Jump to content

New Feature: Scripted Agent Estate Access Discussion


You are about to reply to a thread that has been inactive for 419 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Just now, Love Zhaoying said:

Shouldn't you be more upset with the "bad bots" then, instead of with Linden Lab or us? We mostly only care about the "bad bots". 

Certainly I am upset with them. But until a way is found to distinguish the good bots from bad ones, they are all treated the same, which according to some here is just fine: Unintended causalities just have to be accepted in the name of progress. :(  

I don't buy it. Paul is right. There are better ways to handle this.

  • Like 4
Link to comment
Share on other sites

1 minute ago, Love Zhaoying said:

Exactly, and how long before they ban HTTP Requests to ChatGPT?

Doesn't SL already host enough barely-literate mediocrities without calling on the aid of AI to add more?

 

 

 

 

JOKING! I AM JOKING! EVERYONE IN SL IS AMAZING!

  • Thanks 1
Link to comment
Share on other sites

8 minutes ago, M Peccable said:

In my case at least, that very thing has been happening for well over 12 years now. It wasn't until this latest huge batch of bad bots hit the grid that got me caught up into all of this.

Yeah, this recent case has kind of gotten us all caught up in it and it's made me want to bow out several times, too, as many posts go far too much into black and white thinking.  

The thing is there needs to be some kind of level playing field between bot and resident.   

The thing is though I don't see why LL couldn't have a special sign up area for PIOF Registered Agents with a reasonable fee.  

 

Link to comment
Share on other sites

2 minutes ago, Love Zhaoying said:

I bet ChatGPT has the answer for the conundrum we find ourselves in. Could someone please ask it, before it is banned?

Quote

As an AI language model, I cannot have personal opinions, but I can present some potential pros and cons of allowing bots in Second Life:

Pros:

  • Bots can enhance the virtual world by adding more activity, social interaction, and realism.
  • They can provide assistance and support to players, such as answering questions or facilitating transactions.
  • Bots can also serve as useful tools for developers, designers, and researchers who want to test and experiment with various features and scenarios.

Cons:

  • Bots may have negative impacts on the immersive and social nature of Second Life if they are overused or used inappropriately.
  • They can also create unfair advantages for players who use them for cheating or other malicious purposes.
  • Bots can potentially generate spam and unwanted messages, leading to a decrease in user engagement and satisfaction.

Overall, it depends on how bots are implemented and regulated in Second Life. If they are well-designed, properly monitored, and used ethically, they can be a valuable addition to the virtual world. However, if they are not carefully managed, they can lead to negative consequences for the user experience.

ChatGPT in this query seems to support bots that are well intentioned.  

/me shifts eyes back and fourth

I for one support our AI overlords. 

  • Thanks 1
  • Haha 1
Link to comment
Share on other sites

1 hour ago, Rick Nightingale said:

It might surprise someone to know I too have a product which relies on bots, that I've sold to the vehicle riding, flying and sailing community for years. One difference: My bots don't TP to parcels unasked for. In fact they have to be specifically summoned by a control HUD, by the user, when needed for a specific purpose. They don't gather anyone's data, or anything else for that matter and only land where specifically told to by the owner.

Mine too will suffer from this though, despite that they are totally benign in action. Such is life. We still should have the ability to control access to bots properly.

Residents should have the ability to control access, I agree, to their own land. I've repeatedly stated support for parcel and private region controls as well as ability to identify scripted agents via script command.

If this was set up so individual parcel owners could toggle the option, cool. If they set it so that 50% of the parcels were set to no-bots on the region and that made the whole region automatically no-bots, cool. All this decision does is take away further control and access to the residents and promotes the subversion of the rules.

Also, for anyone who's saying "Well, LL will just ban people who don't mark their bot accounts as scripted agents!" Nope. LL is HORRIBLE at detecting what accounts are bots, they don't actually have anyone or anything actively monitoring for this. We actually had an account banned that WAS marked as a scripted agent for being a scripted agent. LL is horrible at enforcement of their policies, which anyone with experience of reporting violations can testify to.

  • Like 2
Link to comment
Share on other sites

7 minutes ago, M Peccable said:

Certainly I am upset with them. But until a way is found to distinguish the good bots from bad ones, they are all treated the same, which according to some here is just fine: Unintended causalities just have to be accepted in the name of progress. :(  

I don't buy it. Paul is right. There are better ways to handle this.

This is just a first step. LL does and will listen to feedback, or we wouldn't have gotten this far. I wish you luck for a favorable outcome. 

  • Like 1
Link to comment
Share on other sites

12 minutes ago, Scylla Rhiadra said:

An interesting ramification of this that I'm hearing about on Twitter now is concern from scripters that the new PII rules impact on the LSL function llHTTPRequest(), making it, by definition, a violation of that new regulation.

I am going to be interested to see how this works out. There seems to be a desire for an absolutely airtight, completely precise set of guidelines for what is allowed or not allowed -- and, as anyone with any familiarity with the ToS and CS can attest -- that's just not how LL rolls.

That's actually leads into a whole nother topic that's hilarious. LL lists a bunch of examples of PII that aren't. IP addresses have actually been ruled in multiple court cases to not be PII unless associated with enough other data to identify someone. An anonymous username, such as all of them on Second Life, are not PII because they are anonymous. Information has to actually be able to identify any actual "natural person" to be considered PII. Nothing contained within the SL grid is PII by that definition.

  • Like 4
Link to comment
Share on other sites

8 minutes ago, Scylla Rhiadra said:

Doesn't SL already host enough barely-literate mediocrities without calling on the aid of AI to add more?

 

 

 

 

JOKING! I AM JOKING! EVERYONE IN SL IS AMAZING!

Related: As I've said recently, AI's won't be able to understand our semiliterate "text speak" younger / newer users, so maybe they are safe from its (Chat AI's) influence. In answering their questions, at least. Unless they run their text through a translator first..oops.

Link to comment
Share on other sites

8 minutes ago, Love Zhaoying said:

This is just a first step. LL does and will listen to feedback, or we wouldn't have gotten this far. I wish you luck for a favorable outcome. 

I appreciate your warm thoughts. But we all know how fast or slow LL reacts, depending on user knee-jerk demands. The squeaky wheel gets the grease. Judging by what I have read on this forum, I don't think there will be any outcries about unfair treatment of responsible bot owners. So I believe a slow death will happen before anything is done to tilt the playing field back to anywhere close to level.

"Today is a good day to die." - Worf

Edited by M Peccable
  • Like 2
Link to comment
Share on other sites

20 minutes ago, Scylla Rhiadra said:

An interesting ramification of this that I'm hearing about on Twitter now is concern from scripters that the new PII rules impact on the LSL function llHTTPRequest(), making it, by definition, a violation of that new regulation.

Can you expand on this, please?  What are PII rules and in what way can llHTTPRequest() be said to break them?   

  • Like 1
Link to comment
Share on other sites

8 minutes ago, M Peccable said:

But we all know how fast or slow LL reacts, depending on user knee-jerk demands.

I agree in this way: This first step seemed to go "pretty fast".  Due to the reactions and additional work probably needed, I don't expect the "next steps" (if there are any) to happen quite as fast.  They gave us a hammer, it takes a different set of tools to make the watchmaker's screwdriver we need and want.

Link to comment
Share on other sites

4 minutes ago, Innula Zenovka said:

What are PII rules

In the US, it seems a bit "squishy" only because some companies do their best but can't follow the same rules as in the EU.

I believe these are examples of the "top level" of PII:

RL names 

RL Addresses

Credit card information

Social Security numbers

Birth dates

..

The "secondary levels" are where it gets more "squishy".

  • Thanks 1
Link to comment
Share on other sites

17 minutes ago, Innula Zenovka said:

Can you expand on this, please?  What are PII rules and in what way can llHTTPRequest() be said to break them?   

https://wiki.secondlife.com/wiki/Linden_Lab_Official:Using_Personal_Data

 

Quote

What is Personal Data?

To understand Personal Data, one first needs to understand Personally Identifiable Information.

Personally Identifiable Information, often abbreviated as PII, is information that is capable of identifying an individual user, account, computer, or household. Note that PII need not include the actual name of an individual. That the information can refer to any of the above alone or in conjunction with other data elements linkable with that information suffices to make it PII.

  • Examples: A username, an agent ID, an IP address, or a tracking cookie are all examples of PII.

Personal Data includes all PII. Any additional information that one links to this PII also becomes Personal Data.

  • Examples: When one of the above examples of PII is combined with the contents of a Resident’s profile page, their online status, their chat, or their in-world travel behaviors, the PII and the linked data all become Personal Data.

Key section though is "capable of identifying an individual user, account, computer, or household." Although there is data stored on Linden Labs databases that qualify(payment data, mac address, IP address, etc), there is no such data stored within the Second Life platform itself that provides data that can be used by itself to identify an individual user, account, computer, or household.

 

The closest someone can get, short of hacking LL itself, is someone's IP address. Which by itself isn't PII because you can't fully identify someone.
 

  • Like 3
  • Thanks 1
Link to comment
Share on other sites

10 minutes ago, Paul Hexem said:

None of them work that fast, let's be honest.

Besides, how many times have we heard "this is just a first pass, I'm sure they'll improve it" about things added to SL?

I will grant them this: LL found a way for the "first pass" / "first cut" change to not require viewer changes. So, it is "workable" by anyone with any viewer (so far as I understand, if they have debug settings). That way, LL did not need to wait until all the viewers made some change, etc. Using a "debug setting" is about as crude as it gets, for the original announcement!

Link to comment
Share on other sites

8 minutes ago, Love Zhaoying said:

Using a "debug setting" is about as crude as it gets, for the original announcement!

That's right: Rushed out the door and implemented before it was ready because the squeaky wheel had turned into a roar. 

Edited by M Peccable
Typo
  • Like 1
Link to comment
Share on other sites

@Innula Zenovka

Here are the relevant bits of the new personal information policy:

"Personally Identifiable Information, often abbreviated as PII, is information that is capable of identifying an individual user, account, computer, or household. Note that PII need not include the actual name of an individual. That the information can refer to any of the above alone or in conjunction with other data elements linkable with that information suffices to make it PII.

Examples: A username, an agent ID, an IP address, or a tracking cookie are all examples of PII.

Personal Data includes all PII. Any additional information that one links to this PII also becomes Personal Data.

Examples: When one of the above examples of PII is combined with the contents of a Resident’s profile page, their online status, their chat, or their in-world travel behaviors, the PII and the linked data all become Personal Data."

[...]

"After Residents consent to the Second Life Terms of Service and connected Privacy Policy, Second Life presents select information about Residents to each other within the Second Life environment. This presentation is for the sole purpose of facilitating interaction within Second Life. Without a separate agreement in place (for e.g. as a sub-processor or vendor), there is no default right that any third party has to collect, store, process, or transmit a Second Life Resident’s Personal Data outside of Second Life."

The argument, as I understand it, is that the inclusion of account names and UUIDs in the category of PII renders any use of llHTTPRequest() to send agent name and location information to an external server a de facto violation of these rules because there is no "opt in" that would constitute a "separate agreement" between scriptor and resident. Or, as another person has put it, the rules make it impossible to comply because the llHTTPRequest function includes the name of of the owner of an object, and the UUID of the owner, in the outgoing headers of the request.

Edited by Scylla Rhiadra
Spelllllling
  • Like 4
  • Thanks 1
Link to comment
Share on other sites

I have a feeling that all of this  is going to lead to SL in general becoming less anonymous, as that is the best way to really combat a steady stream of bots.  The ones that are actually bad actors, are just going to create new bots on the fly, scrape your data, and use it for whatever purpose they so desire.  Once more people realize that, they will make more demands, once they see that banning a bot will be useless as bots are created so easily, they will make further demands on top of that.  What we are cheering on, in the sake of anonymity, may be in fact be what leads to us losing our anonymity.  

In the states we already have examples of companies having to bend to the will of our government to hand over personal information, which is just lovely, now isn't it?  Information to indict women who have wanted abortions in states that disallow it, with the current climate of our countries views on LGBT and especially as of late the "T" I worry about our future.  In my state this is especially a concern of mine.

  • Like 3
Link to comment
Share on other sites

Just now, Istelathis said:

I have a feeling that all of this  is going to lead to SL in general becoming less anonymous, as that is the best way to really combat a steady stream of bots.

I may be reading too much into your statement, but: Removing the motivation for "bad actors" to scrape and sell information would definitely have a chilling effect on whatever their motive is (whether profit, shenanigans, or "because we can").

Link to comment
Share on other sites

Except they go on to say

Quote

Linden Lab cannot govern activities that happen outside of the Second Life platform. Where Residents determine violations happen outside of Second Life, such as when Personal Data is presented on third-party websites without their consent, multiple options are available.

 

So LL made it extremely clear they have NO interest in enforcing anything related to personal data. They recommend contacting legal authorities.

 

Again though, anything available within SL isn't personal data. By definition it's all anonymous or pseudonymous.

 

If, say, a website were to show your IP address and your physical address, your username and your legal name, or your username and enough descriptors to physically identify your natural body, those would all be violations of PII. There's no way to do that though with the information provided via the SL platform unless you, yourself, make that information public.

Link to comment
Share on other sites

  • Administrators

I would like to take a moment and remind everyone that taking personal jabs at other members of the community, including Lindens, is not appropriate. If you can not participate in the conversation in a manner that is both on topic, and constructive rather than just finger pointing and personal attacks, then I would encourage you to take a step back for a bit.

  • Like 6
  • Thanks 3
  • Haha 1
Link to comment
Share on other sites

2 minutes ago, Skyler Pancake said:

Except they go on to say

So LL made it extremely clear they have NO interest in enforcing anything related to personal data. They recommend contacting legal authorities.

 

Again though, anything available within SL isn't personal data. By definition it's all anonymous or pseudonymous.

 

If, say, a website were to show your IP address and your physical address, your username and your legal name, or your username and enough descriptors to physically identify your natural body, those would all be violations of PII. There's no way to do that though with the information provided via the SL platform unless you, yourself, make that information public.

 What LL can do, and I'd argue will do if the seriousness of the issue warrants it, is stop the data collection in-world.

Which is, in a broader sense, what they are doing with the new estate tool, and the restrictions applied to Belli.

Edited by Scylla Rhiadra
  • Like 3
Link to comment
Share on other sites

36 minutes ago, Istelathis said:

I have a feeling that all of this  is going to lead to SL in general becoming less anonymous, as that is the best way to really combat a steady stream of bots.

It's possible because unregistered bots or "a steady stream of bots" as you say could have a financial impact on the whole community.  That bot army someone might want costs server space but these bad actors don't care and want that server space for free.   Each bot should be paid for and registered with LL to avoid anyone making such an army.  

Edited by EliseAnne85
Link to comment
Share on other sites

3 minutes ago, Tommy Linden said:

I would like to take a moment and remind everyone that taking personal jabs at other members of the community, including Lindens, is not appropriate. If you can not participate in the conversation in a manner that is both on topic, and constructive rather than just finger pointing and personal attacks, then I would encourage you to take a step back for a bit.

Thanks, Tommy!

  • Like 1
Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 419 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...