The Master Account proposal revisited

Back in 2009, 18 January to be more exact, Argent Stonecutter filed issue SVC-6212 in Linden Lab’s JIRA for Second Life, proposing a change in the way SL’s user accounts are handled. Right now, account name and user name are effectively the same – even after the discontinuation of last names and the introduction of the kludgy “Resident” last name in their place. Argent suggested (rightly) that username and account name be separated:

SL security would be better, also, if you separated the account and avatar names… so for example instead of logging in as “Argent Stonecutter”, I’d log in as “Argent007” or something that isn’t actually published… and then picked my “Argent Stonecutter” alt from a pulldown.

• Something else for attackers to have to guess.
• Better account management.
• Fewer name-password combinations for users to remember.

Argent’s point was to make log-ins more secure and account management easier. The discussion in the comments is quite interesting, too. Before I came to sit down and blog about this proposal, Ciaran Laval and Exotix (Inara Pey) blogged about it. So, what is that makes this proposal so special that I’m bothering to revisit it and attempt to draw new attention to it?

Read Full Article

Advertisements

Why Second Life has not fulfilled its potential

Last November, Slate ran a piece on why Second Life failed; according to Dan and Chip Heath’s article, which compares Second Life to the Segway, SL is “like a job candidate with a fascinating résumé—fluent in Finnish, with stints in spelunking and trapeze—but no actual labor skills.” In my opinion, the Heaths, besides ignoring the fact that SL is still a profitable project, make the same mistake that many have made regarding SL – among them even Linden Lab: they don’t grasp what SL really is all about – it’s not a game, but an entire virtual reality platform with the potential for developing a strong social element, which could, under the right conditions (I’ll get to that later), provide excellent opportunities for everyone to take advantage of its abilities for various purposes. Such purposes are:

• The creation of immersive worlds for various entertainment and educational uses.
• The reinvention and reimagining of one’s own personality, which would enable them to express aspects of their own psyche with considerably reduced fear of stigma (thanks to a general anonymity and the fact that segregation of RL from SL is the accepted norm within the userbase of SL).
• Creation and sale of virtual goods.
• Creation of immersive 3D environments to showcase products, builds etc.

As for the social element of SL, I respect it much more than I would ever respect the brainchild of Mark Zuckerberg: very good to excellent privacy, no obnoxious ads littering my screen, and SL, unlike Facebook, doesn’t surrender activists and dissidents to the authorities of totalitarian regimes.

SL is an extremely promising and powerful platform, yet it has not fulfilled its potential; instead, it loses thousands of private regions annually (as documented by Tyche Shepherd) and seeing even large companies leave it, unable to justify the monthly $295 tier for a whole region, even though their top executives are paid several thousand times this money per month. And many regions in SL are usually emptier than gun-crazy crap-rocker Ted Nugent’s skull. OK, so what has gone wrong?

Contrary to what far too many people claim, I do not attribute LL’s failure solely to the (admittedly high) cost of tier. This is a cost that cannot be easily lowered, because of the high running costs of SL and its massive infrastructure. Instead, I’m going to look at a number of other reasons that make SL less attractive than it could (and deserves to) be.

Read Full Article

Gemini CDS Ban Relay: Conclusions

Continuing from where I left off in my previous post on the subject, I am coming back, this time with the opinion of an internet security expert. You see, in RL I happen to work for a software company and this obviously gives me acquaintances with people who are in the IT business. Therefore, it is only natural that they can offer me some concise, accurate information on many issues where my knowledge isn’t enough. Deciding not to be “The Scotty Who Knew Too Much“, I handed all the information I gathered during my investigation of the whole Gemini CDS Ban Relay to a friend who is an internet security expert and a participant in the local chapter of the OWASP (Open Web Application Security Project). So, I asked him for his educated opinion. Here’s what he has to say on the matter:

Read Full Article

SL Intellectual Property – Next stop: Paranoia Central

Last time, in an anger-fueled post I decided to touch on a very sensitive and drama-inducing subject: the paranoia that is eating through the minds of many content creators in Second Life. It was quite a few RL years ago (late 2006, in fact; this sort of time interval in Second Life terms amounts to about a century) that the drama around Copybot started to unfold. For a quick and dirty summary, I will point you all to the coverage from CNET, because it is a serious resource, far more serious than the rants of many people on the forums, blogs and discussion boards. According to the content creators protesting against Copybot, it harmed them no end and put their livelihoods at risk, because it would allow everyone to copy their work and resell it.

In my previous post, I mentioned how the U.S. Government Accountability Office, the (conservative) Cato Institute and journalist institutions like Ars Technica and TechDirt  pointed out how the RL content industry presents bogus data to the authorities and the governments in its lobbying attempts (which are more often than not accompanied by melodramatic TV adverts about struggling artists who will become destitute by piracy) to pass pro-censorship “anti-piracy” laws (see HADOPI, SOPA, PIPA, ACTA and CETA). Yes, bogus data. And the U.S. GAO even protested about the content industry not giving them all the data and the methodology they used to come up with these make-believe results and conclusions. Once again, you can have a look at Cato Institute’s article “How Copyright Industries Con Congress” and, of course, the other sources I mentioned in my previous post on this matter.

Read Full Article

On Intellectual Property, Stupidity and Paranoia

In Real Life, we have all witnessed the paranoia and even maliciousness of the corporations that “create content”: from the likes of Kluwer and Elsevier to the companies behind such organizations as the RIAA, the IFPI and the MPAA, they have all been going on about how “piracy kills music”, about how even a single photocopy that a student might make of a single page of a scientific book “hurts their business” and “deters innovation” and such.

Of course, as proven multiple times by such great resources as TechDirt and Ars Technica, this is all bullshit. Pure and utter bullshit. First of all, the RIAA has been proven to be lying off its teeth about the supposed impact of piracy. Matthew Lasar of Ars Technica called the RIAA on its lies here. TechDirt debunked the bogus data of the US Chamber of Commerce (fabricated at the request of the “content industry”) here. Even the (overly) conservative Cato Institute called the copyright industry on its bullshit, in a seminal article titled “How Copyright Industries Con Congress“.

Read Full Article