Questionable MP item ..

[Scylla Rhiadra]

1 minute ago, Rolig Loon said:

For the same reason that engineers sometimes add extra "features" to all sorts of consumer devices: "It's easy, so why not?"  It's Sir Edmund Hillary's rationale for climbing Mt Everest: "Because it is there."

Technological Solutionism strikes again.

I suppose it'll be up to LL to decide if this "extra feature" poses a sufficient potential threat to shut down the device, but I'd no more allow this device access to my cookies, etc., than I would click on an unknown link sent by a random person in an email or IM. It may well be nothing more than a case of "We can do this, so let's do it!" (which is a crappy and unethical way of thinking about these things anyway), but this device seems to me to violate an central tenet of online safety and privacy.

[Innula Zenovka]

Just now, Scylla Rhiadra said:

But this is my point. IF the sole point is as listed, it makes no sense to ask the visitor to open a web page. That's overkill.

The fact that it does seems to me suspicious?

I need them to open the webpage so the script and the webpage can talk to each other.    The script grabs two of the many pieces of data the webpage sends it, and junks the rest, does some stuff inside lsl to answer the question "does what I've just grabbed match the data for any previous visitor to this parcel?"    

That's all -- I have my Yes/No answer and forget the rest.  

It needs the webpage in order to work, but that's all.

[Scylla Rhiadra]

1 minute ago, Innula Zenovka said:

I need them to open the webpage so the script and the webpage can talk to each other.    The script grabs two of the many pieces of data the webpage sends it, and junks the rest, does some stuff inside lsl to answer the question "does what I've just grabbed match the data for any previous visitor to this parcel?"    

That's all -- I have my Yes/No answer and forget the rest.  

It needs the webpage in order to work, but that's all.

Assuming that they are being genuine about not collecting and storing other kinds of data. And it still seems overly-elaborate to me.

I wouldn't trust an unknown web link sent to me by someone I didn't already know well. Why on earth would anyone choose to trust this device?

[Rolig Loon]

1 minute ago, Scylla Rhiadra said:

IF the sole point is as listed, it makes no sense to ask the visitor to open a web page. That's overkill.

Not quite.  The user has at least two ways to gain access to the visitor's IP address, by scraping it from the header in a data stream (if the visitor has streaming media enabled) or by getting it from the header when the visitor accesses a web page. People are accustomed to opening web sites, so a "Click Here" request seems harmless.  We don't usually ask people to enable streaming media, though, so visitors are much less likely to comply.  Regardless of how much extra stuff the user can glean by either route, if you really want to get an IP address, the "Click Here" option is likely to be more successful.

[Scylla Rhiadra]

2 minutes ago, Rolig Loon said:

Not quite.  The user has at least two ways to gain access to the visitor's IP address, by scraping it from the header in a data stream (if the visitor has streaming media enabled) or by getting it from the header when the visitor accesses a web page. People are accustomed to opening web sites, so a "Click Here" request seems harmless.  We don't usually ask people to enable streaming media, though, so visitors are much less likely to comply.  Regardless of how much extra stuff the user can glean by either route, if you really want to get an IP address, the "Click Here" option is likely to be more successful.

Ok, so this is essentially a way to get around the "you need to be streaming media" thing. And it seems to make more sense to ask a visitor to open a web site than to start streaming media?

I think I get it now, but it's still enormously intrusive, and potentially dangerous.

[Silent Mistwalker]

1 hour ago, Coffee Pancake said:

kick bans everyone it determines is on a shared IP address.

So people want to ban myself and my husband simply because we live in the same house and share an internet connection? What is wrong with people? 😲

[Rolig Loon]

31 minutes ago, Scylla Rhiadra said:

I think I get it now, but it's still enormously intrusive, and potentially dangerous.

It is intrusive and potentially dangerous.  As Innula says, though, without evidence that the scripter is actually collecting and using the information that becomes available when a visitor clicks, there's no way to prove that there's a violation of the TOS.  After all, a visitor is being asked (however unwittingly) to opt IN to data collection, so always has the option to just walk away.

18 minutes ago, Silent Mistwalker said:

So people want to ban myself and my husband simply because we live in the same house and share an internet connection? What is wrong with people? 😲

Yeah, that's the really stupid side to this whole business. Roommates or other people who share an IP address for perfectly good reasons (in a dormitory, a library, or coffee shop) get swept up together and assumed to be alts.  

Edited June 7, 2021 by Rolig Loon
typos. as always.

[Kimmi Zehetbauer]

Who's to say the special webpage don't load viruses and stuff into your machine?

[Rolig Loon]

Just now, Kimmi Zehetbauer said:

Who's to say the special webpage don't load viruses and stuff into your machine?

That's a separate concern, and a real one.  Grade school children are taught not to just click on URLs without thinking.  Sadly, the TOS can't legislate common sense.

[Qie Niangao]

It seems completely up-front about why it wants you to open the web page and what will happen (as far as you know) if you do or don't.

Because it has a whole live browserful of metadata to examine, it could get a much more precise signature than just the IP address, but because alts might use different browsers sloppiness may be advantageous here. Anyway, I doubt it does anything requiring even that bit of extra work, especially if it's only doing what it says.

If so, it could be a pretty simple script and web app. The only thing that makes me suspicious that it could be more is that it's free and yet the script isn't open source. (The URL is already exposed in the viewer dialog, so I'm not sure what secret the script could have worth protecting.) Or maybe it wasn't always free, or won't always be free, because it's also NO-COPY and the listing says "if you need a lot then contact me for a bulk deal."

An aside:

50 minutes ago, Innula Zenovka said:

The experience, I think, is primarily used for local data storage.  

It doesn't appear to ask you to join an Experience, only to follow the link to the website. The demo parcel does have a custom Experience defined, but it seems unlikely to be related to the whole alt-banning thing. (They certainly could use that Experience for local data storage without asking anybody anything, but in this particular application it would seem more difficult to use Experience KVP than any handy hosted database inasmuch as the data is already being collected on an external service.)

[Innula Zenovka]

31 minutes ago, Qie Niangao said:

It seems completely up-front about why it wants you to open the web page and what will happen (as far as you know) if you do or don't.

Because it has a whole live browserful of metadata to examine, it could get a much more precise signature than just the IP address, but because alts might use different browsers sloppiness may be advantageous here. Anyway, I doubt it does anything requiring even that bit of extra work, especially if it's only doing what it says.

If so, it could be a pretty simple script and web app. The only thing that makes me suspicious that it could be more is that it's free and yet the script isn't open source. (The URL is already exposed in the viewer dialog, so I'm not sure what secret the script could have worth protecting.) Or maybe it wasn't always free, or won't always be free, because it's also NO-COPY and the listing says "if you need a lot then contact me for a bulk deal."

An aside:

It doesn't appear to ask you to join an Experience, only to follow the link to the website. The demo parcel does have a custom Experience defined, but it seems unlikely to be related to the whole alt-banning thing. (They certainly could use that Experience for local data storage without asking anybody anything, but in this particular application it would seem more difficult to use Experience KVP than any handy hosted database inasmuch as the data is already being collected on an external service.)

I guess what I had in mind was, when an avatar arrives on the parcel, check to see if this is someone who's visited before.   If they have, then it's someone I know, so that's OK.    If they haven't, then process their details.    This will include, assuming they're a genuine first-time visitor and not an alt, recording both their uuid and the relevant details retrieved from the web page for future reference, and KVP (keyed to the parcel) would be a secure way to do it.

That would be one reason for making the scripts no mod -- it would break the script if anyone tried to mod it who wasn't an experience contributor, which might pose problems for customer support.

I guess it will be really useful to people who enjoy that so-and-so is so-and-so's alt drama that's SL's alternative to Jerry Springer.   

[Adamburp Adamczyk]

has anyone taken a minute to flag this, or report this?

 

@Tommy Lindensupertom, any advice on reporting this please?

[Rolig Loon]

4 minutes ago, Adamburp Adamczyk said:

has anyone taken a minute to flag this, or report this?

Scroll back to :

3 hours ago, Scylla Rhiadra said:

Flagged on MP.

The available categories aren't terribly clear. I chose "Disallowed Listing Practices" >> "Harmful or disruptive content."

 

[Qie Niangao]

4 minutes ago, Innula Zenovka said:

That would be one reason for making the scripts no mod -- it would break the script if anyone tried to mod it who wasn't an experience contributor, which might pose problems for customer support.

I guess. I mean, is there something I missed that tells us the thing actually uses the parcel Experience? The listing says "This is a tool for land owners (and renters)" and a renter would need the landowner to enable any Experience. I agree that there could be more data to record than the typical, old-timey security orb, so KVP would be handy, although this would mean one Experience's KVP store would be shared by every instance of the device, so maybe the old-timey script memory would be better.

[Innula Zenovka]

5 minutes ago, Qie Niangao said:

I guess. I mean, is there something I missed that tells us the thing actually uses the parcel Experience? The listing says "This is a tool for land owners (and renters)" and a renter would need the landowner to enable any Experience. I agree that there could be more data to record than the typical, old-timey security orb, so KVP would be handy, although this would mean one Experience's KVP store would be shared by every instance of the device, so maybe the old-timey script memory would be better.

I grabbed a copy to take a look at it.   According to the Help notecard, there are two requirements for the script to work.

Quote

Requirement #1:
This must be owned by the Land-Owner in order to be able to ban and eject alts.
That means you can only really use it on parcels of land that you own.

Requirement #2:
You will need to add the Anomaly-Online user experience to the parcel's Allowed Experiences list.
This is very important, the script will not even run if you don't complete this step.
The script in this is compiled to use the Anomaly-Online experience and cannot run without it.

Hints:
If you rezzed this before adding the experience to the parcel then you may need to re-rez it, or reset the scripts.
You'll know it's working when it shows a pop up asking you to visit a special URL to prove you're not using alts.
If you're the owner then this can't ban you, but it can still eject you.  Please make sure to accept the pop up to avoid interruptions,
or add yourself to the WhiteList so that it doesn't test you

 

[Rolig Loon]

5 minutes ago, Qie Niangao said:

15 minutes ago, Innula Zenovka said:

That would be one reason for making the scripts no mod -- it would break the script if anyone tried to mod it who wasn't an experience contributor, which might pose problems for customer support.

I guess. I mean, is there something I missed that tells us the thing actually uses the parcel Experience? The listing says "This is a tool for land owners (and renters)" and a renter would need the landowner to enable any Experience. I agree that there could be more data to record than the typical, old-timey security orb, so KVP would be handy, although this would mean one Experience's KVP store would be shared by every instance of the device, so maybe the old-timey script memory would be better.

You might just be overthinking this. I think the simplest explanation is that the scripter hasn't really thought through things in much depth and is merely following the common practice of setting scripts to no-mod.  I agree that there's little advantage to making the script run in an Experience unless it really is collecting a whale of a lot more than just an IP address, but that decision too may have been made without much deep thought.

[Phil Deakins]

I didn't read all the later posts but, up to where I read, nobody mentioned the obvious, although one person did use the word. Cookies.

Opening a webpage can cause a cookie to be stored on most computers. IP addresses are not needed, and neither is any other information that can be gleaned from requesting the webpage. It has the advantage of different computers in the same household (on the same IP address) not being matched together.

I believe that, here in Europe, it is illegal to put cookies onto computers without specific permission, but that wouldn't stop many people from doing it.

As long as the system requires people to open a webpage, cookies are my favourite reason for it, and not the data that is stored in the website's log files.

Edited June 7, 2021 by Phil Deakins

[Rowan Amore]

9 minutes ago, Phil Deakins said:

I didn't read all the later posts but, up to where I read, nobody mentioned the obvious, although one person did use the word. Cookies.

Opening a webpage can cause a cookie to be stored on most computers. IP addresses are not needed, and neither is any other information that can be gleaned from requesting the webpage. It has the advantage of different computers in the same household (on the same IP address) not being matched together.

I believe that, here in Europe, it is illegal to put cookies onto computers without specific permission, but that wouldn't stop many people from doing it.

As long as the system requires people to open a webpage, cookies are my favourite reason for it, and not the data that is stored in the website's log files.

I think that might be what I quoted earlier from LL's privacy policy.

Edited June 7, 2021 by Rowan Amore

[Wulfie Reanimator]

6 hours ago, Coffee Pancake said:

smutty rendezvous

This is now my favorite phrase of the month.

[Qie Niangao]

1 minute ago, Innula Zenovka said:

I grabbed a copy to take a look at it.   According to the Help notecard, there are two requirements for the script to work.

Ah, thank you! Yeah, but now I'm starting to get genuinely suspicious of that Experience requirement. I sent an alt in to the demo parcel (and sacrificed him to the webpage, may my browser security be up to the task) and at no point did he get asked to join an Experience. Neither did I, earlier, when I went to the parcel and waited to get booted, so I agree that the Experience is being used for data storage, not for some more sophisticated teleporting-away or anything involving the visiting avatar. The question is what data is being stored? If it's going into that Experience, as I mentioned, that storage is shared by all script instances compiled to that Experience. In theory, they could exchange alt information or something but that doesn't seem to be a feature of this product (and some parcels may be fine with allowing visitors who could be known alts on other parcels). So if it's collecting a grand unified store of alts, it's not in service of the product (but it's also gonna run out of space; KVP only gets—what?—16MB?).

@Rolig Loon is probably right that I'm overthinking this, but now I'm genuinely suspicious about that Experience and would like to think Governance is looking behind that particular curtain, as part of or in addition to the risk of alt exposure.

[Coffee Pancake]

The required use of an experience that doesn't need visitor permission makes it entirely about data storage.

Data stored in an experience is not locked to the land or a single script.

This is using a external database, it's just cleverly designed to host / access it inside SL using experiences.

http://wiki.secondlife.com/wiki/Category:Experience_Tools

 

 

[Innula Zenovka]

4 minutes ago, Coffee Pancake said:

The required use of an experience that doesn't need visitor permission makes it entirely about data storage.

Data stored in an experience is not locked to the land or a single script.

This is using a external database, it's just cleverly designed to host / access it inside SL using experiences.

http://wiki.secondlife.com/wiki/Category:Experience_Tools

 

 

It could just as easily store the same data in local memory, I think.   You wouldn't be able to store anywhere near as much, of course, though in practice I can't see that being an issue.

If I wanted to store data about visitors to a parcel or region for later analysis, I'd be posting it to Google  Sheets, not storing it in KVP, since that's going to make my life so much easier later on. 

[Coffee Pancake]

I don't care where it stores the data to be honest .. it does .. and even if they didn't use experiences as the store, they could seamlessly do it on a website.

This thing is Redzone all over again.

[Finite]

I don't understand the issue. Like why would this be necessary? I log on alts all the time. Sometimes at clubs I'll dance with an alt so some rando doesn't approach me. I've even RP'd before with alts in the same scene. I could see if it's a full sim or something but what's wrong with having alts on at same time?

[Innula Zenovka]

19 minutes ago, Qie Niangao said:

The question is what data is being stored? If it's going into that Experience, as I mentioned, that storage is shared by all script instances compiled to that Experience. In theory, they could exchange alt information or something but that doesn't seem to be a feature of this product (and some parcels may be fine with allowing visitors who could be known alts on other parcels). So if it's collecting a grand unified store of alts, it's not in service of the product (but it's also gonna run out of space; KVP only gets—what?—16MB?).

I think it's something that works well on a parcel level but doesn't necessarily scale.    The obvious solution would be to release the script full perms, with a note that you'll have to own an experience (or be an experience contributor) and set the land to your own experience to make it work, but whoever made the thing hasn't done that, for whatever reason (maybe they didn't consider it).    I don't know how how many KVP keys a database can hold by default -- a great many, I do know that.     

In practice, though, I think local memory would be quite adequate unless you had a really high traffic parcel.