Hello Everyone, I just checked, and messages you send in SL are sent across the internet as plain-text. I think this a huge privacy concern and should be dealt with as soon as possible. What does this mean for you? Well, you should just be very careful about what you share online. To reach a destination, messages on the internet pass through many checkpoints. For example, if you are playing SL on a Windows laptop, the message will go from your viewer, to your network adapter. Between these two checkpoints, any program on your computer has the opportunity to pick up plain-text in a message. The message will go from your network adapter, through the air to your router. (WiFi connections are encrypted thankfully, but if someone is spying on you, and can decrypt your WiFi connection then you're out of luck.) If you're playing SL from a public location, please be wary of two situations. 1) Someone with bad intentions could have a computer pretending to be a wireless hotspot and be routing everyones' data through his computer (man in the middle attack); or could just be monitoring messages being sent through the air. 2) The public access point may have the ability to log all messages being sent through it. From your router, the message will reach your Internet Service Provider (ISP). They may also log messages being sent and received. From your ISP, the message will be passed around by numerous routers that connect the internet together until they reach Second Life Servers. From the Second Life Servers, the message then makes its way to the person's computer you sent the message to, using the same steps that were taken from your computer, to Second Life's Servers. What Does This Mean For You TL;DR; : Someone who is recording peoples' internet connections might see your messages in his/her "bounty of snooped stuff" because Second Life does not encrypt (temporary change into giberish) messages while they are in transport. Some things to Consider: Since messages in SL are un-encrypted, be sure to never give out personally-identifiable information any more specific than what your IP address can give out, for your own safety. To see what information your IP gives out about you, visit an IP look-up website, or type in "my ip" into a search engine such as DDG. https://duckduckgo.com/?q=my+ip&t=ffsb&ia=answer I am aware that encrypting and decrypting messages uses some processing power, but all I'm suggesting is for some custom weak encryption to be implemented as to close the door to any general information snoopers. (Someone dedicating to snooping on SL communications would be difficult if not impossible to prevent.) But something is definitely better than nothing, even if the encryption protocol must be open source for viewers. Research: Community KB Article also notes that chat is not encrypted: https://community.secondlife.com/t5/English-Knowledge-Base/Text-chat-and-instant-messages/ta-p/700155#Section_.1.1 "Note: Text chat and instant messages are not encrypted." Other Things I Did: -Submitted a suggestion for messages to be encrypted. I hope there are others that share my views on the matter. I don't mean to instill fear into people, but these are just possibilities that can be easily prevented. Sincerely, -Alexloveshearts
Facebook
Instagram
Twitter
YouTube
Flickr