Sorry. This is not OK. B bots profile scraping.

[Ezbeharra]

1 minute ago, Orwar said:

   Ah, I see. I should imagine I'm being stalked. We're all being stalked. I mean, the information isn't in the data they've published or anything, but I should imagine it could be. 

   How about we focus on worrying about reality rather than imagined possibly-maybes. I mean the president could be a lizard from Mars puppeteered by a secret global shadow government - I have no physical proof of the contrary, after all! 

Do you seriously believe that stalking does not happen in Second Life?

[Scylla Rhiadra]

36 minutes ago, Ceka Cianci said:

The only ones I remember Defending RZ was the ones using it.. hehehe

If they only knew what that guy had planned for them.. I remember seeing some of the videos that guy had in his library once we found out who he really was.. It was a lot worse than us getting our alts linked, that for sure..

That guy was scary..

Well, he was a POS of a whole different order, as borne out by the fact that he ended up facing RL charges for scams entirely unrelated to SL.

I've seen no evidence that BB is anything other than well-intentioned and benign. I certainly don't see it being monetized, which was xFire's whole thing. But whatever the intentions, I think it's worth keeping a close eye on this, because its impacts may be wholly unrelated to the original purpose of the data set

[Sid Nagy]

Some(one) doing all this work, just for the fun of it?
Nah... unlikely if you ask me.
There must be an agenda of some sort, but they will not publish that information on their website of course.

Edited January 21, 2023 by Sid Nagy

[Arielle Popstar]

11 minutes ago, Scylla Rhiadra said:

As I said, it's far too early for lynch mobs or public executions. I've suggested this should be watched. I don't see that as a panicky or unreasonable response.

You're also not really getting the "big / aggregate data" thing, are you? No one cares about your profile, Orwar.

I wouldn't be so sure because while we discuss this and the Lindens are resting for the weekend, there are others undoubtedly thinking up ways they can duplicate the information these bots are gathering and monetize it. If the Lab allows this to continue, we are sure to see copycats who may even go beyond the limits of these bots. This article is interesting if one hasn't already seen it. https://www.lounetizen.com/botdata/privacy/

[Dorientje Woller]

13 minutes ago, Solar Legion said:

Then utilize the Access controls and a Security system as outlined in the edits to the post you've quoted.

You sound like our government ... advising us to isolate/soundproof our homes against excessive noise during the night ... while it's forbidden to make excessive noise between 10 PM & 6 AM since 1835 on the whole territory of the country. Tackle the issue as solution, don't force your users to invest in solutions.

Edited January 21, 2023 by Dorientje Woller

[Caeruleiae]

55 minutes ago, Coffee Pancake said:

They have everything.

Right down to the texture UUID of your skin.

Not really everything, but they have a lot of data.  Yes, like a viewer. Everyone already has that data the second they see you too, including the UUID of your skin. But there is some data they don't have, like PII because it's not linked between the two, viewer and account, like that. The really important stuff, they can't mine, because they can't get access to it. That's not me saying a breach isn't possible. It's just not possible by these bots or the program that runs them. If it was, ll would have had to shut them down and legally inform us that they did have access to PII. Linden lab is legally bound in the US, UK and probably other countries that I'm not as familiar with, when PII is accessed by a third party or breached. They have no choice in that. Since we never got that from them, we know with absolute certainty that these bots can't access that. You can doubt it and you can make up scenarios where it's possible, maybe in the future, if their programming is altered. But right now, hasn't happened, won't happen and can't happen. 

Everything else like textures and UUIDs and basic avatar information, all viewers can mine from you. Whether people know how to make heads or tails of all the data your viewer collects on others or theirs collects on you is a different topic. All viewers collect it though and send it to your system, collect it for later use, or even no use at all, but they collect it which in this context is mining. 

[Innula Zenovka]

16 minutes ago, Arielle Popstar said:

If it is being hotlinked from S/L servers, wouldn't she have to file it on the Lab?

I don't know.  If she does, they'll doubtless tell her that. Only one way to find out.

[Scylla Rhiadra]

2 minutes ago, Sid Nagy said:

Some(one) doing all this work, just for the fun of it?
Nah... unlikely if you ask me.
There must be an agenda of some sort, but they will not publish that information on their website of course.

 

Just now, Arielle Popstar said:

I wouldn't be so sure because while we discuss this and the Lindens are resting for the weekend, there are others undoubtedly thinking up ways they can duplicate the information these bots are gathering and monetize it. If the Lab allows this to continue, we are sure to see copycats who may even go beyond the limits of these bots. This article is interesting if one hasn't already seen it. https://www.lounetizen.com/botdata/privacy/

Granted -- as I've said somewhere above, I'd love to hear their explanation of their motivations and intent. But it may not be anything more than selling the data to merchants, or enabling targeted ads / spam. Which, admittedly, is kind of awful too, but not a "threat" per se.

I'm as, or more concerned about how this data might in turn be harvested by someone else with fewer scruples than the compilers might actually have.

[Skyler Pancake]

[Caeruleiae]

1 hour ago, LittleMe Jewell said:

Except that a Bot should not be able to see any aspect of my profile that any other non-Friend SL user can see.  And the Bot definitely should not be able to see whether or not I am Premium or Premium Plus.

I can see everything your friends can see. All I have to do is pull up your profile with my viewer, I don't need to be your friend. KI can do that by being in a group with you, having your calling card, just seeing you around, searching your name if you don't have it hidden from search, finding an object you made, or using a script. It's not hard to do, your profile isn't private in sl. I can't see your profile on the website if you have it set so I can't, but inworld I can. That's what the bots get inworld, same thing everyone else can.

The premium account thing was explained by others, it's built into lsl, anyone inworld can do that, even a bot. 

[Solar Legion]

3 minutes ago, Dorientje Woller said:

You sound like our government ... advising us to isolate/soundproof our homes against excessive noise during the night ... while it's forbidden to make excessive noise between 10 PM & 6 AM since 1835 on the whole territory of the country. Tackle the issue as solution, don't force your users to invest in solutions.

What your Government advises you to do concerning your RL situations ... is rather irrelevant here. You have access controls and access to other tools to manage parcel access.

Use them - it is on you to do so. Beginning and end.

[Dorientje Woller]

1 minute ago, Solar Legion said:

What your Government advises you to do concerning your RL situations ... is rather irrelevant here. You have access controls and access to other tools to manage parcel access.

Use them - it is on you to do so. Beginning and end.

And you fail to see the point. Those bots overrule these security measurements. 

[Scylla Rhiadra]

1 minute ago, Skyler Pancake said:

Yeah.

Sorry, Keira, but that too ignores (deliberately?) the nature of what can be accomplished with a really large data set.

And telling us that we should, for our own "safety," not use to its full potential a tool that the platform provides for our use is hardly a reassuring or useful answer.

[Innula Zenovka]

2 minutes ago, Scylla Rhiadra said:

Yeah.

Sorry, Keira, but that too ignores (deliberately?) the nature of what can be accomplished with a really large data set.

And telling us that we should, for our own "safety," not use to its full potential a tool that the platform provides for our use is hardly a reassuring or useful answer.

What do you suggest could be done with the data set that is being collected here?

Edited January 21, 2023 by Innula Zenovka

[Solar Legion]

Just now, Dorientje Woller said:

And you fail to see the point. Those bots overrule these security measurements. 

No, they do not. Unless expressly banned, an individual account can and will be able to get onto your parcel above a certain altitude. That is by design. Your recourse then is to either ban each individual account (which no one really recommends) or to utilize a properly set up, third party security system.

[xDancingStarx]

I think it's important to discuss this completely independent of the intentions. Not only because we don't know of the intentions, or because the intentions may change at any point of time, but also intentions may seem good or bad to different people. I may have the great intention to help some club owners by making the search capable of listing all people that were active within the last month that have at least a furry-place-pick in their profiles, so they can ban them in advance. May seem like a great intention for some club owners, while hopefully most people would disagree.

[Skyler Pancake]

3 minutes ago, Scylla Rhiadra said:

Yeah.

Sorry, Keira, but that too ignores (deliberately?) the nature of what can be accomplished with a really large data set.

And telling us that we should, for our own "safety," not use to its full potential a tool that the platform provides for our use is hardly a reassuring or useful answer.

Linden Labs is legit Linden Research, Inc. Linden Labs could very likely have a huge database of all this information already and actually have it connected to your personal information.

 

If you're really terrified of someone finding out that you like to sex it up with a virtual avatar, please consider disconnecting from the internet.

Edited January 21, 2023 by Skyler Pancake
Cause word bans.

[Scylla Rhiadra]

Just now, Innula Zenovka said:

What do you suggest could be done with the data set that is being collected here?

Good question! I think, as I've said above, that one of the more likely answers to that is probably compiling information about shopping habits, where people go, what they do, etc., in a way that might be monetized -- although it's always seemed to me that SL commerce is on such a small scale that no one is likely to pay much for such information.

I think there is potential for it to be used to (very poorly) identify alts. Such information would be, again as I've said, full of inaccuracies -- but then so is alt detection by IP address, and there were lots of people ready to pay money for that.

As I've said -- the threat, if there is one, is not clear yet. But this bears watching.

[Ezbeharra]

2 minutes ago, Innula Zenovka said:

What do you suggest could be done with the data set that is being collected here?

From what's being collected? Fairly up to date in-world location tracking, from the looks of it. Maybe not quite on the level of "allow anyone to find me on the map" but certainly on the level of "let everyone see where I was an hour or so ago".

[Arielle Popstar]

1 minute ago, Skyler Pancake said:

Linden Labs is legit Linden Research, Inc. Linden Labs could very likely have a huge database of all this information already and actually have it connected to your personal information.

 

If you're really terrified of someone finding out that you like to sex it up with a virtual avatar, please consider disconnecting from the internet.

Well yes, have to trust Linden Lab on some things but nowhere did it say I needed to trust inworld bots scraping my profile data to publish on a non LL site that anyone can access. Apples and oranges.

[Love Zhaoying]

I think we need to use the technique that works on Facebook. Add the following text to your profile:

"I am trying this trick, and it works!

I hereby do NOT give LL or any third-party permission to use my Profile information.

Copy and Paste this into your Profile, so you can have more Privacy too!"

 

Edited January 21, 2023 by Love Zhaoying

[Caeruleiae]

45 minutes ago, Ezbeharra said:

Can someone explain what rationale this site could possibly have for collecting profile data and making it searchable, when its purpose, according to the New World Notes article, is to track region activity in order to determine which high traffic regions are filled with actual users at their keyboards?

No purpose, that I can see, which is why I think the avatar data collection is stupid. Location data is very useful, or could be anyway, if done right and for the right purposes. 

It really isn't done well, but if one of the purposes was to frighten people, and create weird panic that sometimes is founded panic due to rl scenarios playing out and ending badly, it did that well. People know to be worrisome about data breaches and possibilities they present. People know to be scared of entities that collected our PII. I'm not surprised people don't like these bots and what they might represent. A little surprised people think they can do something they can't, but don't blame them for it. 

Whoever programmed them isn't doing themselves or sl any good service. I am not sure they actually know what they're doing or how to go about making the data and datasets collected useful. I think it's probably someone who likes programming or IT and thinks they've done something awesome, but didn't get far enough in their practical experience or maybe schooling with it to know what to do with the results collected.

There's no real point to the data collected and presented. It serves no purpose, because it's not even collected in a meaningful manner. It's not used in a meaningful manner. Most people that find it won't know what to do with it or what purpose it serves, because there isn't one and the location data is hardly useful unless it's in realtime, which it's not. Someone can tell you there were 56 people at the restaurant last night too, but what good does that do a customer calling right now to ask how busy it is now? Yesterday's data isn't helpful to average user. Maybe helpful, a bit, to landowner, but still not realtime and if you look through it, it's mostly unhelpful data 

 

[Caeruleiae]

30 minutes ago, Caeruleiae said:

Yes, but they can't be caused by what these particular bots are doing. It's impossible for any system to be 100% effective, against any kind of breach. But what these bots are doing, isn't that. They, specific, cannot perform any security breach, at least not as they are programmed and as this program works. Other breaches are entirely possible, just not in this context.

Your actual PII is protected from these bots. Since this thread is about these bots and the way the program or programs work that run them, that's what I answered based on.

Your bank can't even protect your PII, in fact it protects it less than ll does, which is pretty sad. Banks have breaches almost daily, you just don't know about them. Banks link more of your PII to your account and likeness than most any other company, but they also expose your information to more potentially bad players than any other company. Yet, you still use them, in one form or another and opt into everything just by doing so. 

 

[Scylla Rhiadra]

4 minutes ago, Skyler Pancake said:

Linden Labs is legit Linden Research, Inc. Linden Labs could very likely have a huge database of all this information already and actually have it connected to your personal information.

 

If you're really terrified of someone finding out that you like to sex it up with a virtual avatar, please consider disconnecting from the internet.

This is an argument for deregulation of pretty much any and everything. Don't want to be slowly poisoned by pesticides? Stop eating veggies! Afraid your Tesla is going to suddenly accelerate into the back of a semi? Don't drive a Tesla!

I have no such fears, myself. Anyone wanting info about me, personally, would be far far better served searching these forums: what they'd discover would serve as a wonderful soporific. The larger issue is how this might impact upon the platform as a whole, if it produces, intentionally or inadvertently, something that is, or is perceived to be, a "threat" to enough users.

[Volo Linden]

Hello all, we understand your concern regarding the content shown on the BonnieBots website. As Keira stated in the topic "Has anyone else noticed the B[xxxx] accounts?," the information displayed is accessible via LSL script calls and is publicly available information. We would recommend removing content from your profile if you did not wish for others to see it. 

For more information, see the statement posted here: 

 

 

As we have ensured this website adheres to our privacy requirements, we will be locking this thread.