it). There were two reasons:

• there were no web viewers before, and LL had to take care about security,
• it was necessary to make some updates to SL servers for us. It is also unusual, and we were coordinating the protocols and headers.

However, LL does not guarantee any TPV functionality. It is me who guarantee the compliance with TOS and TPV policy. I have multiple businesses in SL running for years, and it is vital for me to stay in a good standing.

[Oz Linden]

On 2/2/2020 at 5:28 PM, Ardy Lay said:

I see Oz Linden added SpeedLight to the Third Party Viewer Directory.  What I don't understand is why SpeedLight is currently in the Active Full Viewers category when it does not, currently, provide a view into the virtual world of Second Life

Good point - my mistake.  Fixed.

It will of course be moved back if/when the 3D view is in production.

[Ardy Lay]

6 hours ago, Oz Linden said:

Good point - my mistake.  Fixed.

It will of course be moved back if/when the 3D view is in production.

10-Q!

[BadCoder]

There's a button to save the secondlife password with SpeedLight. Doesn't this go completely against the TOS for third party viewers? Not to mention the username portion of the TOS as well

Quote

d. You must not use or distribute features or functionality that transmit Second Life usernames or passwords anywhere except to Linden Lab servers. Third-Party Viewers must not retain a user’s username or password anywhere except on the user’s own system.

 

[Tari Landar]

13 hours ago, Wulfie Reanimator said:

The device that logs into SL is not your desktop/tablet/phone/fridge. The "device" is within Speedlight itself. No matter which device(s) you use to view the webpage at any (or the same) time, only one "device" is constantly logged in.. and it's none of the ones you're touching.

It's "seamless" because there literally isn't a seam that could exist. The webpage is there only to display the data received by the viewer, but the viewer doesn't depend on the webpage to stay open or even exist. 

I understand that, I was explaining where the question (and similar ones people are asking, regarding security, about it) came from. 

13 hours ago, Glaznah Gassner said:

Correct, there's no microscope examination. However, the SpeedLight login procedure has been examined more thoroughly by Linden Lab (we had about a month working on it). There were two reasons:

• there were no web viewers before, and LL had to take care about security,
• it was necessary to make some updates to SL servers for us. It is also unusual, and we were coordinating the protocols and headers.

However, LL does not guarantee any TPV functionality. It is me who guarantee the compliance with TOS and TPV policy. I have multiple businesses in SL running for years, and it is vital for me to stay in a good standing.

 LL doesn't really "vet" any beyond taking a rather shallow look around (for specific things, of course) and then... "ok, you're compliant  from what we can see right now", "do you plan to stay compliant? If so, pinky promise you will, and we'll add you to the list". Then they go hands off until or unless you, or your viewer, cause problems for them. Not everyone in sl seems to understand this, some do assume that being on that list means LL put the TPV(and its staff) through some kind of in depth approval process. Or, at least, some people that were chatting in a group about it seem to think that, lol. 

 I fully support LL and their approach.  As  a TPV exclusive user (can't stand the LL viewer, lol) I understand their approach,  accept that all risk falls on my shoulders, and also accept the fact that the whole approval process is as minimal as LL can possibly get away with, by purposeful design. This always has been the way, it ain't changing, and I'm cool with that,, definitely not knocking them, you or our viewer

I'm quite certain it will come in handy for a lot of people. 

[Glaznah Gassner]

2 hours ago, BadCoder said:

There's a button to save the secondlife password with SpeedLight. Doesn't this go completely against the TOS for third party viewers? Not to mention the username portion of the TOS as well

 

The password is being saved in your browser's storage, your own system. As for the username portion - that's the good point. I will consult regarding this.

[Gayngel]

For those who don't know, Glaznah Gassner is the creator/developer of Smartbots.😛

[Garnet Psaltery]

@Gayngel, I fail to see the point of your comment.  That is not a request to explain anything.

[belindacarson]

I posted a question on his viewer thread, asking if his site /viewer etc is GDPR compliant etc, but so far no answer.

 

Glaznah, could you address this please?

 

(Note for non EU users: GDPR is a European wide data protection law that limits what a site etc can do with a user's personal info, how they collect it, use of cookies etc.  I think there's something similar for California users?)

[Alyona Su]

8 hours ago, belindacarson said:

I posted a question on his viewer thread, asking if his site /viewer etc is GDPR compliant etc, but so far no answer.

 

Glaznah, could you address this please?

 

(Note for non EU users: GDPR is a European wide data protection law that limits what a site etc can do with a user's personal info, how they collect it, use of cookies etc.  I think there's something similar for California users?)

Yes, the rest of the world knows what it is, no need to be condescending. As for being "compliant" - if it doesn't store any data, then it is compliant. Even if it does store data, it doesn't have to be compliant (as long as a notice of such is posted., and basically stating 'EU people keep out" LOL) My point being that you may not be asking the right question; the real question is does the system store any data other than what is dropped onto your local system, right?

[Hensonian Pennyfeather]

Correct. OnLive was a  TPV that even Firestorm was working with before it was sold. I used it and loved it. I could run all my graphics on high and have 0 lag. I could ever run it on my tablet. For the first time I was able to truly experience the full beauty of SL. I have missed that terribly. A few days ago I found the speedlight site through Natales Things blog and I tested it out. Comparatively it had some slowness at first but that is to e expected. Each time I logged back into the area, there was some improvement, and I was running it on my cheap $100 phone (because Ibelieve in cheap phones lol). They don't have avatars yet, but one must crawl before one can walk. I even briefly tested it in my Linden home. I had no idea how nice the floors looked and that my leather couches actually shone until I tried Speedlight, but then I was late for a meeting so I left. I will be testing it tonight on my tablet. I think they are moving in the right direction and Inhave applied to be a beta tester. I cab;t wait to see what they accomplish.

Edited May 12, 2020 by Hensonian Pennyfeather

[HermioneJT]

@Glaznah Gassner Would it be correct to say the server is keeping the connection open which was made with the token. Which is why you can switch devices, because you dont need to store credentials because it doesnt drop the connection.  Likely why you login to speedlight with one account then make a connection to sl, because you wouldnt use your sl account credentials for that as ll would complain. So the password information if saved is saved locally on host device?

Additionally these changes you mentioned that were needed. Are those documented anywhere? 

Finally, for 3d, and likely some of the asset data, you said you are transforming it to be optimized for web use. 

Would this be similar to having an active caching proxy, where its transforming the data on the fly, askin to hmm real time transcoding for audio video?

Thanks

[Glaznah Gassner]

 

10 hours ago, HermioneJT said:

Would it be correct to say the server is keeping the connection open which was made with the token. Which is why you can switch devices, because you dont need to store credentials because it doesnt drop the connection.

Right. The scheme is the following:

1. You connect to Second Life using your browser. The login/password are being sent directly to SL login server.
2. Login server returns the session token to the browser.
3. Browser sends this session token to our server to keep the connection even when you turn off your device

The session token can not be re-used. So when you logout, the login/password is required to login again. And only you know them.

11 hours ago, HermioneJT said:

Additionally these changes you mentioned that were needed. Are those documented anywhere? 

Do you mean the SL login server changes?

 

11 hours ago, HermioneJT said:

Would this be similar to having an active caching proxy, where its transforming the data on the fly, askin to hmm real time transcoding for audio video?

Yes, it is very similar to your example. 

Our server is to fetch 3D data, re-code and optimize it a bit. Then store to a caching server, so identical geometries and textures are stored as a single instance.

The main problem is the amount of data to be sent to your viewer. So, for example, if you see 6 similar pillars in-world, we would not generate them all. One instance is downloaded then 5 copies are created in your local 3D. One of the jobs of the "active caching proxy" is to detect such copies and mark them accordingly. Another job is to quickly determine objects within the viewing rage, and provide them only.

[Lindal Kidd]

On 2/11/2020 at 5:42 PM, Gayngel said:

For those who don't know, Glaznah Gassner is the creator/developer of Smartbots.😛

Quote

@Gayngel, I fail to see the point of your comment.  That is not a request to explain anything.

Garnet, I think Gayngel is trying to make a point I alluded to way back near the start of the thread. Smartbots is a HUGE product, used by thousands of people, and it is a subscription service that keeps the money rolling in. Glaznah would be insane to be running a scam or anything dodgy that would jeopardize that. Another point is that Smartbots is an incredibly CLEVER product, and it keeps getting more so. That sort of establishes Glaznah as a genius-level SL creator, one of the few who've managed to make a product that's created its own unique market.

[Anna Nova]

I tried it.  So far so good.  Just checked, my Swiss Bank account has not been drained of my billions so far.

This the most exciting new development for ages, thank you @Glaznah Gassner

also thanks to the OP @Drew Mysteriousfor making me aware of this.

[Sid Nagy]

On 6/4/2021 at 7:18 AM, Glaznah Gassner said:

 

The scheme is the following:

1. You connect to Second Life using your browser. The login/password are being sent directly to SL login server.
2. Login server returns the session token to the browser.
3. Browser sends this session token to our server to keep the connection even when you turn off your device

The session token can not be re-used. So when you logout, the login/password is required to login again. And only you know them.

Asking for the use of any TVP,  and certainly not to accuse someone of something, but simply in general:

Isn't it relatively easy to program a step 1a into the procedure for those TPV coders who would have criminal minds, where the author has a quick peek at the user and password information (and store it somewhere) before putting it in the safe hands of LL?
We once had coders with criminal ideas already, something with green or so, remember?

Edited June 14, 2021 by Sid Nagy

[Ardy Lay]

26 minutes ago, Sid Nagy said:

Asking for the use of any TVP,  and certainly not to accuse someone of something, but simply in general:

Isn't it relatively easy to program a step 1a into the procedure for those TPV coders who would have criminal minds, where the author has a quick peek at the user and password information (and store it somewhere) before putting it in the safe hands of LL?
We once had coders with criminal ideas already, something with green or so, remember?

The development team you allude to was a bit of a mixed bag, but, I don't recall them doing any credential theft.  It was usually little hidden "features" such as making it so any user could copy any texture they can see with a simple click of an eye-dropper tool, bypassing the "is it in my inventory and is this usage allowed" checks.  There were some "content backup" features and an automated build tool that when used together gave any user the ability to quickly copy any build, no mater who created or owned it or what the original's permissions were.

Oh, they also created many social-discord causing features such as identifying who is looking by name, identifying what viewers others are using, exposing parcel media URLs to all (LL later did this too which made a lot of people very angry), repeatedly sending "X stopped typing" messages to the extent of increasing the messaging load on the simulator noticeably and more, some of which will start arguments here if I list them, and probably a lot more that I didn't recognize when reviewing the source code.

To be clear, I am not referring to the Phoenix Firestorm team.  I believe they have restored sanity to the arena by stepping up to serve Second Life Residents by producing a viewer with the non-nefarious features they had become accustomed to.  Some of the "social-discord" stuff is in there but I find it easier to just kick and ban the idiots that mouth off at me for looking at them, etc.

[Sid Nagy]

I only used the Emerald thingy to show that there have been some not totally honest TPV writers in the past already.

Now I´m no programmer at all, but I recon it should be possible to disguise users through coding, by taking over the log in process. unnoticed, by collecting the username and password, save them for later use, and then give them to the LL log in process as if nothing happened.
Question of a split second.

Again, I´m not accusing anyone, just simply asking if it could be possible for criminal minds to do so.
I think the answer is yes. But I would love to read what others think about that.

Edited June 14, 2021 by Sid Nagy

[Lindal Kidd]

Of course the answer is yes. That's why it's not a great idea to use dodgy TPVs that aren't on the official list. The official list isn't a surefire guarantee, but it's better than nothing.