New Feature: Scripted Agent Estate Access Discussion

[Scylla Rhiadra]

Ewwwwwwwwwwwwwwwwwwww

🤢

[Istelathis]

@Scylla RhiadraThankfully, at this point in time the resources to do so at a massive scale are beyond the budget of most people.  In the future, I imagine it will not be though, which is indeed pretty scary.  I've long wondered how long we can hold on to our own privacy when we have reached the technological capacity to build a virus from the comfort of our own homes using sophisticated AI.  The conclusion I arrived at, was that most people would be demanding that we lose it entirely, such is the consequence unfortunately.

The entire legal system of our country needs to take into account the privacy we have from one another though, which is sorely lacking at this time.  I just hope, that we do take the steps necessary to prevent it from being completely stripped away and that we all are wandering around with all of our data just up for grabs (at a price of course).  Just imagine living in an AR which displayed our likes, our dislikes, our hobbies, address, phone number, the websites we frequent.. what an absolute nightmare.

Stalking people and doxing them should not be legal, not from my own ethical standing.. regardless we all know the road this leads down to, people yelling their free speech is being intruded upon while placing the wellbeing of others in jeopardy..  

[Rowan Amore]

46 minutes ago, Scylla Rhiadra said:

The punishment for "not being sufficiently careful" should not be the loss of one's RL job, the end of one's marriage, etc.

And how "careful" is sufficiently careful? I know of a trans rights activist who was hounded out of her RL home, and then doxxed at the hotel at which she'd taken refuge because someone was able to use Google and other resources to identify the linen pattern of the bed sheets in a pic she took.

I think you are badly underestimating the ability of a really dogged pursuer to connect the dots, especially when they have at their disposal a really large database. And AI is only going to make that a LOT easier.

The bots issue is not about someone reading your profile, or your picks. It's about building really large and comprehensive databases that can be analyzed in ways using algorithms that are vastly more powerful than the kind of scrutiny that a mere human might bring to bear on them.

Not sure what else you expect LL to do about it.  The put in the new policy, which has no teeth, and still leaves the responsibility up to the user IF they find their SL info out on the web somewhere.   The way I see it, unless the person behind the data scraping unregistered agents makes their website and RL self known, we're worse off than we were before.  We can't do anything and LL can't do anything if we don't know it's there.  For all we know, there is already a site exactly like BB.  

[Scylla Rhiadra]

1 minute ago, Istelathis said:

Thankfully, at this point in time the resources to do so at a massive scale are beyond the budget of most people.

I think, in terms of the new bots and private information policies, that LL did the smart thing here -- they got in front of what they recognized could well become a really intractable and difficult problem.

None of the bot projects that I know about, including even the one that has everyone so excited, is really "malicious." I think some of them are intrusive as hell, but they are mostly "well meaning."

But what they have demonstrated is what can be done by someone with bad intentions, employing some of these same methodologies and approaches. And so LL moved proactively to anticipate that kind of development.

And while you're probably right that a really scary data-based attack on SL accounts is likely not feasible without the expenditure of a lot of resources and time right now, that's going to change. It is changing. People are already starting to utilize ChatGPT in-world.

So, it's good to have at least some tools in place to discourage that, and that are available to combat it should it occur.

[Scylla Rhiadra]

2 minutes ago, Rowan Amore said:

Not sure what else you expect LL to do about it.  The put in the new policy, which has no teeth, and still leaves the responsibility up to the user IF they find their SL info out on the web somewhere.   The way I see it, unless the person behind the data scraping unregistered agents makes their website and RL self known, we're worse off than we were before.  We can't do anything and LL can't do anything if we don't know it's there.  For all we know, there is already a site exactly like BB.  

Rowan, this is the counsel of despair. And it makes no sense that not putting constraints in place is "better" than having some: the former simply means that anyone can be a bad actor with impunity. It really is like saying that bad guys will always have guns, and will kill people, so why bother with regulating them at all?

The new guidelines and tools are definitely not, in and of themselves, sufficient. We've been talking in this thread about ways they might be improved and supplemented. But they do empower LL to take action where they see a threat. And I suspect their ability to detect data-scraping operations -- involving the deployment of particular kinds of scripts in particular contexts -- are more robust than we may know.

And, finally, we have proof of the efficacy of LL's approach. Why do you think that the most intrusive and objectionable elements of that  bot-driven web site are gone? Because they just decided they didn't want to feature these things anymore?

[Love Zhaoying]

3 minutes ago, Scylla Rhiadra said:

And, finally, we have proof of the efficacy of LL's approach. Why do you think that the most intrusive and objectionable elements of that  bot-driven web site are gone? Because they just decided they didn't want to feature these things anymore?

At the same time, "free publicity" is priceless.

[Rowan Amore]

15 minutes ago, Scylla Rhiadra said:

And it makes no sense that not putting constraints in place is "better" than having some: the former simply means that anyone can be a bad actor with impunity. It really is like saying that bad guys will always have guns, and will kill people, so why bother with regulating them at all?

What it does is lull people into a false sense of security.  Your profile and avatar info are no safer today than they were before the new policy.  And...the bad guys will always have guns.  Didn't say we shouldn't have regulations but in LL's case, it's just words.

15 minutes ago, Scylla Rhiadra said:

And, finally, we have proof of the efficacy of LL's approach. Why do you think that the most intrusive and objectionable elements of that  bot-driven web site are gone? Because they just decided they didn't want to feature these things anymore?

The one and only reason anything changed on that website is because people knew about it.  They outed themselves, so to speak.  They named all.their bots the same.  People noticed.  The next batch of unregistered agents knows to be more careful.

Edited April 7, 2023 by Rowan Amore

[Caeruleiae]

1 hour ago, Scylla Rhiadra said:

The punishment for "not being sufficiently careful" should not be the loss of one's RL job, the end of one's marriage, etc

Where did you get the idea I thought it should? It's a consequence of not being careful separating your online self from your real life self-or at least not separating them enough. It's not a consequence I think everyone should suffer-but it is one people have a lot more control over not experiencing than they think.

1 hour ago, Scylla Rhiadra said:

And how "careful" is sufficiently careful?

This depends entirely on the person. There is no all encompassing blanket answer to that question. How I or anyone else chooses to protect our selves and our information may not be the same as someone else.

1 hour ago, Scylla Rhiadra said:

I know of a trans rights activist who was hounded out of her RL home, and then doxxed at the hotel at which she'd taken refuge because someone was able to use Google and other resources to identify the linen pattern of the bed sheets in a pic she took.

This horrible and I am very sorry for this person. However-and I hate to say it this way because it's going to sound awful despite being truthful-taking that picture and putting it in a place where someone else can actually find you is dangerous. Did this person deserve what happened to them because of it? Not even in the slightest-it's horrible. Is the person who ultimately doxxed this person responsible for their own actions? Absolutely they are-again what they did is horrible. That person isn't the one that left the breadcrumb though. I know how it sounds-as if I am saying that person is responsible for themselves being doxxed-I'd like to say that isn't what I am saying-unfortunately though it is. They are not responsible for the doxxing-they are merely responsible for the breadcrumb. Leaving those breadcrumbs doesn't give anyone else any right to harm another person-at all. It still is our responsibility to protect ourselves though-as this person found out-there are bad people in the world who will use those openings we leave even if we think we don't to do bad things. 

1 hour ago, Scylla Rhiadra said:

I think you are badly underestimating the ability of a really dogged pursuer to connect the dots, especially when they have at their disposal a really large database. And AI is only going to make that a LOT easier.

I am not underestimating anything. I think you're misunderstanding what I am saying. I am literally saying that it is very easy-not at all as technical and difficult as people might think-for those bad people to do bad things with the breadcrumbs we leave. It's extremely easy actually. I can even tell you-without a doubt-my particular position within my company and my responsibilities places me in a position that if I were one of those bad people-I could very easily do it too. I wouldn't because I'm not that kind of person. I know exactly how easy it is for them to accomplish what they want-and just how bad what they may want to can be. It's a dangerous thing being a human being in this day and age.

[Caeruleiae]

1 hour ago, Arielle Popstar said:

For the rest we seem to agree except for the aspect of the degree of responsibility LL has in keeping the data within S/L safe from being published on the Net.

It's not that I think they have no or even super limited responsibility. What I mean is that they should do all they can because of the responsibility they do have-but there are limits to what they can do generally speaking. The responsibility is there and should be respected-I think they are doing the best they can with that and can hopefully even improve in the future. I just know where their responsibility ends due to capability-lack thereof- rather than just desiring not to meet it.  We are probably saying the same thing-in different ways. 

[Istelathis]

25 minutes ago, Scylla Rhiadra said:

None of the bot projects that I know about, including even the one that has everyone so excited, is really "malicious." I think some of them are intrusive as hell, but they are mostly "well meaning."

My thoughts as well, especially the ones who remained as transparent as possible.  I never thought BB was trying to be malicious, I thought providing the profiles of users online was a bit unwise, but not of ill intention.

[benchthis]

38 minutes ago, Istelathis said:

The entire legal system of our country needs to take into account the privacy we have from one another though, which is sorely lacking at this time. 

Just like big tobacco, back when cartoons were happily smoking. Legal systems said that was fine for a long time, because they were paying donating for political protection. The systems are not built to protect the people, they are built to protect the products. 

[benchthis]

9 minutes ago, Istelathis said:

My thoughts as well, especially the ones who remained as transparent as possible.  I never thought BB was trying to be malicious, I thought providing the profiles of users online was a bit unwise, but not of ill intention.

usually people don't build those sorts of things to be nice. 

[Jennifer Boyle]

I am not going to try to respond individually to the recent multiple very articulate, cogent posts individually. Instead, I'm going to make some comments that I think are relevant.

First, all information that is passively available publicly about anyone's avatar in SL can be harvested. Period. The only information that that is even relatively "safe" is information that one has to actively share. Obviously, we couldn't have the second life that we have without considerable information being publicly available about avatars. Therefore, there is a lot of information that we need to make available, and that information will be harvested, for good or ill, because it can be.

It seems to me that the measures that have been taken so far and that may be taken in the future to restrict registered scripted agents' activities are pointless because registered scripted agents are not necessary to the data collection enterprise. Profile information is going to be available to whomever wants to collect it and has the skills. Collection of additional information, e.g., attachments, location at a particular time, etc., can just as easily, perhaps just not as efficiently, be done by stationary scripted objects or scripted objects worn by avatars. I can envision an entrepreneur providing a script, instructing people to create an object with a random name of their choice and put the script into it, and paying them to wear the object. They could have an army of avatars collecting data, and no one would be the wiser. They could even pay them a piecework rate to encourage them to move around and encounter lots of avatars. The only way to prevent this is to remove funtionality from lsl, breaking existing content, and depriving us of future creations that would have made our SLs better. This scenario is possible even in the absence of unregistered scripted agents, and who is naive enough to think that the actual bad actors who intend to use information to harm people would register theirs?

I do think LL could and should do a better job of informing people about what information that is not on the public tabs of their profiles is accessible to scripts. Currently, I don't know of any way of finding that out other than looking it up in the lsl Portal, which the average user cannot be expected to do, and is quite laborious if one does not already know which functions to read about.

The bottom line is that everyone should assume at everything in their profiles and everything about their avatars that can be accessed by scripts will be in a database somewhere. Each person must decide if what they get from SL is worth whatever risks are associated with that for them.

 

 

[Arielle Popstar]

30 minutes ago, Jennifer Boyle said:

The only way to prevent this is to remove funtionality from lsl, breaking existing content, and depriving us of future creations that would have made our SLs better.

So here it comes to the crux of the matter. Should SL leave vulnerabilities in place for the sake of not breaking existing content and/or the potential future creations that might result from them? LL would certainly not be the first to have to roll back features because they wound up exposing security issues. Justifying the leaving them in place for the dubious benefit of content that relies on it seems a slippery slope and one sure to have future ramifications.

[Innula Zenovka]

31 minutes ago, Arielle Popstar said:

So here it comes to the crux of the matter. Should SL leave vulnerabilities in place for the sake of not breaking existing content and/or the potential future creations that might result from them? LL would certainly not be the first to have to roll back features because they wound up exposing security issues. Justifying the leaving them in place for the dubious benefit of content that relies on it seems a slippery slope and one sure to have future ramifications.

However, since rolling back these features would involve breaking what's been one of the most fundamental and important functions available to scripters ever since I started in 2007 -- llGetObjectDetails --  thus stopping no end of scripted objects from working, I can't see it happening.

[Jennifer Boyle]

51 minutes ago, Arielle Popstar said:

So here it comes to the crux of the matter. Should SL leave vulnerabilities in place for the sake of not breaking existing content and/or the potential future creations that might result from them? LL would certainly not be the first to have to roll back features because they wound up exposing security issues. Justifying the leaving them in place for the dubious benefit of content that relies on it seems a slippery slope and one sure to have future ramifications.

It is in the eye of the beholder whether or not they are vulnerabilities. In addition, there are always trade-offs between desirable functionality and security. We usually accept something less than ultimate security as a trade-off for desired functionality. After all, the ultimate security is an air-gapped computer in a windowless room. It has great security, but it isn't worth much for most things we want to do. For sure, if you restrict your computer activities to that, bonniebots won't be a problem!

[EliseAnne85]

2 hours ago, Jennifer Boyle said:

The only way to prevent this is to remove funtionality from lsl, breaking existing content, and depriving us of future creations that would have made our SLs better. 

Okay, say the lsl script for data collection is gone, which it should be because any and all harvesting could contain our own personal artworks or writings (poems, lyrics) which may be copyright protected, how would this particular script have made our lives better?  

Let me just give an example:  Let's say my profile has original artworks by me and poems written by me.  How would the harvesting and third party publishing of those I put on a SL inworld profile make our SL's better?

Edited April 8, 2023 by EliseAnne85

[Scylla Rhiadra]

3 hours ago, Rowan Amore said:

What it does is lull people into a false sense of security.

Do seat belts lull people into a false sense of security? Vaccines? The existence of laws against violence or fraud?

Clearly, this is a complicated issue, and no single solution is going to solve it. I've argued from the beginning that we can't, and shouldn't, rely on code for a solution to very human problems. There are lots of moving pieces here, and absolutely being cautious about what goes into one's profile is part of that.

But the data currently being collected isn't just from profiles. It's what you're wearing. It's where you are, and the time you were there. It's whether or not you are logged in, and when the last time you were online was. In the case of one commercially available HUD -- also now a "scripted agent" -- it's the pattern of your log-ins. And it's potentially, if the data is deep enough and analyzed in particular ways, who you were with.

How much of your behaviour should you modify or even abandon to "stay safe"? How much of your SL do you think you should give up?

Edited April 8, 2023 by Scylla Rhiadra

[Love Zhaoying]

1 hour ago, Innula Zenovka said:

However, since rolling back these features would involve breaking what's been one of the most fundamental and important functions available to scripters ever since I started in 2007 -- llGetObjectDetails --  thus stopping no end of scripted objects from working, I can't see it happening.

..personally, I've not needed to use that function. And I also started in 2007.

[elleevelyn]

4 hours ago, Scylla Rhiadra said:

it makes no sense that not putting constraints in place is "better" than having some: t

i agree. Is better to make some effort to combat bad behaviour than it is to do nothing

as an aside

a thing about bot runners is that their bots exhibit common trait behaviour (patterns). Behavioural patterns based on the task(s) the bot is to perform. And in this, bots are as predictable (if not more so) as human actors

for sure some bot runners can take it as a challenge to disguise the behavioural patterns exhibited by their bots, but any site security manager, who knows their stuff, will defeat such a bot runner should the site owner dedicate the resources to do so. Resources which also include changes to Terms of Service

[EliseAnne85]

4 minutes ago, Love Zhaoying said:

..personally, I've not needed to use that function. And I also started in 2007.

I'm not sure how much I've used that either but I have some.  I make mostly items without HUDS because it's furniture.  I'm not sure if that's a HUD thing or not.

The only way to fight it then would be counter bots looking for bots and reading what objects they are trying to get details about.

Talk about painting ourselves into a corner.

[Love Zhaoying]

Some scripted agent operators will see these changes as a challenge. I think, maybe, it's tempting to almost feel sorry for those who cannot comprehend and follow the guidelines. 

I am rooting for Linden Lab, and the forces of Good!

[Scylla Rhiadra]

2 minutes ago, elleevelyn said:

a thing about bot runners is that their bots exhibit common trait behaviour (patterns). Behavioural patterns based on the task(s) the bot is to perform. And in this, bots are as predictable (if not more so) as human actors

for sure some bot runners can take it as a challenge to disguise the behavioural patterns exhibited by their bots, but any site security manager, who knows their stuff, will defeat such a bot runner should the site owner dedicate the resources to do so. Resources which also include changes to Terms of Service

I don't have the required expertise, or knowledge of the sorts of tools that LL has at its disposal, to argue conclusively that they can, if they wish, identify unregistered bots by their behaviours.

But I think you're right, overall: you'd have to make a real effort to conceal or mask those behaviours. That would include such things as their movement around the grid, their activities, the scripts they are running, the viewer they are using, perhaps common IP addresses -- I'm sure there's a whole range of things that, together, could be of assistance in identifying bots. I also assume that, if LL is asking us to AR suspected unregistered bots, they have some confidence in their ability to be able to identify them as such.

But that, of course, is not the same thing as proactively sweeping the grid looking for them. That, I suspect, would be unnecessary, and would necessarily increase the number of possible "false positives."

[Coffee Pancake]

@Sid Nagy

[Rowan Amore]

24 minutes ago, Scylla Rhiadra said:

How much of your behaviour should you modify or even abandon to "stay safe"? How much of your SL do you think you should give up?

The only behavior I'd say needs to be modified is any behavior that could link your SL to your RL.  I often go to some very questionable places because I'm curious like that.  I don't for one second worry about someone knowing my avatar is there.

As has been already mentioned, there is no way to keep someone from keeping track.of any of this information.  The onus is on you (collectively) to ensure a clear division between RL and SL.

It's not as if we all don't already know this.  The internet didn't sprout up yesterday.