chardonay Babii
-
Posts
194 -
Joined
-
Last visited
Content Type
Forums
Blogs
Knowledge Base
Posts posted by chardonay Babii
-
-
7 hours ago, Snowglaze said:
i'm looking for horse avatars that don't cost much because i'm broke, and i found one that is cheap and looks like it might be good. but there are no reviews or anything on it, and you can't see the date that an item was uploaded. here is the item if anyone can help: https://marketplace.secondlife.com/p/AVATAR-horse-sculpt-black-horse-hair-white-just-wear/2539339
whenever i do get lindens, i don't want to waste L$300 on it if it's broken.
Option 1 If you buy cheap and it is crappy, drink more wine or beer and it will soon be the best one you ever bought for a while..
Option 2 save up and buy from a reputable known creator with a demo and you will love it for years.
-
Just on this, as annoyed as I am with the new ID requirement issue there may be other things to consider. Trump and friends have had a direct detrimental affect on my RL investments and employment and cost me plenty of money in the last few years too so I am a little empathetic here.
Additionally, job lay offs in industry affected by the trade war with China and other previous policies are affecting people I know and their spending habits particularly industry, mining and retail employees. A changing world economy since the GFC has had record low interest rates and slow economic growth worldwide. This in turn reduces disposable income people have. For most people spending money on a recreational video game is a luxury after household expenses and living costs are paid. Maybe I am wrong but LL might be really feeling the pinch here and are trying things to fill the shortfall even though they may not want to.
Basic accounts rely on the owners purchasing and using currency in the economy and from my experience quite a few spend sparingly or never do, so unless they are creators that sell products that LL get a commission cut from or spend money they would be a liability the company has to pay for.
-
1
-
1
-
-
On 8/14/2019 at 12:40 AM, Rhonda Huntress said:
Someone probably got tired of cleaning up a flame war. I don't know the specifics but I do remember that thread turned nasty more then a few times.
I started one of those and understand much more about gender related issues now than when it began in 2016. I thought for some of the participants and particularly those that shared sensitive and honest info about themselves at that time that disappearing into the land of deleted threads couldn't hurt as it may cause issues RL in some cases particularly if a family member reads it with no prior knowledge of the authors' situation. Mostly it was well behaved, honest and heartfelt by people feeling conflicted by their birth sex vs the gender they feel they are. I was trying to protect all concerned as it was a response to my frustration of stereotyping however the thread evolved into something beyond my original intention.
-
On 8/9/2019 at 12:40 AM, Lindal Kidd said:
Giving awayg $L or not, going down to Basic or deleting everything and walking away forever, THIS is the sort of farewell post we ought to get more often.
It's a welcome change from the usual "I QUIT!" rants, where the first responseons are "Can I have your stuff?" and "Don't let the door hit you in the butt on the way out."
Thanks, Summer.
Anyone leaving now is bad news with all the empty sims. If us long term players are leaving there must be something amis. To have an account, the memories and the relationships that go with that main account ended it’s a big deal after such a long time particularly if used regularly like mine was, and to a degree forms part of my identity and contains years of creation work. I’m sad about it, I always thought they would unplug SL before I left and moved on. I’m just making a few last posts as it helps with the sadness.
-
1 hour ago, Mollymews said:
concentrating on obtaining a university degree is a good use of time. I wish you all the best in doing this
SL is a good procrastination tool that has proven so far invaluable to avoid doing tasks like reading boring texts I must do lol. Like the reading I must do now.
-
Mine will be ending after 12 years before the end of this week and I will concentrate on my Uni degree without a computer game distraction
-
1
-
-
Problem fixed, everything in my MP stores is $0L now....
-
1
-
-
15 hours ago, Bradford Mint said:
Well there's not really going to be much in there that's not pretty much industry standard, that is to say there's a database of our data, enciphered with an appropriate symmetric cryptographic algorithm (Likely AES256), where the key is protected by an asymmetric key pair of a modern algorithm (probably an elliptic curve), where the private key was generated in an HSM (Hardware Security Module), where the HSM may or may not be FIPS-140-2 (or now possibly even level 3) validated. All of this is pretty run of the mill for military, government, financial services.
Access to the data centre itself should be mandating multifactor authentication and likewise they mention logical system access via multifactor tokens and also a large part of the overall security will be implemented not only by technical constraints but also by policy and procedure. Again, all standard operating practice for this sort of scenario.
So just to throw some darts at the board...
"Our engineers created a new “personal information vault” project. This vault uses modern algorithms to encrypt sensitive information in a way that would require both enormous computing power and an enormous amount of memory for an attacker to crack… if they could even get a copy of the encrypted data."
We're using standard AES256 cipher for block encryption and Elliptic Curve cipher for the Asymmetric key. Private key marked as non exportable and held in an HSM.
"And all of this new encryption is wrapped around the encryption we already used - encryption which was the industry standard at the time."
Yeah, that's the "We already encrypted the database with standard ciphers such as AES256 but in SL we only stored the key in software".
"These are entire new layers using encryption technologies which didn’t exist when Second Life was new. "
Well hmm... https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
History
The use of elliptic curves in cryptography was suggested independently by Neal Koblitz[7] and Victor S. Miller[8] in 1985. Elliptic curve cryptography algorithms entered wide use in 2004 to 2005.
"Even after all of these changes, the old protection remains in place at the bottom of that stack. Figuratively speaking, we locked the old vault inside a bigger, stronger vault. We chose an approach where we didn’t need to decrypt information in order to enhance your protection. "
This is consistent in my mind as to "vault within a vault" being an encrypted database with a better protection for the block cipher key. No need to decrypt what was already there, just provide stronger key protection, the symmetric block cipher key remained the same.
"There is another key part of this project: Our storage mechanisms for sensitive customer information are now isolated from Second Life. The information isn’t stored at the same physical location anymore, and hasn’t been for a while. But the difference is more than physical. "
Means "We had to buy a bigger USB stick to throw it across the room"
"Second Life’s servers do not have direct access to Tilia information that isn’t required for daily Second Life usage. Even developers who have worked at the company for a dozen years - developers who have full access to every last Second Life server - do not have access to the servers that store and protect the most sensitive information. A policy of least privilege means fewer opportunities for mistakes. "
Did those developers EVER have full access to our data and if so why? That should never have been a requirement. Even in the case of development, that should be on a development environment without live data, the live data shouldn't ever be accessible - period!
"This means that compromising one database inside of Tilia is insufficient to decrypt and correlate sensitive data without compromising a different service."
A segmented architecture, multiple databases, each with its own symmetric key, protected by own key pair thus would require compromise of multiple keys/systems, yes normal stuff here.
"We have deployed numerous commercial products which help monitor for access, abuse, or data copying attempts for data that is made available to Tillia employees. This means that even an attacker with all employee access credentials, access to employee multifactor authentication tokens, and all Tilia access permissions would still face some challenges in avoiding early detection. "
We've installed Splunk because it's free! Joking aside, they've deployed one or more SIEMs (Security Information and Event Management software) and some IDS (Intrusion Detection System) software to monitor along with probably some agent based software to monitor PC behaviour and possibly thrown in some CASB (Cloud Access Security Broker) software just for fun.
What I haven't seen is any mention of how they'd handle the situation where a family member or two is kidnapped and the attackers have set up a live feed of the electric drill being held to the eyeball of the staff members youngest child. Which when the prize is rich enough is the upgraded version of:-
Overall, what Soft Linden describes and what I believe (I also believe in aliens), is distilable to pretty much standard good operating practice for the service being operated.
There are also existing services which allow a user to scan government documents, take a selfie, have that validated and a confidence factor returned to the calling service. No data is stored, there's no need once the ID result is validated. I'd be curious to know why LL hasn't gone down this route.
I note that Soft Linden didn't explicity call out blockchain anywhere but they may or may not be playing with that too, because some people feel it's trendy!
All of the above is based upon supposition and interpretation of the end user facing blurb posted below and I have no further insight other than the ability to read and interpret based upon experience.
In that the official thread is closed to questions I'd love these concerns addressed.
Assuming data encryption makes data theft impossible as stated what happens in the event of the following..
Regarding providing my Australian government document with a photo ID-
What guarantee is there the subsidiary company will not be sold off or end up in the hands of another owner that can change the TOS as stated in the TIia TOS the company can do. To what extent is the subsequent owner of the company at liberty to to protect and not sell my data?
In the event the US government changes privacy laws and can force the owner of Tilia to hand over my data what protection is in place to stop the US govt from building a personal profile on non US citizens using the supplied sensitive dcument/s?
Similar questions in the event of a court order to supply data during an investigation?
-
1
-
-
1 hour ago, Selene Gregoire said:
There were also instructions for those who can not obtain a government issued ID to contact LL so they can tell you what you need to do. It may have even said to file a support ticket.
You seemed determined to leave SL over something LL has no control over so there's no point in saying anything more. It's not my job to convince people to stay and LL sucks at retention so, there you are. Where you go from here is up to you.
Thanks anyway. I love SL and don’t really want to leave. The reason I stay is creating and my inworld businesses. Financially I don’t need revenue from SL sales, it’s more the spirit of it that is challenging future participation.
.
-
2 hours ago, Selene Gregoire said:
Doesn't matter where the customer lives, companies have to abide by the laws of the country in which they are domiciled. Whether you like it or not. All countries are that way, including Australia.
Yeah I know it sucks for all concerned.
Sorry for being the fun police in this thread.
Will Residents outside the U.S. still need to provide verification or ID for credit processing transactions?
Yes, anyone who processes credit will need to present a government-issued ID. <- There is zero chance of this happening with photo ID or not -
4 minutes ago, kiramanell said:
I have to agree with you. Kinda like the whole situation with Hangars Liquides. Not exactly the same, of course; but just saying LL getting a stricter in many areas concerning RL money, are mostly simply the result of outside regulators (like IRS, international anti-money laundering efforts) exerting pressure on them (the kind you can't make go away). I think it's fair to say LL wants all your monies, without stressing ppl out, or frustrating them unnecessarily. But I don't think they really have much of a choice here.
SL has been fun but since I wont accept the TOS as it stands even if it is because of US law, I cant justify selling my SL creations for profit if there is no avenue for exchange into my bank account or Paypal. I might list both stores products for free in fairness to my customers.
-
23 minutes ago, Selene Gregoire said:
The US laws have changed since 2007. LL must have the info in order to comply with the federal statutes. If not then either you aren't allowed to withdraw funds or LL has to shut the ability to withdraw down for everyone if they fail to comply. Since LL is domiciled in the US, there is no way around the changes in the law.
I’m an Australian and the US can keep their law.
Maybe they they should provide me the same personal information they want from me for a transaction when I buy Linden’s..
-
1
-
-
5 hours ago, Lindal Kidd said:
You ought to compare the "ridiculous" Tilia ToS with the Second Life ToS you signed when you arrived. They're pretty much identical.
Except in 2007 there was no requirement to provide a document with my home address, a social security card or similar, just a name and means to deposit money such as a CC or later PayPal.
-
1
-
-
3 hours ago, Selene Gregoire said:
If you never cash out you never have to agree to the Tilia terms. It is that simple. I never cash out and didn't have to agree. Of course, I'm the one that brought up the fact that the way they were doing things was coercion and they did back track on making everyone agree when they realized I knew wtf I was talking about. They know they would lose in court which is exactly where they were going to find themselves if they had persisted.
I tried to cash out to PayPal yesterday and had to agree to the TOS first. I do or used to cash out due to having two smaller SL businesses for years.
-
I’m thinking the same thing ATM, can’t get the cash out so I might as well give it to a charity inworld that goes to a RL need. Any suggestions?
-
4 hours ago, Wulfie Reanimator said:
Stop it with the knee-jerk reactions. Act rational and read.
Think about it, multinational companies worth billions and governments struggle to stop hackers stealing info and selling it on the dark web. Do you want to take that risk and trust this company can protect all your sensitive RL info to collect a few Lindens from a content creating business? I wouldn’t do it for a thousand bucks, I’d leave it in there. FYI I read the terms and privacy policy. That’s the contract terms I would have to agree to but won’t do. It’s not a knee jerk reaction it’s experience. Once bitten twice shy. The Tilia team say they have good intentions but sorry guys for me the risk outweighs the potential benefit.
-
1
-
1
-
-
On 7/15/2019 at 1:54 PM, CheriColette said:
Is that in Firestorm Chardonay? Can you explain where to find it so I can disable it too, please.
In your Debug Settings
Advanced>DebugSettings
NoInventoryLibrary=true
Set the above value to true and your inventory will not load, reset to false when you want to use any items in the inventory.
-
2
-
-
From my understanding of contract law I am bound by the original TOS conditions I agreed to in 2007 and that didn't require the sort of imposing additional information LL wants now for a process credit payment. I hope one of the bigger SL businesses takes LL to court over this as they are trapping everyone's money and holding it to ransom for the sort of personal ID data that can be compromised and used for identity theft and fraudulent financial transactions needlessly. The original TOS is what I agreed to and I'm not giving them my birthday, home address, photo, phone number and documents for what they are proposing. Maybe they can keep their game and I will do something else with my time and join everyone else on the way out..
-
1
-
1
-
-
On 6/22/2019 at 2:36 PM, LittleMe Jewell said:
That isn't a rental though -- those are the Linden Home houseboats
yeah that's why i never rent anything i dont have land rights for if I can help it. being able to return, ban etc is too good.
-
Do one of two things
1. Ignore and wait for it to go away it because rentals usually dont last long.
2. Rez a cube on your side and hide it then put a picture on it you like.
Usually it isn't worth fussing over..
-
If it involves nudity I usually do that somewhere nobody can see for the sake of other users.
For clothing sometimes I’ll try it on in store by removing the body first then putting back on when covered with the demo. For hair snd anything external there is no problem anywhere.
One thing I do is use the Firestorm camera controls to remember where the vender is so I dont lose it in a big store in case I want to buy it. It’s so easy to lose where the item was checking out the demo I have on.
-
What i do is firstly don’t load the SL library in my viewers by disabling it jn settings. That alone gets rid if heaps of useless junk.
Usually I just make a few folders to find in search HAIR- with sub categories of creator to put purchases into.
Landscaping- folder has everything I bought for filling vacant land when renting.
With all these new mesh body parts I have to constantly find appliers and huds I bought for a great solution is a folder named two unusual keys together not used by many people.
==Mesh head-Catwa (all associated apliers and heads go in here).
==Mesh bodies
== Other mesh parts
that way when I want one of those things I type == in the search bar and those are the only results in my inventory.
As for the rest of the inv I remember what I need to and the rest doesnt matter.
I’m very fussy about the things I buy so lots of stuff ends up in the trash and I keep the best quality only in a few folders.
There’s no point organizing junk..
-
1
-
-
Feel free to say hi if you see me online, I’m always up for a chat with someone.
-
1
-
-
Noobs with bad avis and free sex bits.
Vampires.
Goreans.
Furries.
People that wont improve their avatar beyond stock Linden.
Griefers.
Tossers in general same as RL.
Facebook
Instagram
Twitter
YouTube
Flickr
LINDEN RESEARCH, INC. TO BE ACQUIRED
in General Discussion Forum
Posted · Edited by chardonay Babii
........