Thursday, September 8, 2011

I snagged myself on your barbed defenses

(Continued from part VI. And my apologies in advance--this had formatting taken to more closely resemble the quotes pulled, but then I hit Preview on Blogspot, and that erased all the formatting. No idea why, really resent that that happened, and just do not have the energy right now to go through and fix everything.)

Miss McMillan commenting on the SLU's JLU thread (hey, that's kinda catchy) reminded me of something.
[09:41] Kal-El [Kalel Venkman]: I also need to fix the PZ nodes so that they rename themselves to 'Object' on installation. A little conversation in the GreenZone Users Group (a group dedicated, apparently, to the destruction of any networked banning system, not just RedZone) showed that their detection devices relied on sensors that checked for the names of installed prims.
[09:41] Kal-El [Kalel Venkman]: This will make PZ invisible to such sensors and protect PZ users from attack by griefer coalitions
There's only one problem with this. Simple onboard estate tools allow searching by name of owner, name of prim, number of scripts, number of collisions, among other things. I could go on any sim for which I'm part of an estate team and pull those figures. This is not a 'griefing sensor', this is how Second Life is designed to work.

I mean, in essence, I get what he's trying to do here: he wants to hide prims on parcels or sims unobtrusively. What greater invisibility can there be than one more Object in the midst of all the other Objects? (I admit, I once named every single prim in a house build. Mostly, it just made me smile when someone touched one of the door prims, and heard either 'Estella' or "Priscilla" open.)

The problem with that, though, are those estate tools, plus other tools like Thomas Conover's full-sim scanner, which will pick out individual prims and tell you not only where they are, but how many scripts they contain, who owns them, what their name is--all information that an estate owner or estate staffer desperately needs on occasion. I guess it slides it by the standard folks, but most certainly not everyone.

Still, it's interesting that Venkman's thoughts turn to concealment and blending in, over open revelation. You might think he had something to hide...

And from the long-suffering maintainer of the summary thread, her own response to GLE:
"Further, please stop with that tired nonsense about broadcasting your IP everywhere. It's not applicable. No one ever argued the notion of IP recording being a problem in and of itself. They argued it once it was *tied to an account name* and used to tie it to *other account names* in order to establish potential alternate identities. That was the problem. The tired old 'oh you leave your IP all over the internet' thing was debunked MANY months ago, and zFire himself tried the same tactic of clouding the issue and pooh poohing it. It didn't work for him and it's not going to work here, either."
In more cogent form, that's what I've been trying to get at. It was never the strict gathering of IP. That wasn't the issue. It was the subsequent aligning with actual (or, in many cases, presumed) alts or similarly-named avatars. As she says, the linkage is the problem; not the IP collection itself.

She goes on to offer a really great example of this mode of thinking:
"Let me put it this way- there's an argument that religious folk like to use against atheists. There was a thread about it on SLU recently- about morals without gods. The fundamental premise was that there are some religious people who believe atheists are fundamentally immoral because they have no fear of an all powerful deity who will punish them for wrongdoing. The atheists counter that they don't need the fear of a powerful deity or punishment- they're capable of ascertaining the right thing to do without an authority figure making a rule about it.

"That was what I was getting at- not the timeline of how this came down because you all are still arguing over what PZ does and does not do. My point was that you supported alt detection and it took the Lab(see: powerful deity in this case) to come down and decide against it. You didn't come to that conclusion on your own. You are obeying the rule- but a rule had to be made *first*. You don't support the actual premise- just the rule.

"Again, that's a big deal."
Yes, it is. And at least GLE in word and deed, and Kalel in word and deed (and who knows how many others in the JLU) don't seem to understand that they're on the other side of this argument.

Another mention from the original thread:
"The argument that a hashed ip isn't an ip combined with the argument that anyone who doesn't want their alts tracked must be hiding something makes a very ugly mess.

"A largely self-inflicted mess."
Again, I would agree.

And from the comment directly below that one:
"The fact that Kalel started contacting peoples real life jobs and schools is enough for me to be honest.

"Seriously you internet hero fuckwits, when you call somebody's employer they don't get upset that their employee fired 1000 dicks in a virtual world sandbox. They care that some deranged psychopath from some internet game is calling them."
He has a point, too, for all that it was bluntly phrased.

And Miss Zenovka's entire comment is worth your time to read, but I'll still boil it down if required:
  • She posits that the JLU may not be collecting IP addresses and collating them with other data, but that they are possibly acquiring other data lists and links, then comparing them, and entering them at that point to the wiki or the Brainiac server.
  • Due to this potentiality, they might also not keep their scripters (nor their poster children) properly informed of the potential conflation of outsourced data (and gosh, Zen not up to date on what's really going on, there's a shocker)
  • Finally, in no way meant to be a direct part of the above, members of the JLU are also members of the GreenZone group, which has not disbanded long after the actual threat of RedZone has been removed (and that, while not directly tied in, I do find fascinating)
There's another comment on the thread that, while it repeats some of the information seen on previous comments, pulls a few more things together and makes everything a little more clear. (Which is like saying we've moved from mud to murk, but hey, it's a start.)

And then this from Sione:
Originally Posted by AEther

Again, no. Nothing overrides a local pass created by a network owner or admin on their own network. In fact, network owners may set their networks to not accept global bans at all ("trusting") and/or to not share local bans with other networks ("sharing"). Turning off both would, for example, give you a completely isolated network that simply shares bans between all the land you protect with the system.
"Hang on hang on. Share bans with other networks? So are you saying that unless specifically turned off bans propagate between networks? If you are banned by someone with it on then you have to IM your way around the grid hoping the sim owner is online."
As Kurmin noted in the summary thread, this was the awful sound where the penny dropped. People were so focused on being outraged, for good or bad reasons, that they hadn't honestly stopped and thought this through.

Again, correct me if I'm wrong, but this is what I take from that quote in this context:
  • There are no global, nonremovable bans--any user of PhantomZone may allow avatars even other sims don't allow.
  • Estate owners can also allow PhantomZone to operate solely as a wider ban list, isolated to their particular land alone.
  • However, if that sim owner wishes, they can leave those options on which accept global bans, even those that propagate on other systems. question is now, which systems? All of them? Some of them? If people had the foresight to somehow search out and keep the global list of RedZone bans, could they then import those into their PhantomZone units? Does it centralize ban lists from any other ban system, like Voodoo? Like the dozens of other, less invasive security orbs on the grid?

From a later comment in the thread from GLE:
"His account was hijacked. He is no longer a member. He was a good guy who didn't deserve this treatment. He enjoyed patrolling sims and interacting with the other members of his 19th Century roleplaying group, but someone decided it would be funny to burn out his account just to steal some pages from the wiki. The result was not amusing."
I do believe we're talking about Baht McMahon again, and I'm still wondering what got him into this. If GLE is to be believed--someone hacked his account, logged in to the Brainiac server, and that's the source of the second batch of leaks? Baht even on the grid anymore?

Back to security issues--this comment is well worth the time to read, but I will pull one extract from it for here:
"You need to stop hiding your toy. People need to be able to CHOOSE to not go to a location with your device, and they must be able to choose to opt out ***BEFORE*** the data is collected. KalEl's advice to rename the device is specifically and solely a dodge around that premise. Period. The end. There is no other explanation."
I will be honest, people want security in Second Life. Even if they don't seem to really grasp the difference between secure (logged off of SL) and insecure (in world), they have this idea in their heads, and they never let this go. This idea says:
  • In this perfect world, the best security orb is cheap
  • In this perfect world, the best security orb keeps an unlimited ban list
  • In this perfect world, the best security orb is unobtrusive, will not warn, will instantly ban people (or deny them entry in the first place), and will offer great protection with limited set-up
Why? Not because people want to defend against griefers. Not because people want to prevent copyright infringers from accessing their personal homes and stores.

No, largely, the average user of any security system in Second Life does it because they don't want to come home to strangers having sex in their bed. Flat out.

How does PhantomZone address this? By the same methods RedZone did, and I'm not talking about the physical scripting, here. I'm saying PhantomZone plays to the same fears that RedZone did while it was operational:
  • If you don't use PZ (RZ), you won't be able to protect yourself from avatars who will come into your homes and touch your things
  • If you don't use PZ (RZ), you'll be cut off from the "best" protection that's offered on the grid
  • If you do use PZ (RZ), it's free--we'll never charge for it and any updates (or at least, that's the assumptions I'm getting from its proponents)
  • If you do use PZ (RZ), you can take part in helping to ban anyone you object to, for whatever reason, to keep your things safe
  • If you do use PZ (RZ), relax: it's just like Banlink, a system you trusted to keep people away from your things
The problem with these modes of thinking is not that PhantomZone doesn't live up to its end of the bargain. I'm quite sure it does. The problem is it plays into that culture of fear we've developed on the grid. We fear things, and we fear people, and we fear people who can do things we don't understand.

For example:
  • If someone you don't know rezzes into your store, and stands at the beam-in point, and doesn't move, there are some schools of thought that tell you this is a copybot.
  • If someone you don't know rezzes into your store, and is wearing newb clothes and a newbie skin, there are some schools of thought that tell you this is a copybot, or a griefer.
  • If someone you don't know rezzes into your store, and turns in a circle, there are some schools of thought that tell you this is a copybot, or a griefer getting their bearings.
  • If someone with the last name Resident rezzes into your store, there are many schools of thought that say this is a copybot and a griefer.
Fear. And the fear escalates.

Let's think about this in a different way:
  • If I've never been to a certain store before, and I stand at the beam-in point, and don't move, it's likely because that sim (or my system) is lagged enough that I can't move. I hardly think I'm alone in this, but for several months last year, some merchants had rules signs posted at their default beam-ins, saying If you don't move in 15 seconds, we're banning you. NO COPYBOTS!
  • If I rez into your store with a newbie skin and newbie clothes...well, first, there's obviously something wrong with me, because I don't generally do that at five years in--but if anyone else does that, the stronger possibility is that they're just new, not evil. These days, with the proliferation of really well-done freebie items, it's getting harder to peg someone's that new just by looking.
  • If I rez into your store, move off the beam-in point, and turn in a circle, I'm not scanning your store for items to copy onto my system. Over two years ago, that was the way to force things to rez in--turn once (or twice) in a circle, taking in all aspects of the store, will help textures turn from grey to crisp. Then--if still having problems--moving the bandwidth slider up and down rapidly will usually do the trick.
  • And if someone rezzes in with the last name Resident, they're not evil, a copybot, or a griefer by default--they're just unlucky enough to be born on the grid after last names were abandoned as a bad idea.
Yet, fear and paranoia on the grid continue to cripple us. Why?

(And note, I am not saying, I say again, I am not saying that PhantomZone and RedZone are the same product. I am ***not*** saying that. What I am saying is that, in terms of marketing, they're serving the same function: "Keep them thieves and miscreants away from yer wife! This is the best shotgun on the mark.)et, that'll larn 'em!" When in fact, fear never creates anything positive beyond more fear.)

No comments: