Jump to content

Bait and Switch

Coffee Pancake
 Share
You are about to reply to a thread that has been inactive for 1090 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Coffee Pancake

Coffee Pancake

Posted
Posted (edited)

So, <hair brand> just broke all their HUDS remotely, they no longer change the hair and just throw a http script error if you spam click. So I assume they were phoning home.

<hair brand> creator profile says to just get a redelivery to fix the HUD issue.

The old <hair brand> meshes were modify, with no mod scripts. This was very useful and the primary reason I have a fair collection.

The new  <hair brand> meshes are all nomod and it appears all perms on the SLM are now nomod too.

 

So not only do I feel like I've been robbed, I'm wondering if I've been spied on too.

Thanks <hair brand>.

r7sYFep.png

YNLUNG9.png

 

The http error message generated by spamming the HUD, this hair was 100% phoning home, same error on multiple test regions with multiple huds. 

Too many erroneous (5XX) HTTP responses too fast.

--

Sorry, I should have been clearer - The hair is not checking for an update.

All the HUDs for the hair just stopped working. The only reason I found out about the "update" was the creator profile.

Edited by Coffee Pancake
Added OLD vs NEW edit screenshots. Added http error. Added clarification
  • Like 3
  • Thanks 3
  • Sad 4
Link to comment
Share on other sites
Qie Niangao

Qie Niangao

Posted
Posted
2 hours ago, Coffee Pancake said:

... same error on multiple test regions with multiple huds. 

Too many erroneous (5XX) HTTP responses too fast.

Too bad "multiple test regions", otherwise https://jira.secondlife.com/browse/BUG-230546 is the same error, suspiciously (but I guess coincidentally) recent.

I hate no-mod hair even more than most other no-mod things. 

  • Like 1
Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted (edited)

Not sure if it's the same hair brand, but I noticed this a month or so ago with the five or six sets of hair I have from a favourite hair store too. The newer hair is fine, but the ones I bought a few years ago are all broken -- same scripting message. I was wondering how that happened.

What would be the point of a simple hair HUD "phoning  home"? It's a pretty simple thing.

PS. I asked some friends with the same hair styles to test it . . . they had the same problem.

Edited by Scylla Rhiadra
Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted
3 hours ago, Coffee Pancake said:

The http error message generated by spamming the HUD, this hair was 100% phoning home, same error on multiple test regions with multiple huds. 

Checking to see if there's an update available, maybe, and the URL no longer works for whatever reason?    

Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted
Just now, Innula Zenovka said:

Checking to see if there's an update available, maybe, and the URL no longer works for whatever reason?    

In the case of the hair brand I'm talking about, I don't think I've ever seen an update from them. But honestly, I can't imagine what other reason there'd be for this.

  • Like 1
Link to comment
Share on other sites
Innula Zenovka

Innula Zenovka

Posted
Posted (edited)
4 minutes ago, Scylla Rhiadra said:

In the case of the hair brand I'm talking about, I don't think I've ever seen an update from them. But honestly, I can't imagine what other reason there'd be for this.

That's the main reason I can think of to make http requests each time some wears or logs in wearing something.     I'm pretty sure that most of the main vending systems offer that as an option, so I can see someone dropping a script in their hair, in case they ever needed to do an update, even if they didn't ever plan to, just because it was there and they'd paid for it, so why not include it, just in case you ever need it?

Edited by Innula Zenovka
  • Thanks 1
Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted
Just now, Innula Zenovka said:

That's the main reason I can think of to make http requests each time some wears or logs in wearing something.     I'm pretty sure that most of the main vending systems offer that as an option, so I can see someone dropping a script in their hair, in case they ever needed to do an update, even if they didn't ever plan to, just because it was there and they'd paid for it.

Or . . . the hair brand is actually owned by Bill Gates, and this is what he does in SL because the microchips in the vaccine don't work properly here? (And indeed, what does, what does?)

  • Like 1
  • Haha 4
Link to comment
Share on other sites
Marianne Little

Marianne Little

Posted
Posted

This was a sneaky way to force us to use no modify hair, making the mod hair useless and put no mod versions in the redelivery. 😡

I read Seraphimsl, and saw it's a new event called [MOD]IFY. Only modifiable content.

It is becoming to look like it's nothing modifiable left to buy, creators make so much more no mod, and it is getting worse.

  • Like 6
Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted
Just now, Marianne Little said:

I read Seraphimsl, and saw it's a new event called [MOD]IFY. Only modifiable content.

That is a reassuring sign, though. Obviously some creators are recognizing that there is a demand for mod content.

  • Like 3
Link to comment
Share on other sites
Wulfie Reanimator

Wulfie Reanimator

Posted
Posted (edited)

Sad to see this happen.

The 5xx HTTP errors are things like "Internal Server Error", "Bad Gateway", or "Service Unavailable."

They probably just ditched the server/domain they were using and/or moved to another one. Since the scripts can't be updated remotely (and weren't developed with this situation in mind), they're stuck trying to communicate with the obsolete address.

The most innocent use-case would be checking for updates. I can also imagine it being another misguided creator trying to prevent copybotting by having the scripts check back with the server. (Won't work, btw.) The new items being no-modify would kind of support this idea.

One thing you can try to do in the future is check whether your objects are reserving URLs (Avatar > Avatar Health > Scripts), but it'll only tell you if a script has the potential to receive external communications. A script doesn't need to reserve URLs to send stuff out to external servers.

Edited by Wulfie Reanimator
  • Like 4
Link to comment
Share on other sites
RunawayBunny

RunawayBunny

Posted
Posted
2 hours ago, Wulfie Reanimator said:

They probably just ditched the server/domain they were using and/or moved to another one. Since the scripts can't be updated remotely (and weren't developed with this situation in mind), they're stuck trying to communicate with the obsolete address.

They can probably make a smooth update for domain switch.. Send user a update before taking down previous domain, new update points new domain, user will not notice anything.

I am guessing creator activated kill switch intentionally (assuming its their update server). If they are creating content very long time they will probably not take down domain without a proper update and they probably know it.

Another possibility creator using third party update service and its gone silent.

Link to comment
Share on other sites
Wulfie Reanimator

Wulfie Reanimator

Posted
Posted
23 minutes ago, Coffee Pancake said:

A script phoning home to see if an update is available and a script phoning home for permission to operate are two different things.

The error is issued from the hair, not the hud.

Probably the misguided copybot protection then. Have you tried asking the creator what purpose the server has?

21 minutes ago, RunawayBunny said:

They can probably make a smooth update for domain switch.. Send user a update before taking down previous domain, new update points new domain, user will not notice anything.

I am guessing creator activated kill switch intentionally (assuming its their update server). If they are creating content very long time they will probably not take down domain without a proper update and they probably know it.

Another possibility creator using third party update service and its gone silent.

Even if you send out the update before losing the old server, there's no guarantee that customers will update (whether they ignore the update or fail to update some specific outfit with the old version).

Link to comment
Share on other sites
Charlotte Bartlett

Charlotte Bartlett

Posted
Posted
3 hours ago, Marianne Little said:

This was a sneaky way to force us to use no modify hair, making the mod hair useless and put no mod versions in the redelivery. 😡

I read Seraphimsl, and saw it's a new event called [MOD]IFY. Only modifiable content.

It is becoming to look like it's nothing modifiable left to buy, creators make so much more no mod, and it is getting worse.

we are still Mod!   Fashion / hair etc sadly mostly no mod.  H&G rely on Mod or our stuff becomes useless to people.

  • Like 5
  • Thanks 1
Link to comment
Share on other sites
RunawayBunny

RunawayBunny

Posted
Posted (edited)
28 minutes ago, Wulfie Reanimator said:

Even if you send out the update before losing the old server, there's no guarantee that customers will update (whether they ignore the update or fail to update some specific outfit with the old version).

Yep.. This is why we have group notices redelivery and subscription systems :o

21 minutes ago, Coffee Pancake said:

All the HUDs just stopped working. The only reason I found out about the "update" was the creator profile.

Too many erroneous (5XX) HTTP responses too fast. Seems HUD it self tied to a server for functioning properly.

I made some items that stops functioning if object's creator / size / number of prims / root and child prim description changes. It will also require activation from external server.

I am guessing your hair expecting a answer from server for running properly. But answer not available with 5xx error so creator making a forced update and taking down previous product by disabling it..

This is only logical explanation I came up with :o Is it allowed or ethical I don't know.

I think best way to find out asking the content creator :) I am curious about answer.

Edited by RunawayBunny
Link to comment
Share on other sites
Jenna Huntsman

Jenna Huntsman

Posted
Posted (edited)
56 minutes ago, RunawayBunny said:

They can probably make a smooth update for domain switch.. Send user a update before taking down previous domain, new update points new domain, user will not notice anything.

This is a pretty silly way of doing it, unfortunately.

The best way I can think of off the top of my head (that does mean to say, there are probably better ways than this!) is to have the script do a HTTP request to a dynamic DNS address, so the URL of the domain is actually irrelevant and will always point to the correct IP of wherever the server is located. This means you don't even need to update if the backend domain changes, as long as the Dynamic DNS is kept up to date. This does, of course assume that the server is not the issue however.

With that said however, it's inexcusable that content should be broken by a (seemingly) unnecessary check, and the solution is to downgrade the customer. Who tf does that!?!

Edited by Jenna Huntsman
  • Like 2
Link to comment
Share on other sites
RunawayBunny

RunawayBunny

Posted
Posted
4 minutes ago, Jenna Huntsman said:

With that said however, it's inexcusable that content should be broken by a (seemingly) unnecessary check, and the solution is to downgrade the customer. Who tf does that!?!

There might be many reasons.. If script heavily relying data from object (description for storing data, size for storing data).. yep disabling script might be good idea or script will work awkward.

But for a hair product I don't see any reason to do it.

6 minutes ago, Jenna Huntsman said:

Dynamic DNS is kept up to date.

I never seen any reliable dyn dns service. Perhaps its just me.

Link to comment
Share on other sites
Paul Hexem

Paul Hexem

Posted
Posted (edited)
5 hours ago, Wulfie Reanimator said:

I can also imagine it being another misguided creator trying to prevent copybotting

This is especially funny, because if there were ever a situation where I wouldn't feel bad to see a creator get copybotted, it'd be a situation like this.

Breaking people's content remotely is basically begging them to copybot it to fix it.

Edited by Paul Hexem
  • Thanks 1
Link to comment
Share on other sites
Scylla Rhiadra

Scylla Rhiadra

Posted
Posted
1 minute ago, Coffee Pancake said:

I'm starting to wish we could see when scripts make HTTP connections.

Would help weed out the stuff that's active for no purpose beyond generating statistics and collecting information about the avatar.

Who on earth would be interested in such information, though? What would be the point? Even Facebook, that most insidious of data harvesters, doesn't seem to much care about identities that are not RL -- as witness the fact that they delete avatar accounts.

I'm not doubting you that this is happening, but what on earth could they find out about me that would be worth having?

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 1090 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...