Jump to content

Kathrine Jansma

Resident
  • Posts

    186
  • Joined

  • Last visited

Everything posted by Kathrine Jansma

  1. At least for privately owned regions it would be nice to pick if the owner could select a preferred location in Europe, Singapore, US, etc. that handles voice for that region. That could make a world of difference in latency for regions on the other side of the Atlantic or Pacific. Like a European user typically has 100-150ms latency to AWS East, so bouncing traffic of a MCU there would get a minimum of 200-300ms, which is noticeable. But putting it to e.g. Amsterdam or Frankfurt would slash that to 20-30ms.
  2. Are you considering to put some of those WebRTC MCUs in differently geolocated AWS regions? Like elect a preferred MCU based on the attending crowds geolocation to minimize average latency for them?
  3. Depends. The age verification built into the modern german eID card (Personalausweis) is actually quite sound and well done and pretty secure and can even keep your identity mostly hidden while verifying your age. But the regulatory requirements to use that function are so hilariously high and badly done that next to no one uses it.
  4. Yes. Thats totally true. Archeologists and coroners have that problem all the time. There is no 100% certainity anywhere. Anyone that demands it has no clue. But you can assert it with some confidence. And the confidence rises with the amount and quality of evidence you can show. In the end it is all a matter of due diligence and cover your ass compliance policies. In some jurisdictions there is some legal fiction that claims something is asserted as true once you did some specific legal procedures. But for PIOF the confidence is basically close to zero, as we do not have a statistical distribution of payment methods used on SL. So it could be anything between 100% no age limit credit card and 100% Paypal. Tillia/Linden Labs could assert more, as they know the actual payment info on file.
  5. No. You want to make an assertion about a users age via a proxy. In the end the requirement is similar to the Identity Proving process in NIST SP 800.63A (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63A-4.ipd.pdf), so read through it for a glimpse at the complexities involved. You need to make an assertion about a persons birth date/year. Or more precisely you need to establish the person is of legal age. Thats hard even if the person stands right in front of you! You can use x-rays etc. to check for signs of age. So you defer the problem to some "authority" that keeps records and issues documents that list the age of birth or age. Now you have the problem to link that document securely to the person in front of you. Often with the help of a photo on the card. Now you make the assumption that some form of payment option is only available to a person that identified via some document to some payment provider. It is usually true, that the payment provider properly identified the person, due to money laundering laws. But unless you know the exact terms of service of the provider used, you cannot infer if this asserts a certain age. So you would need to review the terms of service of all the payment providers listed at https://community.secondlife.com/knowledgebase/english/billing-r11/#Section__3 For some services a quick look shows a minimum age of 18 (e.g. paypal, skrill), but US credit card companies have far lower ages listed (e.g. https://upgradedpoints.com/credit-cards/authorized-user-minimum-age/ ), some list no minimum age at all. As you cannot determine which payment service is used, it could be paypal or some credit card with no minimum age. So you cannot use PIOF as a reliable way to assert legal age. Q.E.D.
  6. It is not so outlandish for iGPUs like non-gaming notebooks. I frequently use 64m on my lowly Lenovo T14 with AMD Ryzen 5 PRO 4650U with Radeon Graphics with an attached 2560x1200 screen (and VRAM overriden to be 4GB of the 32 GB installed). Thats still pretty much crap, but better than nothing. With 256m it becomes a full bad slideshow.
  7. Try googling for bra + pocket, there are actually a few products that do exactly that.
  8. I would consider it good for the price point. It is a bit hard to find exactly this model reviewed, as HP makes dozends of variants of the machine. This seems to be the model you have there: https://laptopmedia.com/laptop-specs/hp-victus-15-1202/ The screen and keyboard seem to be the weak spots, but that is pretty typical in this price range i would say. In a pinch you can always plug in a better external screen and keyboard when it matters. According to the HP website and tests it has two SO-DIMM RAM sockets and a slot for standard SSDs, so in theory you could upgrade it later, but 2TB/64GB is already the maximum supported and buying a cheaper model with 32 GB and upgrading looks more expensive. But you could do it if you have to save 100$ now and can spend 150$ for an upgrade later.
  9. In the end, it is your preferences and budget that shape the best solution. The various components involved in a laptop are always tradeoffs between weight, heat, price and performance. Those need to be compared to your needs, like size, in general smaller means slower and/or more expensive. If you want top performance in a 13" laptop, you pay a premium compared to larger ones like 15.6" or 17.3". So you must decide how large/heavy you are going in sacrifice for other desirable properties. Then you mention screens, FHD screens like 1920x1080 or similar have far less pixels than a 4k screen. So you need a smaller GPU to have good results. If you go from FHD to 4k you would need a (simplified) roughly 4x as powerful GPU for same results, as you need to render more pixels. Its not actually that bad, but higher resolution means you need more punch from the GPU. So pick your sacrifice. If you absolutely love crisp sharp 4k displays, your GPU performance will be lower, but you might be happier. If you love to have higher FPS you might prefer FHD and a 144, 165, 200 or whatever high Hz display. And if you have a docking station and/or some external screen attached the laptop screen might not matter at all. So you must decide whats important for you. Same with RAM. I tend to get as much RAM as i can. But for most people 16 GB or 32 GB is good enough, so the majority of middle class laptops are sold with one of those amounts today. For graphics work, software development or other memory hungry things, more is better of course, so the uptick for 64-GB is worth it, especially as many newer, especially small laptops have RAM soldered onto the motherboard, which is faster and smaller, but makes upgrading later impossible. Some, especially larger laptops still allow to install more RAM later, but that seems to be rare. So if you want to just run SL 16 GB might be okay. If you'd like to run SL and something else in parallel, e.g. photoshop or so, you want more, like 32-GB or 64-GB. SSDs tend to be mostly no brainers today, as the price dropped enough. 512 GB is pretty small, 1 TB tends to be enough for most. In a pinch you can always buy some external SSD with fast USB to carry more data. So unless you know you need vast amounts of space for video editing or similar, go for 1 TB or so. Now GPUs, which is the essence for SL. SL loads a lot of textures and meshes. Those need space in the VRAM of the GPU, otherwise they would get pushed out and reloaded all the time. So the more fidelity and textures you see on screen, the more VRAM would be needed. There is no real upper limit there, if you crank up your draw distance, you may be able to even fill 48 GB of VRAM on a 20.000 $ Workstation card. So it is always a compromise. 8 GB is a good amount to go with Full HD screens or a little bigger, it is also the usual amount you can get for reasonable mid-range prices. It is good enough for today and a bit into the future. More VRAM also makes various tools run better too, e.g. Blender, AI tools, etc. There are some reports that a few contemporary games do not even start with 6GB VRAM anymore, so i would consider 8 GB the minimum for useful. So, if one looks at 'minimum 8 GB VRAM', the options start to thin out. A RTX 3060 GPU usually has just 6, so is out. A RTX 4050 similar. So we are either talking RTX 4060 which is a good choice for FHD screens. Or we are talking about some RTX 3070 or RTX 4070, which are much faster, but also heavier and more expensive, so usually only available in 16" or 17" models or with a significant price uptick. So 30xx is an option to safe money if you go for a 3060 with less VRAM, but the 3070s i saw were still more expensive (and faster) than a 4060. If you want to go for 4k or 2560x1200 screens, a 3070 is worth a consideration. There might be bargains to be had with inventory clearing of 3070s but i didn't see any nice ones on newegg right away. ANY dedicated GPU will drain your battery rapidly while in use, so expect to plug it in for maximum performance. Battery life with full 3D load will be about 1-2h max. Thats one of the reasons many laptops do not add a dedicated GPU, iGPUs can work longer (and a lot slower) on batteries. But as always, tradeoffs. For CPU you usually have not much of a problem, most models offered together with a decent GPU are powerful enough, so it is mostly a matter of preferences between Intel and AMD and nitpicking on details. Other things some people care for are quality of life details, that usually increase the price. I tend to love fingerprint readers for unlocking my machine with Windows Hello, but that is rare in gaming machine, same with webcams, some are better or worse. Keyboards quality is also a thing and varies widely. Maybe you want RGB lighting or maybe you hate it? Or maybe you absolutely need a RJ45 jack for networking or are totally happy with Wifi? And so on. So to come to a decision, you could set your rough budget target, then go through the decision points i listed above and should come up with a list of criteria you can priorize and match to the laptops you consider. That said, from the raw power i think the MSI one you listed is decent, but i have no idea about the other qualities like screen, keyboard, haptics, looks etc.
  10. It can handle the graphics, but your frames-per-second will be in the single digits when there are multiple avatars around and it will not like larger draw distances. For example the Radeon 780m iGPU in a fast Ryzen 7840u is around 50-100% faster than an Intel XE iGPU in many cases, but a mobile RTX 4060 is about 4x as fast as the 780m. (https://www.notebookcheck.net/AMD-Radeon-780M-iGPU-analysis-AMD-s-new-RDNA-3-GPU-takes-on-its-competitors.714019.0.html ) If you can afford it, try to get a laptop with a Nvidia RTX 4060 and 8 GB VRAM and at least 16 GB of RAM. The RTX 4050 only has 6GB VRAM which is a bit low for today and it is around 20% slower than a 4060. More VRAM basically means more textures can be loaded and it can handle more details and larger draw distances better.
  11. Your main problem with this budget will be, that a discreet GPU is often out of reach. That would be the thing that helps the most with good graphics. You might be lucky to see some NVIDIA RTX 4060 with 8GB VRAM and a last gen CPU + 16 or 32 GB RAM for the machine in the range, but most are more expensive. For example (no idea how good the exact model ist): HP Victus Gaming Laptop 15.6" FHD IPS 144Hz Intel 12-Core i5-12500H Processor 16GB DDR4 1TB SSD GeForce RTX 4060 8GB Graphic Backlit USB-C B&O Fast Charging Win11 Black - Newegg.com A little above that, but a little more expensive would be: MSI Thin GF63 Gaming Laptop 15.6" FHD IPS 144Hz Intel 10-Core i7-12650H Processor 32GB DDR4 1TB SSD GeForce RTX 4060 8GB Graphic Backlit USB-C Nahimic Win11 Black - Newegg.com All the non discreet GPUs (like Intel Xe etc.) are much much worse than a dedicated GPU like a 4060, e.g. see some benchmarks here: https://www.notebookcheck.net/NVIDIA-GeForce-RTX-4060-Laptop-GPU-vs-Iris-Xe-G7-96EUs-vs-Iris-Xe-G7-80EUs_11455_10364_10395.247598.0.html Even the fastest non-discreet GPU in a AMD Ryzen 7840 is much slower than a 4060.
  12. Not really. LL develops the viewer mostly in the open on github, so they do not send anything to the TPV devs. LL just releases the code/changes there and the TPV devs can take a peek and adapt or copy it according to the license. Its pull not push.
  13. /* * Demo the RFC 8628 OAuth2 Device Flow with LSL scripting * * (c) 2024 Kathrine Jansma * * SPDX-License-Identifier: MIT */ /* client_id as specified by OAuth2 spec */ /* Must be registered with the Azure Portal first or registered with Windows Powershell * You may need to allow Device-Flow explicitly. */ string client_id = "xxxxxxxx-yyyy-zzzz-aaaa-zzzzzzzzzzz"; /* AzureAD / Microsoft Entra Tenant ID, lets use the "consumers" tenant that has all Windows 10/11 users with a Microsoft Login included */ string tenant_id = "consumers"; /* Access Token to use for calling APIs */ string access_token; /* Refresh Token, if asking for 'offline_access' scope */ string refresh_token; /* expiry time for the token, as Unix Timestamp */ integer token_expiry; /* Device Code for the flow */ string device_code; /* Poll time for access code, defaults to 5 seconds */ float poll_time = 5.0; /* Device code expiry time as Unix Timestamp */ integer expires; /* Scopes to request, depends on the APIs to be called */ list scopes = ["openid", "profile", "offline_access"]; /* HTTP Request ID */ key request_id; /* User running the flow */ key request_user; /* Get the Devicecode to hand to the user */ get_devicecode() { /* Devicecode URL as specific for Azure AD / Microsoft Entry */ string devicecode_url = "https://login.microsoftonline.com/" + tenant_id + "/oauth2/v2.0/devicecode"; list parameters = [HTTP_METHOD, "POST", HTTP_MIMETYPE, "application/x-www-form-urlencoded"]; string body = "client_id="+client_id+"&scope=" + llEscapeURL(llDumpList2String(scopes, " ")); request_id = llHTTPRequest(devicecode_url, parameters, body); } /* Poll for the Access Token */ poll_access_token() { string token_url = "https://login.microsoftonline.com/" + tenant_id + "/oauth2/v2.0/token"; /* Body can be large, so expand it */ list parameters = [HTTP_METHOD, "POST", HTTP_MIMETYPE, "application/x-www-form-urlencoded", HTTP_BODY_MAXLENGTH, 16384]; string grant_type = "urn:ietf:params:oauth:grant-type:device_code"; string body = "grant_type="+llEscapeURL(grant_type) + "&client_id="+client_id+"&device_code="+device_code; request_id = llHTTPRequest(token_url, parameters, body); } default { state_entry() { llSay(0, "Please touch to start the auth flow."); } touch_start(integer total_number) { llSay(0, "Sending Call for DeviceCode."); request_user = llDetectedKey(0); get_devicecode(); } http_response(key request_id, integer status, list metadata, string body) { llSay(0, "HTTP Status: " + (string)status); if (status != 200) { llSay(0, "Failed: " + body); return; } llSay(0, "Body: " + body); string user_code = llJsonGetValue(body, ["user_code"]); device_code = llJsonGetValue(body, ["device_code"]); string verify_uri = llJsonGetValue(body, ["verification_uri"]); string msg = llJsonGetValue(body, ["message"]); poll_time = (float)llJsonGetValue(body, ["interval"]); expires = llGetUnixTime() + (integer)llJsonGetValue(body, ["expires_in"]); llSay(0, msg); llLoadURL(request_user, msg, verify_uri); state poll_token; } } state poll_token { state_entry() { llSay(0, "Polling for Access Token"); llSetTimerEvent(poll_time); request_id = NULL_KEY; } http_response(key req_id, integer status, list metadata, string body) { llSay(0, "HTTP Status: " + (string)status); request_id = NULL_KEY; if (status == 400) { /* See RFC 6749 5.2 && RFC 8628 3.5 */ string error_code = llJsonGetValue(body, ["error"]); string error_msg = llJsonGetValue(body, ["error_description"]); string error_url = llJsonGetValue(body, ["error_url"]); if (error_code == "authorization_pending") { /* expected, just retry */ llSay(0, "Auth pending"); llSetTimerEvent(poll_time); return; } else if (error_code == "slow_down") { /* need to slow down polling */ poll_time += 5.0; llSetTimerEvent(poll_time); return; } else if (error_code == "access_denied") { llSay(0, "User denied access: " + error_msg); llSay(0, "Aborting flow."); state default; } else if (error_code == "expired_token") { llSay(0, "Device code expired."); llSay(0, "Aborting flow."); state default; } else if (error_code == "invalid_grant") { } llSay(0, "Unexpected Error"); llSay(0, "CODE: " + error_code); llSay(0, "MSG: " + error_msg); llSay(0, "Aborting flow."); state default; return; } if (status != 200) { llSay(0, "Failed: " + body); return; } /* See RFC 6749 5.1 for format */ access_token = llJsonGetValue(body, ["access_token"]); string token_type = llJsonGetValue(body, ["token_type"]); llSay(0, "Got access token with type "+token_type); refresh_token = llJsonGetValue(body, ["refresh_token"]); token_expiry = llGetUnixTime() + (integer)llJsonGetValue(body, ["expires_in"]); state access; } timer() { if (llGetUnixTime() > expires) { llSay(0, "Device Code expired, please try again."); state default; } if (request_id == NULL_KEY) { llSay(0, "Polling for Access Token"); poll_access_token(); } } } state access { state_entry() { llSay(0, "Flow completed, have access token."); llSay(0, "Expires At: " + (string)token_expiry); /* Lets call the microsoft graph userinfo endpoint */ llSay(0, "Calling Userinfo Endpoint"); string userinfo_uri = "https://graph.microsoft.com/oidc/userinfo"; list parameters = [HTTP_METHOD, "GET", HTTP_BODY_MAXLENGTH, 16384, HTTP_CUSTOM_HEADER, "Authorization", "Bearer " + access_token ]; request_id = llHTTPRequest(userinfo_uri, parameters, ""); } http_response(key req_id, integer status, list metadata, string body) { llSay(0, "HTTP Status: " + (string)status); request_id = NULL_KEY; if (status == 400) { /* See RFC 6749 5.2 && RFC 8628 3.5 */ string error_code = llJsonGetValue(body, ["error"]); string error_msg = llJsonGetValue(body, ["error_description"]); string error_url = llJsonGetValue(body, ["error_url"]); llSay(0, "Unexpected Error"); llSay(0, "CODE: " + error_code); llSay(0, "MSG: " + error_msg); llSay(0, "Aborting flow."); return; } if (status != 200) { llSay(0, "Failed: " + body); return; } /* !!!!! Privacy, userinfo shows the name of the user that completes the flow !!!! */ /* llOwnerSay("Got Body: " + body); */ } } A little example how to run an OAuth2 Device Flow against Microsoft Entry ID / Azure AD to call APIs on the Microsoft Graph. References: RFC 8628 Device Grant RFC 6749 OAuth2 Microsoft identity platform and the OAuth 2.0 device authorization grant flow Microsoft Graph API
  14. Did you ever try to run the Vega 56 with the Resizeable BAR support hack enabled? (e.g. AMD Smart Access Memory) I saw a nice performance boost that way, even if AMD officially only allows it for newer cards like the 6xxx series.
  15. That might be true, but the mobile phone base stations would be down pretty soon anyway, so it wouldn't help. TOTP as 2FA has a few upsides and downsides. The upside is that is easy to implement on anything programmable with a working clock. Like people implemented it on Commodore C64... (Old Vintage Computing Research: Meet your new two-factor authenticator: your Commodore 64 (oldvcr.blogspot.com) , Smartwatches, Yubikeys, desktop apps (e.g. Keepass XC) and a ton of other non smartphone class devices. So it is one of the 2FA systems that should work in most circumstances. In a pinch you can print out the secret, store it in a safe location and clone a new authenticator from it later when your device dies. It obviously does have a weakness, as it can be cloned so easily, but for the threat model of SL it should not really matter. You don't need to defend against Evil Maid attacks..., well, not for your 2FA at least, inworld there might be Evil Maids trying to do nasty things, but thats a different matter.
  16. The best thing you can add to secure things is adding the 2-Factor-Authentication to your account. That makes it less important to have a super strong password.
  17. Because the main base diverged quite a bit from the typical TPV code base. Not worth the trouble at the time it was not on github i guess.
  18. Not sure how Windows does the actual accounting Could this be the Vivox Voice stuff thats used in both Firefox & Linden Viewer thats getting accounted for the wrong program?
  19. It does work and is used for the ARM (Linux) Port of the Cool VL Viewer, so should be okay.
  20. Basically would need support for SSLKEYLOGFILE - Everything curl That should be a fairly minimal patch, if using a recent enough openssl library using https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_keylog_callback.html There are even some hacks to enable it via runtime patching, e.g. https://github.com/wpbrown/openssl-keylog Rust should be able to do it out of the box with: KeyLogFile in rustls - Rust (docs.rs) Btw. did someone ever create a proper Wireshark Dissector for the SecondLife protocol? (https://wiki.wireshark.org/Lua/Dissectors)
  21. Ok, thank you for testing. Guess it was just bad luck with my sample regions than.
  22. I did recompile them (both as LSL and as Mono), but didn't change the behaviour.
  23. I dusted off some older AO (Sassy Ponygirl AO) in my inventory and now encounter instant "Stack-Heap-Collisions" on init/rezzing of it in some regions. In some regions memory on init shows 7% free, in others its just 1% and crashes. I would expect it to be the same and not vary by region. Did something change with Script memory handling in recent updates?
  24. Might be easier to answer, if you tell a bit what you usually do in SL. Most viewers have some niche to shine. Some are better for taking pictures. Others for managing your inventory. And so on...
×
×
  • Create New...