Sims tracking your IP adress and with it no longer allowing alts. Is this legal?

[belindacarson]

4 hours ago, bigmoe Whitfield said:

LL can see everything you do and say in SL.   that much is known, they log everything server side.

The wiki even points out I'm logs are kept for two weeks ref abuse reports

[bigmoe Whitfield]

8 hours ago, belindacarson said:

The wiki even points out I'm logs are kept for two weeks ref abuse reports

Yep im's and local chat for 2 weeks,  I think retention is a bit longer than that though.  even when I had my own hosting company (I close it down november last year)  I kept the required logs server side for 6 months and then they auto purged,  2 weeks was covered in my own tos, but knowing how ***** retentive certain agencies are about data in this country...   I figured best to hold onto them a bit longer. lol

[belindacarson]

34 minutes ago, bigmoe Whitfield said:

Yep im's and local chat for 2 weeks,  I think retention is a bit longer than that though.  even when I had my own hosting company (I close it down november last year)  I kept the required logs server side for 6 months and then they auto purged,  2 weeks was covered in my own tos, but knowing how ***** retentive certain agencies are about data in this country...   I figured best to hold onto them a bit longer. lol

https://wiki.secondlife.com/wiki/Linden_Lab_Official:Technical_overview_of_Second_Life_security

 

Here's the link to the wiki page

Edited February 1, 2023 by belindacarson
forgot to add wording.

[Prokofy Neva]

On 1/31/2023 at 4:05 PM, Rick Daylight said:

For 'something' to get your IP address in the first place, a connection to something must be made from your PC. That's the only way to "see" an IP address (discounting network hacking). 'Connection' here means any packet of data sent from your PC to 'it'.

Most things, even SQL database connections from a vendor script, connect from SL's servers, not from your PC. Thus the vendor's server only sees LL's IP address. It's nearly all server side. It has to be because that's where the scripts run. Only a very few functions (like playing media on a prim) cause the viewer on your PC to make the connection directly. Plus the viewer-side functions like parcel streams, the built-in web browser, and if you click any link and allow it to open in an external web browser. But you get asked to allow that.

So, things like HUDs that use media on a prim (rather than just needing a server connection for data storage/whateveR), or any media playing on a parcel even if you can't see it because it's deliberately 'blank' or small, any streaming service, Caspervend redelivery website... all those can easily grab your IP and correlate it to your avatar.

And that is the only way to get your IP address out of SL. LL knows your IP address, every server you connect to at LL knows it, the content servers at Amazon know it. But, unless there is some secret nasty, IP-sharing stuff going on with LL's or Amazon's approval (and that would be so bad and probably illegal that I very, very much doubt it), no-one else, anywhere, can see your IP address outside the above mentioned.

Once your IP address has been captured and correlated with your avatar, then of course it's in the wild and anyone who's in the sharing loop gets it.

As to identifying possible alts... that's just a case of simple matching of multiple captures, at the hardest. Not really reliable because there is lots of IPv4 address sharing even at the service provider level.

Finally, LL I believe do record MAC addresses too. That is something that must be reported back to them by the viewer; it's the hardware address on your network card which is used at a local level only by your LAN. That can be used to ban an actual PC (or at least, that network card). Most cards can have their MACs changed easily though. I do wonder if they also get the MAC of your router - that's also possible and not necessarily as easy to change (it is on mine, but I'm special, lol). Edit: No-one else, nothing in SL, can get your MAC address.

 

We have been told since the dawn of time that LL MAC bans people, since that very first big batch of Something Awful griefers that Philip ordered to be banned. And yes, they then change their MAC addresses.

I notice none of you are mentioning the new function on the viewer on the land menu that cloaks MOAP.

You can opt to check this radio dial and your MOAP will be cloaked.

That suggests that if you have NOT cloaked it, then in theory it is being grrabbed somewhere.

Perhaps this isn't on Firestorm, you're all on Firestorm, and therefore don't see this? I thought Firestorm "had" to add things like this.

So your friend Prokofy, back in 2020, annoyed at how often tenants complained or moved out because other tenants -- or more often, neighbours -- left YouTube or TV prims going on their land, annoying everyone around them even outside the parcel, wrote this post.

Hardly due to Prokofy's post, but more likely due to other people's protests in office hours, this got changed, and while some have theorized it has something to do with "privacy" and "my IP address," others think it's merely due to the nuisance issue.

 

[belindacarson]

19 minutes ago, Prokofy Neva said:

We have been told since the dawn of time that LL MAC bans people, since that very first big batch of Something Awful griefers that Philip ordered to be banned. And yes, they then change their MAC addresses.

I notice none of you are mentioning the new function on the viewer on the land menu that cloaks MOAP.

You can opt to check this radio dial and your MOAP will be cloaked.

That suggests that if you have NOT cloaked it, then in theory it is being grrabbed somewhere.

Perhaps this isn't on Firestorm, you're all on Firestorm, and therefore don't see this? I thought Firestorm "had" to add things like this.

So your friend Prokofy, back in 2020, annoyed at how often tenants complained or moved out because other tenants -- or more often, neighbours -- left YouTube or TV prims going on their land, annoying everyone around them even outside the parcel, wrote this post.

Hardly due to Prokofy's post, but more likely due to other people's protests in office hours, this got changed, and while some have theorized it has something to do with "privacy" and "my IP address," others think it's merely due to the nuisance issue.

 

But don't you hold the distinction of being the first ever person perma banned from the original forums?

 

[Ceka Cianci]

Deleted.

Never mind, I thought  I was responding about something else.. Misunderstanding on my part.. hehehe

Edited February 2, 2023 by Ceka Cianci

[CarlaWetter]

4 hours ago, Prokofy Neva said:

I notice none of you are mentioning the new function on the viewer on the land menu that cloaks MOAP.

Because it does not really make a difference. To stay with my earlier long winded explanation, "obscuring" MOAP is a limit that generally tells your viewer to ignore MOAP content outside your parcel. It still has nothing to do with the question if your viewer connects to a third party MOAP source or not.

Edited February 2, 2023 by CarlaWetter
Wrongly attibuted to be a serverside feature

[Silent Mistwalker]

RE: Banning by MAC address

 

https://security.stackexchange.com/questions/1118/can-i-block-based-on-mac-address

[Rick Nightingale]

@Silent MistwalkerAre you saying the above means you cannot ban based on a MAC address? That post you linked is sort of saying so I think.

There's a critical difference: That post does not address that, in this case, LL has their software (the viewer) running on our PCs. That software can read the MAC address of the PC, in fact any MAC address on the LAN that the PC has communicated with recently, like the first router. A simple command line function will do that in any operating systems. If you are on Windows, start a command prompt and enter arp -a.

So, here's the procedure:

1. The viewer starts to connect to LL's servers. It reads the MAC address of the PC's network interface and sends it to LL.
2. LL begins to process the login request, and checks the MAC address against its stored blacklist.
3. If the address is found, it refuses to allow the viewer to log in.
4. Simple.
5. For extra points, grab and send the MAC address of the LANs internet router too, in case the user is savvy enough to change it on the PC. Then you are blocking the user's entire LAN.

Edit to add: using the MAC address to identify a PC used to be common in software licensing, often used to lock software to one and only one PC. Usually on very expensive software paid by license fees per seat.

Edited February 2, 2023 by Rick Daylight

[bigmoe Whitfield]

@Rick Daylight mostly everything in today's world can be spoofed or changed easily, it's almost as simple as firing up vmware instances or virtualbox instances, they get new hardware id when a new vm is created or cloned.  

[Rick Nightingale]

I know - the point was that it can be done, not that it can't be bypassed. That's why I said earlier that it's largely pointless. (VMware server farm designer and CCNP here, among other sins)

[bigmoe Whitfield]

5 minutes ago, Rick Daylight said:

I know - the point was that it can be done, not that it can't be bypassed. That's why I said earlier that it's largely pointless. (VMware server farm designer and CCNP here, among other sins)

sweet

[Love Zhaoying]

1 hour ago, Rick Daylight said:

Edit to add: using the MAC address to identify a PC used to be common in software licensing, often used to lock software to one and only one PC. Usually on very expensive software paid by license fees per seat.

Very annoying, because when the PC dies you have to convince the vendor so they can let you install on a new PC!

[Lindal Kidd]

On 1/27/2023 at 3:35 PM, Qie Niangao said:

If only we could summon William of Ockham

William of Ockham, I choose you!

[Rick Nightingale]

24 minutes ago, Love Zhaoying said:

Very annoying, because when the PC dies you have to convince the vendor so they can let you install on a new PC!

Yep... unless you record the MAC and program it onto another NIC

I used to reflash the firmware on server NICs to add modified BIOS functions that would add to the server's own BIOS for... stuff. All good fun!

[Silent Mistwalker]

4 hours ago, Rick Daylight said:

@Silent MistwalkerAre you saying the above means you cannot ban based on a MAC address? That post you linked is sort of saying so I think.

There's a critical difference: That post does not address that, in this case, LL has their software (the viewer) running on our PCs. That software can read the MAC address of the PC, in fact any MAC address on the LAN that the PC has communicated with recently, like the first router. A simple command line function will do that in any operating systems. If you are on Windows, start a command prompt and enter arp -a.

So, here's the procedure:

1. The viewer starts to connect to LL's servers. It reads the MAC address of the PC's network interface and sends it to LL.
2. LL begins to process the login request, and checks the MAC address against its stored blacklist.
3. If the address is found, it refuses to allow the viewer to log in.
4. Simple.
5. For extra points, grab and send the MAC address of the LANs internet router too, in case the user is savvy enough to change it on the PC. Then you are blocking the user's entire LAN.

Edit to add: using the MAC address to identify a PC used to be common in software licensing, often used to lock software to one and only one PC. Usually on very expensive software paid by license fees per seat.

Did you go to the link and read the whole thing? Or just the part I screen snipped?

[Rick Nightingale]

@Silent Mistwalker I checked the link and read most of it although I hardly need a lesson on basic networking... so I'll ask again since your post/screenshot doesn't make it clear: what do you think it is saying, that you cannot ban by MAC address?

The top line in your shot reads, "In short, the answer is no, you usually can't block based on MAC address." which would suggest you think that to simply be the case and anyone reading just what you posted might go away with that conclusion.

Edit: always keep in mind on that site and others where people get points for answering questions... it's just random people answering questions to gain points. Not necessarily giving good answers. Sort of like any forum.

Edited February 2, 2023 by Rick Daylight

[Love Zhaoying]

..maybe is joke?

[Rick Nightingale]

An IPv4 address walks into the bar and yells, "Bartender! Give me a cider, I'm exhausted!"

[Love Zhaoying]

13 minutes ago, Rick Daylight said:

An IPv4 address walks into the bar and yells, "Bartender! Give me a cider, I'm exhausted!"

I geeve yew points!!

[Silent Mistwalker]

2 hours ago, Rick Daylight said:

@Silent Mistwalker I checked the link and read most of it although I hardly need a lesson on basic networking... so I'll ask again since your post/screenshot doesn't make it clear: what do you think it is saying, that you cannot ban by MAC address?

The top line in your shot reads, "In short, the answer is no, you usually can't block based on MAC address." which would suggest you think that to simply be the case and anyone reading just what you posted might go away with that conclusion.

Edit: always keep in mind on that site and others where people get points for answering questions... it's just random people answering questions to gain points. Not necessarily giving good answers. Sort of like any forum.

I don't recall offering an opinion. In fact, I'm certain I deliberately didn't offer one. I also did not direct my post to anyone in particular, least of all you.

People want to discuss so I tossed something relevant in for people to discuss. I'm under no obligation to participate in that discussion. 

Sorry, none of the poop stuck. The very reason I didn't put forth a personal opinion.

[Eva Nova]

What I do not understand is, if a sim owner is so insistent of keeping you out of their virtual land that they pay for, why are you so relentlessly trying to get in? Just go somewhere else.

[Ardy Lay]

2 hours ago, Rick Daylight said:

An IPv4 address walks into the bar and yells, "Bartender! Give me a cider, I'm exhausted!"

Coming right up!  CIDR Report (cidr-report.org)

[Gwyneth Llewelyn]

On 1/28/2023 at 11:49 PM, shireena1 said:

I wouldn't be at all surprised that SL is monitored and they can see what I am typing in, my isp certainly has the option to monitor and filter my connection, if they NEED to.

... but even your ISP cannot tap into a connection to the SL forums, which is encrypted. :-) So you don't need to worry when posting here.

Mind you, your ISP might be able to see something of what you do in SL, because not all communications between your viewer and the grid are fully encrypted. Most are (like downloading assets, such as mesh, textures, sound...) but I'm not 100% sure that everything is fully encrypted end-to-end — most notably, my guess is that positional information of your avatar within a region might be 'grabbable' by your ISP. Assuming, that is, that they knew what they were after — it's not that easy to understand the SL communications protocol just by looking at it, if your ISP's techs never heard of SL before — and that they were willing to spend a considerable amount of time doing so. Why they would ever bother doing that is wildly beyond my ability to imagine. I suppose that if they had been contacted by the local authorities to investigate your account, because you're the subject of a criminal investigation, well, in that case, I'd guess they might be coerced to do that if they were served a warrant — again, assuming you live in a country where there is a Rule of Law and a general following of the Universal Declaration of Human Rights (if you don't, all bets are off!).

So, the likelihood of your ISP having the option of monitoring and filtering your connection is next to zero (or about the same chance of getting hit by a micrometeorite while being on an airplane kidnapped by terrorists which is heading towards a city without vowels in its name on Friday the 13th at precisely 21:04 local time — which does not have a zero chance of happening, but so close to it that it becomes irrelevant).

Also, just because something is technically possible, it doesn't mean that it is actually commonly done. Here is a good example: it's 'technically possible' to try to break into your account by randomly guessing your password, using a brute-force attempt — basically, a long list of common passwords and their variations. However, this could require billions or trillions of attempts, some of which might take as little as a second each, but still... a trillion seconds is 31,710 years. So, while technically possible, it's hardly likely that anyone would bother to do that (and wait 31,710 years to find a match), unless they had exceptionally good reasons for doing so.

(And in any case your login would get quickly blocked after a few false attempts, thus spoiling any chance of success).

[Lilliput Little]

Hardware ID Ban

It was actually an issue many years ago on SL. It culminated with one viewer developer launching a DDoS attack on another developer. That was the point that LL took action. LL was aware of what was going on but they only acted after their platform was used to attempt a federal crime.