Linden Lab to alter third-party Second Life viewer policies
by Tateru Nino 
Oct 21st 2009 at 1:00PM
Filed under: Business models, News items, Opinion, Second Life, Virtual worlds
Yesterday, Linden Lab made an announcement regarding third-party (or after-market, if you prefer) viewers that has so far elicited a vociferous response from some of the more outspoken Second Life users, and those involved in after-market viewer-development. The announcement largely revolves around upcoming policies that have yet to be decided.
This is compounded partly by there being two announcements. One directly emailed out and one on the blog, both of which carry somewhat different information. The announcement is a lead-up to a series of "brown bag" sessions which are advertised to determine the details of the scheme.
As we said, in addition to the announcement on the official blog, a number of people in after-market viewer development have received emails that contain some details not mentioned in the public announcement, and omit some that are.
One of those key portions runs, "but recently some functionality has been developed that is at odds with our Community Standards and Terms of Service. Some of this functionality includes the ability to encrypt chat, copy content in violation of the creator's intent, and collect user data without clear disclosure." [our emphasis]
This is very interesting for two reasons. One is that we're not aware of any such prohibition about encryption in the published Community Standards or Terms of Service, and the other is that the option to encrypt communications has been one of the top 'must have' features for the corporate market.
Being able to encrypt user-to-user communications to prevent snooping (by the platform provider or by anyone else) is a common requirement of many corporate communications policies. As it currently stands, many corporate users tell us that they switch to forms of communication other than Second Life in order to discuss more sensitive business information.
We've asked Linden Lab about this, but have yet to receive a formal response. In any case, the bulk of the announcement approaches the issue of viewers that allow or encourage non-conformant behavior, though it somewhat sidles around any matters of substance.
A problem with identifying non-conformant viewers is that it isn't really possible for Linden Lab to positively identify a viewer that does not wish to be identified. It's like calling someone up and asking them what model of phone they have. Some people will tell you the truth and others won't. There's no way to practically check if the information given is actually correct.
Currently, the official viewer from Linden Lab is capable of masquerading as any other viewer or version. It's a built-in feature in the official code-base, and it is an official feature that is not routinely removed by third-party developers.
Linden Lab talks about the development of a 'viewer registry', "that will allow developers to list their viewer in a third party viewer directory maintained by Linden Lab, identify the features of their viewer, and represent to the Second Life community that it complies with Linden Lab's guidelines for third party viewers."
Some developers already feel – that while this is quite a good idea, overall – that it also risks marginalizing viewers and viewer developers that might disagree with Linden Lab on the specifics of what users might need with respect to viewer features.
There's widespread feeling that Linden Lab might well have less connection to the viewer needs and features espoused by users than third-party developers have. Earlier this year Linden Lab began to erratically attend and then altogether quit the communication sessions it had set up to stay in touch with users about these matters, which has just made the feeling more pronounced. These sessions are now run by third-party developers instead.
"When our revised policy goes into effect, any viewer containing functionality that can be used to impede our efforts to manage Second Life will not be tolerated," says the Lab.
Though, short of throwing yarrow stalks or casting horoscopes it isn't clear how the Lab could even go about detecting those viewers.
The obvious inference to make from this, however, is that any viewer that doesn't appear in the viewer registry as an approved viewer will ultimately be grounds for potential account suspensions or bans – though as yet, Linden Lab has no method of actually identifying any viewer where the user does not wish it to be, including Linden Lab's own official viewer.
Linden Lab is planning a series of discussions (analogous to the ones used to determine content ratings and Adults Only content policies) to work out the specifics. Linden Lab calls them "brown bag" sessions, which is a term in education circles for one-way, or top-down lunchtime lectures without audience participation.
 |
Are you a part of the most widely-known collaborative virtual environment or keeping a close eye on it? Massively's Second Life coverage keeps you in the loop. |
Get a WordPress.com Blog
Reader Comments (Page 1 of 3)
Prokofy Neva said on 2:22PM 10-21-2009
Could we have a little sincerity and truth on this matter of encryption, please, and not pretend that people speaking foreign languages or fighting for freedom could be dinged by this.
That's the excuse I keep seeing the opensource extremists making on the forums, and it's fake.
Corporations that want to encrypt chat go behind a firewall. There are solutions for this now, they use them.
That's not what this email was directed at. This was directed at people on the main SL grid encrypting chat -- and also being associated with, or suspected of, or liable to commit criminal acts, most likely, otherwise it wouldn't have necessarily come to the attention of the Lab.
Given the RAMPANT criminality already involved in the third-party viewers, there's no stretch of the imagination here to see that encryption isn't for "corporate communications" but is more likely for illegal activity.
The people using encrypted chat are more likely to be motivated by the desire to conceal financial fraud or engage in illegal activities like child pornography than they are to use it for "corporate communications" -- if they are genuine corporations, they're not on the main grid, duh, they're on Nebraska.
That's why this entire discussion is so fake.
It's disconcerting that the platform provider has the ability to scan and save and exploit chat without any framework of law. I'm totally with you on that -- but you're a newcomer to this concern suddenly when it impacts your God-given right to indulge in any opensource extremism, and were Missing in Action when I would raise it as a human rights concern more generally.
It seems to me that the company has to retain the right to prevent crime just the way the U.S. government has to retain the right to prevent and pursue crime with national telephone and Internet systems. And that means there must be civil rights restrictions applied on this and judge's court orders sought and all the rest. The Lindens must have an analogy to that sort of protective regime. There can't be anarcho-techno-communistic extremes on this, saying that the partisans get to encrypt all their chat "just because they can".
No, there is no reason to hand the grid off to fraudsters and child predators in the name of human rights. You can protect civil rights but still have scanning when there is probable cause and with due process. And that means encryption should only be something done behind firewalls in agreements with LL for those specific corporate programs.
Reply
Ankara Paravane said on 4:25PM 10-21-2009
To Prokofy: please stop conflating the abuse of encryption as the primary use of encryption. It seems to me that you're often apt to set off a series of hyperbolic statements that really don't seem to keep soundness in terms of the facts. Encryption is a good move in terms of LL as it also prevents people from lifting your password from your client if LL decides to include it in their system (not just chat). And trust me, in games like WoW encryption for certain accounts is worth it (they use a physical key mechanism that adds a layer of such encryption on the client login to prevent hackers from taking over an account).
shin said on 4:17PM 10-21-2009
That's right Prok.. If a hammer can be used to bash your head in, hammers should be banned.
Anything can be, (and is being), used to commit some sort of crime somewhere in the world..virtual or real...right this minute. Balances must be set to protect not only from the crime, but from the enforcers of law. I can't believe you honestly feel that one instance of criminal behavior will be prevented by preventing encrypted IM's in SL I think you're just nosy. We are only talking about simple text being encrypted here..not trading porn pictures. I can certainly think of times when I would be happier if I felt LL were not reading what I thought of them at a given moment..^_^
Oh...and I have never heard the words "probable cause and due process" applied to any LL procedures before..but I suppose anything is possible....^_^
Reply
Dale Innis said on 10:14AM 10-22-2009
The part about encrypted chat is very odd; as Tateru says, there doesn't seem to be anything in the ToS forbidding it, unless it's some reallllllly liberal reading of 6.2, which basically says that the Lab can eavesdrop. Interpreting this as forbidding things that would prevent the Lab from eavesdropping would imho be a big stretch, though.
Business users do like the idea of encrypted chat. Not everything fits naturally behind the firewall. If I want to have a meeting with a potential customer in which I mostly show him public stuff, but might want to segue into more confidential negotiations if things go well, being able to do the demo in SL and go into encrypted IM for the confidential stuff might be very useful. Letting a customer inside the corporate firewall isn't something one does lightly. Corporates would also like encrypted voice for the same sort of reason. Beyond that going behind the firewall is probably the most natural thing, although there are some other interesting kinds of privacy that one might sometimes want to have while still being on the main Grid. I hope LL isn't going to unthinkingly forbid all of that...
Reply
Prokofy Neva said on 6:16AM 10-22-2009
Number one, we're talking about Second Life here, and a highly criminalized opensource movement already marked by the wildest forms of griefing and content theft.
Number two, we're talking about *encryption of chat by third-party viewers* NOT of encryption in general by the platform provider, such as for passwords. Don't be ridiculous and move off topic to generalities that aren't invoked in this discussion on the forums whatosever.
There's no grounds whatsoever to accredit good will and lack of criminal intent to those with viewers that in fact are already rampantly involved in crime.
There's nothing hyperbolic about my statements here; they're based on documented field experience. Rather, the claims of this article are what are utopian, and your own non-credible defense of opensource intentions.
Reply
KaraSpengler said on 6:30AM 10-22-2009
Prok-
Think, if someone wants to do something nefarious they do not need to talk about it. If you are using a copying tool you already know how to use, why do you need to communicate in SL about it?
I will play along for a moment and say they do though. "Oh, SL will not let us communicate privately? I guess we will use some outside tool that does then."
Meanwhile, customers are akin to noobs in some ways, they need to be treated with kid gloves. You want to make it easier for them, not harder. If they can hold a confidential conversation in the tool they are using at that moment they are more likely to stick around. If you tell them to do something else they might say "nah, I will go with another vendor".
I hope you are not on a jihad to ban all of emerald. If you are, a lot more people that did not already know you will be against you. Emerald is probably the most popular browser after the SL clients right now.
Prokofy Neva said on 6:30AM 10-22-2009
These silly "hammer" people are showing up again.
In real life, you are now allowed to bash people over the head with a hammer. It's against the law. You don't have to ban hammers because you have the rule of law that makes it a crime to use a hammer to harm someone.
Not so hand-guns. Hand-guns *are* banned, especially in large crowded cities where they tend to accidently harm bystandards not even involved in a dispute. There it makes sense to ban the instrument for the crime as a form of harm reduction and mitigation of risk.
Everybody gets this in RL; nobody harangues the halls of Congress with screaming about liberating hand guns; even those "hand guns don't kill people; people kill people" recognize the need for LICENSING HAND GUNS and RESTRICTING THEIR USE.
Not so the opensource freaks who use the "hammer" and "hand-gun" analogies wilfully, obdurately and falsely over and over again, despite logic and common sense.
And here they go again, refusing to acknowledge that even gun advocates don't stop the LICENSING and RESTRICTION of handguns in RL. If hammers became a widespread weapon of choice for assault and murder, they'd be restricted, too.
In Second Life, it has been far too easy to come in and bash people over the head with third-party viewers. These are now being regulated because they are the vehicle for action against others.
Reply
KaraSpengler said on 6:38AM 10-22-2009
None of the 2nd amendment people challenges registration/restriction? ROFLOL
Prokofy said on 6:30AM 10-22-2009
Dale's making up fake edgecases as usual.
Business people use Gmail and Googlechat and Twitter constantly, and don't demand the rigours of security and encryption that suddenly the script kiddies are demanding in SL. Fake.
Nobody demands to encrypt their phone calls when using AT&T; nobody demands constant use of PGB in normal business communications. Some people put disclaimers about interception, even.
LL indemnifies itself against third-party interception, but its right to eavesdrop does entail preventing the thwarting of that ability to eavesdrop.
Blanking granting of the right to encrypt chat utterly thwarts the ability of LL to manage the diverse and complex grid which is already the site of significant amounts of crime.
IF it persisted in allowing an encrypted part of the Internet, sooner or later, RL authorities will come calling to stop this.
Reply
KaraSpengler said on 6:42AM 10-22-2009
"IF it persisted in allowing an encrypted part of the Internet, sooner or later, RL authorities will come calling to stop this."
Under what law?
Dale Innis said on 10:14AM 10-22-2009
These aren't fake edge cases, these are real edge cases that have come up in actual business uses of virtual worlds. Businesses do use Twitter and gmail all the time, but they do not use them for communications that require encryption-grade privacy. For that, they use channels that provide end-to-end encryption.
We know from experience that what happens when you forbid encryption on a channel is:
() you may catch a few additional clueless criminals
() the non-clueless criminals either encrypt anyway, or switch to a different channel, and
() your staff abuses their access to the unencrypted traffic to stalk ex-spouses, steal private information, and so on.
"IF it persisted in allowing an encrypted part of the Internet, sooner or later, RL authorities will come calling to stop this."
No. Encryption is used all over the Internet, in email and IM and IP phones and general file and data transmission. Various RL authorities wish it were not true, and have made some small attempts to (for instance) get backdoors into some of the more popular encryption schemes, but that's as far as it goes. The "encrypted part of the Internet" is the whole thing: any channel can carry encrypted traffic if the people at the endpoints want it to.
Prokofy said on 6:33AM 10-22-2009
Kara, people who don't want to have their chat bugged by the Lindens go on Skype. Duh?
Encrypting chat on SL means thwarting the ability of the Lindens to prevent and prosecute crime on the grid. I'm not for doing that. There is far too much crime. This would give a pass to many criminals.
I won't have to be on a jihad to ban Emerald : )
Emerald itself will not comply with this Lindens' new requests, and discredit itself.
Then the fakery around its "masses of supporters" will be revealed as false.
I don't buy that Emerald is "the most popular". What I see is a lot of hype, lying, and thuggery to discourage critics.
Reply
KaraSpengler said on 6:45AM 10-22-2009
"I don't buy that Emerald is "the most popular". What I see is a lot of hype, lying, and thuggery to discourage critics."
Emerald has a feature to show who is using what client around you. Walk around the grid and you will be surprised at how many other emerald users are there.
KaraSpengler said on 7:33AM 10-22-2009
BTW, Emerald is not just popular for encrypted communications (hard as it is for you to believe, I do not use the feature) but it is certainly one of them amongst people that have been asking for it. Some of the reasons you will hear if you ask people though:
* a lot of guys will answer with 2 words "breast physics"
* umm, I am getting about a high fps right now with a store near me?
* more attachment pts/clothing layers
* ability to run a script outside of the SL servers (why add to lag?)
* area search for an item (useful to find things on your land)
* a 'worn items' tab
* IRC integration
* ability to use 'always fly' (yes, I know how to do it with the official client, but is not a sticky option)
* clothing layer protection (why would ppl build that n if they were pro-copying?)
* cryolife detection (ditto)
* default object size/properties for building
A lot of other features too, but basically the emerald developers give users what we have been asking for, fix bugs fast, and give us new toys we had never even DREAMED of asking LL for.
KaraSpengler said on 5:20PM 10-22-2009
almost forgot: client. side. AO. (less lag AND frees an attachment point)
Prokofy said on 7:57AM 10-22-2009
>I hope you are not on a jihad to ban all of emerald. If you are, a lot more people that did not already know you will be against you. Emerald is probably the most popular browser after the SL clients right now.
BTW, I love how the thuggery keeps spawning and growing and growing. but that's all good because it discredits this illegitimate enterprise.
If I criticize Emerald, people are going to "get me".
They will be "against me". Like some tribal warfare.
Very indicative of the mindset around these thugs.
Reply
anon said on 8:43AM 10-22-2009
Prokofy most of the things you talk of you don't even fully understand.. I use Emerald and it is a very good viewer that complies with the TOS fully. You are very attention seeking and I wish not to read any more of your senseless attacking thuggery drivel... No more discrediting this legitimate enterprise.
Reply
Dale Innis said on 10:21AM 10-22-2009
The encrypted-IM part (which I hope will quietly be removed from the criteria) aside, though, I think it's a very good thing that the Lab is publishing requirements for third-party viewers. In the JIRA discussion about whether or not it's possible to ban certain viewers, I said that the most important thing the Lab can do is say what things a viewer should and shouldn't allow, and communicate that message clearly. They can't do a 100% job of keeping people from logging in with a naughty viewer, but they can do a very good job of making it hard to produce and publicize one.
Really the only thing I can think of that a viewer should definitely not do is allow saving copies of stuff that the viewer has to have to do its job, but the perms don't permit you to otherwise copy. Anything else "malicious" that a viewer can do should be made impossible at the server side. I can think of a few fuzzy cases (griefing tools built into the viewer that ran right along the edge of what it's feasible to prevent server-side, say), but in general security should be server-side wherever possible. (When was the last time you saw a website that tried to control which browser you use to access it?0
Reply
Prokofy Neva said on 10:44AM 10-22-2009
Um, businesses using Twitter can't expect that the main open Twitter available to the public is going to provide encryption services for them, that's ridiculous. They don't expect that from Facebook or any other service. They'd have to get a behind-the-firewall solution customized for that special need.
By the same token, they can't expect Linden Lab to supply encryption capacities for them, either, nor to refrain from punishing those who put this in against their policies, because they need to manage the grid. Public interest and their need to manage the grid properly does trump your rapacious business needs, sorry.
And in fact most grown-up businesses understand that. You don't see any official representative of IBM or Dell or Sony coming here and demanding that Linden Lab supply them instantly with encryption rights on the main grid.
It's only extremists and idealists who are speaking -- as they tell us -- in their personal capacity with these demands. They have no actual official business backing.
>Businesses do use Twitter and gmail all the time, but they do not use them for communications that require encryption-grade privacy. For that, they use channels that provide end-to-end encryption.
By saying this, you've in fact handily proved my point that in fact they don't use these public platforms with any expectation for encryption, thereby justifying what I just said. Duh.
As for needing to lecture me about encryption, no, once again, read what I said. This discussion about encryption isn't a generic discussion about encryption, in which you arrogantly and snottily get to indulge in your knowier-than-thou statements about encryption around the Internet -- about which I happen to know, and know likely more than the average person.
What I'm talking about is the subject of the Linden blog, which has THIS CONTEXT:
o third-party viewers, already associated with criminal acts
o Lindens finally getting up and saying "no" because encryption is being used by third-party viewers *already associated with griefing and copyright theft*. Hello!
Knock it off, Dale. You merely show up at every thread where I appear in order to engage in trolling and harassment, your game was exposed years ago.
Reply
KaraSpengler said on 3:07PM 10-24-2009
There are a LOT of twitter clients out there. Are you saying one of them would be banned if it sent a tweet that was encrypted? Third party clients (be it for SL, twitter, or IRC) are not asking the SERVER for the service, it is being done on their end. Data is data to the server.