LL needs to implement a way to detect bots via script - urgently

[Rick Nightingale]

Given the number of unwlecome visits I've had today, I'm not going to tolerate it much longer. I do not pay a lot of money to have my land invaded, and I won't be forced to put up ban lines which I do not want. I enjoy visitors, if they are driven by a human. Or even a dog, come to that. But not a script.

Since accounts which are primarily used as bots are required by the TOS to be identified as such, LL needs to implement a way to determine this by script. Probably using the llRequestAgentData() function;  the same one that reports if we have payment info on file. That way, those of us who would rather not have bots landing next to our beds can easily run an auto-bot-booter. I'll make one available for free! Any bots not indicated as such would be breaking the TOS and their accounts would, of course, be dealt with by the appropriate authorities

Does this seem a reasonable idea?

If so, please "watch" the feature request I created on the JIRA: https://jira.secondlife.com/browse/BUG-233274 and feel free to add your comments as to why we need it.

Edit: I was going to say vote for the feature, but that seems only available in the Firestorm JIRA, not LL's.

Edit 2: I've posted this in General Discussion deliberately, since most people who might be interested do not necessarily visit the scripting forum. This is the sensible place for it.

Edited January 28, 2023 by Rick Daylight

[Rick Nightingale]

Please be careful responding to this - it would be nice if the thread didn't get locked too soon, or worse, suddenly vanish as they do.

[Qie Niangao]

Before I did a quick search, I'd assumed all Jiras requesting access to scripted agent status were closed, but here's one coming up on its ten year anniversary that somehow got accepted (a decade ago) :

Quote

Feature Request: "Disallow scripted agents" as an additional land access setting

As a land owner who is noticing a huge increase in traffic from bots on our private land I would like to request an addition to the parcel access settings: "Disallow scripted agents"

Lately I have been noticing a huge increase in bot traffic: every day several different bots enter our parcel to do i don't know what.
Therefor I suggest two things:

1. An additional setting on the parce access settings page: "Disallow scripted agents" that would prohibit avatars that have the "scripted agent" status set to enter the parcel.
2. The "scripted agent" status would have to be enforced, i.e. a bot avatar that does not have that status set would be AR-able

also,
3. The "scripted agent" status should be visible in the profile of an avatar.

I suppose the hard part about this is there's no reliable mechanism for detecting which agents should have the Scripted Agent status but don't. So the reasoning may be that anything that publicly reveals Scripted Agent status would discourage scripted agents from identifying themselves.

It's a finely tuned system, don't ya know.

[Love Zhaoying]

1 minute ago, Qie Niangao said:

but here's one coming up on its ten year anniversary that somehow got accepted (a decade ago) :

Maybe when it's old enough to drink..

[Rick Nightingale]

It won't let me view that one.

Perhaps this time might be different given the bit of traction on the forum. [checks the sky for flying bacon]

I agree regarding the 'tick this box if...' issue, but at least it would then become a breach of the TOS by the account holder rather than acceptable use. Using that as an excuse not to implement the function would be disingenuous and very bad form.

Edited January 28, 2023 by Rick Daylight

[Dorientje Woller]

20 minutes ago, Count Burks said:

(i) Post or transmit viruses, Trojan horses, worms, spyware, time bombs, cancelbots, or other computer programming routines that may harm the Service or interests or rights of other users, or that may harvest or collect any data or information about other users without their consent;

Thank you for pointing this out, as it eliminates the discussion of what is considered private and public data.

[Rick Nightingale]

Folks, while I can't disagree, please can we keep this topic on topic for as long as possible so as not to give reasons to lock it?

The topic is regarding the utility of a function to detect properly identified bots.

[EliseAnne85]

34 minutes ago, Rick Daylight said:

Folks, while I can't disagree, please can we keep this topic on topic for as long as possible so as not to give reasons to lock it?

The topic is regarding the utility of a function to detect properly identified bots.

I am for a utility function for the detection of properly identified bots.  

Edited January 28, 2023 by EliseAnne85

[Dorientje Woller]

@Rick DaylightPoint 3 of what you have posted is also at place: I have lost count how many times a bot has disrupted my creative flow with landing in the middle of my house.

[Quartz Mole]

Please confine contributions to this thread strictly to the topic -- that is, the jira request under discussion.

Attempts to discuss the desirability or otherwise of bots in general, or things bots may do given the opportunity, will be considered off-topic.   I think we're all now well familiar with the arguments after the last few days and there is no need to try to rehearse, yet again, things that have already been discussed in considerable detail in several locked threads.

 

[Hymn Celestia]

1 hour ago, Rick Daylight said:

Given the number of unwlecome visits I've had today, I'm not going to tolerate it much longer. I do not pay a lot of money to have my land invaded, and I won't be forced to put up ban lines which I do not want. I enjoy visitors, if they are driven by a human. Or even a dog, come to that. But not a script.

Since accounts which are primarily used as bots are required by the TOS to be identified as such, LL needs to implement a way to determine this by script. Probably using the llRequestAgentData() function;  the same one that reports if we have payment info on file. That way, those of us who would rather not have bots landing next to our beds can easily run an auto-bot-booter. I'll make one available for free! Any bots not indicated as such would be breaking the TOS and their accounts would, of course, be dealt with by the appropriate authorities

Does this seem a reasonable idea?

If so, please "watch" the feature request I created on the JIRA: https://jira.secondlife.com/browse/BUG-233274 and feel free to add your comments as to why we need it.

Edit: I was going to say vote for the feature, but that seems only available in the Firestorm JIRA, not LL's.

Edit 2: I've posted this in General Discussion deliberately, since most people who might be interested do not necessarily visit the scripting forum. This is the sensible place for it.

Thanks Rick and duly watching.

[Sparkle Bunny]

I fully expect those who are running bots to support making this data available to us, as part of the information-sharing enterprise they are engaged in

[Ezbeharra]

I think this is a useful and desirable feature that would improve Second Life for everyone. I've added myself as a watcher and I'd encourage anyone else who sees this as an improvement to do the same.

[LittleMe Jewell]

Watching - and here's hoping that something is actually done on this Jira rather than just letting it fall into the neverlands.

[Coffee Pancake]

We can detect who's paying LL for premium plus, who has PIOF, who the basics are, all from LSL (for some reason) so this is a great suggestion on the grounds of being completionist alone, even though it in no way addresses anything that might be going on right now and can not be considered a solution to anything in isolation.

[Kimmi Zehetbauer]

Hopefully some action will happen on the Jira.  Probably should've been done earlier instead of the topics that were made.

[Akane Nacht]

good idea. Will be watching. I'm not a landowner but friends who are (who don't frequent the forum) have complained of excessive bot visits. 

[Ceka Cianci]

They should add something in there about enforcement as well, because it'll just be scripted bots not registered showing up, if this ever really was implemented.. So it'll end up being just another bone thrown to the dog, like the unenforced scripted agent rule was.

Just seems like a lot of energy spent to gain an inch when there's a mile to go.

 

[Hymn Celestia]

23 minutes ago, Ceka Cianci said:

They should add something in there about enforcement as well, because it'll just be scripted bots not registered showing up, if this ever really was implemented.. So it'll end up being just another bone thrown to the dog, like the unenforced scripted agent rule was.

Just seems like a lot of energy spent to gain an inch when there's a mile to go.

 

It's a good start though; the long journey needs to start.  Task by task, day by day, relentlessly.

[Maitimo]

I wonder if there's a possibility of implementing some kind of captur task. I know its possible because years back, when camping chairs were still a thing, some places actually used this. There would be a pop-up asking a simple maths question and if you didn't answer correctly, and quickly enough, you'd be unseated from the chair and ejected from the parcel.

[Ceka Cianci]

3 minutes ago, Lyric Demina said:

It's a good start though; the long journey needs to start.  Task by task, day by day, relentlessly.

That's what the rule was supposed to be, was the start.. This will have that rule for a foundation, so whatever gets sat on that rule will be just as weak.

A good start would be something on a solid foundation, otherwise it's just spinning our wheels.

 

[Marianne Little]

I want to be able to stop bots too. I wish it was an option under "land". Tick it, and bots-b-gone.

[Caeruleiae]

It is a good suggestion, but it's been made before. I would like to know what is different between this suggestion and the others of the same nature made before? I don't think requests of the same nature being made time and again will make ll all of a sudden decide it's a good idea. I don't see them as having done so before now with any other kind of suggestion. So what will make this request stand out more than the lots of others?

Without enforcement of existing rules in place and ones not yet in place that makes people register them as bots, putting this request in will fail before it even starts. That's not because its a bad idea, it's a good one. But it will fail because there is no existing requirement to prevent people from just not registering as scripted agents. Avatars can already be controlled by a program and not be bots. People use those programs every day already. So would people that use those clients and programs also have to register their avatars as scripted agents too, since they might be automated and not run on full client? I think this is where the request falls flat. Not because it's a bad idea, but because like Ceka said, there isn't a foundation to build it on. It has nothing to hold it up yet. Ll needs to put that in place first and then put in ability to detect and restrict scripted agents. I don't think ll has figured that part out yet and that's why all the previous requests of the same thing have been closed. I don't think making more of the same request will get the answer people want. We need requests that address the first problem and go from there, not the top down. You don't build security from top down. 

[Marianne Little]

Maybe the new type of bots are so many and so annoying, that LL decides to act now, instead of ignoring the request.

If people notice them and start to talk outside the forum, then it is beginning to be big. The forum is just a small group of people posting.

I have not been much inworld lately, so I wonder: Those of you who are in groups not related to fashion (all my groups are) have anyone spoken about the bots? In groups for sailing or driving? Or groups with just a lot of general chat? In Belisseria citizens group? I don't know if the bots are in Bellisseria, but that group is active 24/7.

12 minutes ago, Caeruleiae said:

It is a good suggestion, but it's been made before. I would like to know what is different between this suggestion and the others of the same nature made before? I don't think requests of the same nature being made time and again will make ll all of a sudden decide it's a good idea. I don't see them as having done so before now with any other kind of suggestion. So what will make this request stand out more than the lots of others?

Without enforcement of existing rules in place and ones not yet in place that makes people register them as bots, putting this request in will fail before it even starts. That's not because its a bad idea, it's a good one. But it will fail because there is no existing requirement to prevent people from just not registering as scripted agents. Avatars can already be controlled by a program and not be bots. People use those programs every day already. So would people that use those clients and programs also have to register their avatars as scripted agents too, since they might be automated and not run on full client? I think this is where the request falls flat. Not because it's a bad idea, but because like Ceka said, there isn't a foundation to build it on. It has nothing to hold it up yet. Ll needs to put that in place first and then put in ability to detect and restrict scripted agents. I don't think ll has figured that part out yet and that's why all the previous requests of the same thing have been closed. I don't think making more of the same request will get the answer people want. We need requests that address the first problem and go from there, not the top down. You don't build security from top down. 

 

[Coffee Pancake]

16 minutes ago, Caeruleiae said:

It is a good suggestion, but it's been made before. I would like to know what is different between this suggestion and the others of the same nature made before?

Why does that matter. We're not trying to rules lawyer out he perfect sentence that will product the desired result, this isn't an incantation or magic spell.

Some things take many requests before the message gets though.