Re: [opensource-dev] Draw Distance
On Sat, Aug 21, 2010 at 9:36 PM, Miro Collas miro.col...@gmail.com wrote: How about bbeing able to just type it in? Why a slider, or mouse wheel, which is inaccurate? How about being able to type it in chat? Instead of a one off thing just for the draw distance, I'd rather we had a general command input system similar to the console on id's games. So since we use /# for the channel and /me for emotes how about /set for setting debug variables with the following syntax. /set debugvar value Where value is one of bool, integer, float, or a vector using the lsl style of 0.0, 0.0, 0.0. With tab line completion of course. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
I like the command line in emerald, you just type in dd 512 and it's done. ((I really like all the command lines in emerald. Took me a bit to get used to them, but after I did I am really missing them now that I came back to V2 to give it another go while you all are working on it.)) On Sun, Aug 22, 2010 at 2:01 AM, leliel leliel.mir...@gmail.com wrote: On Sat, Aug 21, 2010 at 9:36 PM, Miro Collas miro.col...@gmail.comwrote: How about bbeing able to just type it in? Why a slider, or mouse wheel, which is inaccurate? How about being able to type it in chat? Instead of a one off thing just for the draw distance, I'd rather we had a general command input system similar to the console on id's games. So since we use /# for the channel and /me for emotes how about /set for setting debug variables with the following syntax. /set debugvar value Where value is one of bool, integer, float, or a vector using the lsl style of 0.0, 0.0, 0.0. With tab line completion of course. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On 8/22/10, Phox p...@modularsystems.sl wrote: The website in question suffered no ill effects, and to imply that loading a .php and a few images is an attempt at DDOS is just ridiculous, our login page consists of a .php script a hi-res picture, and our website doesn't go down as a result. Your website did go down because of the load, though - a whole bunch of times in fact! There's even still an entry in the Emerald FAQ about it[1]: Due to a problem with our webhost 500 errors are increasingly common with new traffic. Please wait a few seconds and try to reload the page, it may take a few tries before you get through. The only reason it doesn't anymore is because you moved to a bunch of really chunky and expensive dedicated servers. http://blog.modularsystems.sl/2010/07/19/emerald-user-statistics/ says that you're using two of http://www.hetzner.de/en/hosting/produkte_rootserver/eq4/ - each of which is about as powerful as some of the older Class 5 Linden Labs servers that host 4 regions each - plus a third unspecified dedicated server. Hazim was using cheap shared hosting. What's more, the guy from the Emerald project who did this knows just how much load the Emerald login screen puts on Emerald's servers, because he apparently pays for and runs them! On 8/22/10, Katharine Berry kathar...@katharineberry.co.uk wrote: No it doesn't. If it was a PHP script then I could've made much of the code much simpler when I made the thing. It was very deliberately not a PHP script, for reasons of load. Yep, looking at the headers it's definitely static HTML. We've got an Accept-Ranges header, a Content-Length header (both of which you can get from PHP scripts but wouldn't normally), and most importantly an ETag in the same format lighttpd uses for static content. Also, the login page wasn't just making one request for a PHP-generated page from Hazim's website - it was making 20 requests for the same page. [1] http://www.modularsystems.sl/wiki/wikka.php?wakka=FAQ ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
[opensource-dev] Login Pic
So, is it fixable? Is there some way to change the Snowglobe login channel? Or can the server be configured to respond to the channel Snowglobe already has? Or is this just something Snowglobe users should not care about? For reals, it's not important, but i miss it, the pics are a nice touch. Thx!! - AK On Sun, Aug 22, 2010 at 5:26 AM, a...@skyhighway.com wrote: Hey! Um, i've been meaning to ask... Why don't i ever get the login screen pics with Snowglobe? i just installed the latest release (1.5.0 3625) from the website and still all i ever get are little arrow icons in the middle of a black screen. It's not all that important, i know, but i've been missing them... Is something broken, or is it me? The login pictures are controlled by the login channel and grid that is passed when requesting the background page. Snowglobe passes its own login channel different to the main viewer which results in no pictures. But the choice to send pictures or not, is server dependent. Robin ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] SSH authentication
On Sun, Aug 22, 2010 at 12:21 AM, Nicky Perian nickyper...@yahoo.com wrote: How do you do this in windows. Can you take your local key from Linux? Yes, but you need the full key not just the public key. Puttygen part of the putty ssh suite has the ability to import/export OpenSSL keys as well as some other formats, and tortoiseHG probably uses the putty key format if you are using that/want to ssh auth from windows. Robin ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
On Sun, Aug 22, 2010 at 12:09 AM, Miro Collas miro.col...@gmail.com wrote: That's what I referring to, the command line commands. VERY handy! And dd is one I use a great deal. The problem I have with that is that the draw distance is only one of several debug settings that affect performance. I've been running with deferred rendering enabled for the past few months and I've had to enable/disable shadow maps SSAO all the time, but I hardly ever touch the draw distance. What's more, using a general method of changing debug settings through chat would let us create gestures that changed a whole group of settings all at the same time. So when entering a laggy sim you could trigger one gesture that did all of this. /set RenderFarClip 128 /set RenderVolumeLODFactor 2.0 /set WindLightUseAtmosShaders 0 With a system like this you could change any setting on the fly without ever having to open the UI which would be great for filming machinima. Cam into a building and turn on global illumination and crank up the SSAO settings for deep highlights, cam back out and put SSAO back to the defaults and turn off GI for a better frame rate. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
That makes sense yes. I wasn't asking for Emerald to be copied, which is why my initial response to the issue was vague. But the basic idea is nice, I think: a nice, fast and easy way to set parameters without having to use clumsy sliders and navigate pages of dialog boxes, all via the command line. On 08/22/2010 05:09 AM, leliel wrote: On Sun, Aug 22, 2010 at 12:09 AM, Miro Collasmiro.col...@gmail.com wrote: That's what I referring to, the command line commands. VERY handy! And dd is one I use a great deal. The problem I have with that is that the draw distance is only one of several debug settings that affect performance. I've been running with deferred rendering enabled for the past few months and I've had to enable/disable shadow maps SSAO all the time, but I hardly ever touch the draw distance. What's more, using a general method of changing debug settings through chat would let us create gestures that changed a whole group of settings all at the same time. So when entering a laggy sim you could trigger one gesture that did all of this. /set RenderFarClip 128 /set RenderVolumeLODFactor 2.0 /set WindLightUseAtmosShaders 0 With a system like this you could change any setting on the fly without ever having to open the UI which would be great for filming machinima. Cam into a building and turn on global illumination and crank up the SSAO settings for deep highlights, cam back out and put SSAO back to the defaults and turn off GI for a better frame rate. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
On Sun, Aug 22, 2010 at 10:09 AM, leliel leliel.mir...@gmail.com wrote: On Sun, Aug 22, 2010 at 12:09 AM, Miro Collas miro.col...@gmail.com wrote: That's what I referring to, the command line commands. VERY handy! And dd is one I use a great deal. /set RenderFarClip 128 /set RenderVolumeLODFactor 2.0 /set WindLightUseAtmosShaders 0 With a system like this you could change any setting on the fly without ever having to open the UI which would be great for filming machinima. Cam into a building and turn on global illumination and crank up the SSAO settings for deep highlights, cam back out and put SSAO back to the defaults and turn off GI for a better frame rate. Thats a powerful idea, is there a new feature JIRA for this on the LL pJIRA currenty? if not could I kindly ask you to create one for it and post the issue number back here. The problem comes is its not just a case of updating the gSavedSettings with new values (which would be very easy to do in the way you have described). Many of the settings need applying in some way to push the correct values to the correct place, many of the debug settings would just work but some would not and thats where the work for this feature would start, but i do like where you are comming from with this. Robin ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
On Sun, 22 Aug 2010 10:36:18 +0100, Robin Cornelius robin.cornel...@gmail.com wrote: On Sun, Aug 22, 2010 at 10:09 AM, leliel leliel.mir...@gmail.com wrote: On Sun, Aug 22, 2010 at 12:09 AM, Miro Collas miro.col...@gmail.com wrote: That's what I referring to, the command line commands. VERY handy! And dd is one I use a great deal. btw, recent Kirstens releases handily embed the draw distance slider into the 2.x menu upper bar. /set RenderFarClip 128 /set RenderVolumeLODFactor 2.0 /set WindLightUseAtmosShaders 0 With a system like this you could change any setting on the fly without ever having to open the UI which would be great for filming machinima. Cam into a building and turn on global illumination and crank up the SSAO settings for deep highlights, cam back out and put SSAO back to the defaults and turn off GI for a better frame rate. Thats a powerful idea, is there a new feature JIRA for this on the LL pJIRA currenty? if not could I kindly ask you to create one for it and post the issue number back here. +1 I like a lot leliel's suggestion about Windlight control via commandline, especially because I guess that would evolve into gestures = tradeable assets (correct?) Opensource Obscure ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
I like a lot leliel's suggestion about Windlight control via commandline, especially because I guess that would evolve into gestures = tradeable assets (correct?) Assuming that everyone using that gesture has the same windlight prefs installed, probably yes. That's also assuming that the currently used windlight pref can be se via debug settimngs -Martin ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
On Sun, Aug 22, 2010 at 2:36 AM, Robin Cornelius robin.cornel...@gmail.com wrote: Thats a powerful idea, is there a new feature JIRA for this on the LL pJIRA currenty? if not could I kindly ask you to create one for it and post the issue number back here. http://jira.secondlife.com/browse/VWR-20887 The problem comes is its not just a case of updating the gSavedSettings with new values (which would be very easy to do in the way you have described). Many of the settings need applying in some way to push the correct values to the correct place, many of the debug settings would just work but some would not and thats where the work for this feature would start, but i do like where you are comming from with this. One thing I'd like to happen before this feature is implemented is to clean up the debug settings name space. There are too many settings with random, nonsensical names. I suppose we could copy id and put everything having to do with rendering under r_ and everything for the UI under ui_ and so on. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Login Pic
On 08/22/2010 10:09 AM, a...@skyhighway.com wrote: So, is it fixable? Yes, but the proper fix would be server side, so we volunteers can't do it. (Except we would create our own login page altogether and point the viewer at that. Dunno how good an idea that would be.) Is there some way to change the Snowglobe login channel? Yes, see the |--channel| option on the Viewer parameters http://wiki.secondlife.com/wiki/Viewer_parameters page. For third party viewers (shouldn't apply to Snowglobe, just mentioning it for completeness), please be aware of the Channel and Version Requirements https://wiki.secondlife.com/wiki/Channel_and_Version_Requirements imposed by the TPV policy http://secondlife.com/corporate/tpv.php. Or can the server be configured to respond to the channel Snowglobe already has? I certainly assume so. I don't know how much work that'd be for LL, though, but I guess it can't be very much. Or is this just something Snowglobe users should not care about? These little things are important, especially if they have relatively easy fixes. Of course this on here doesn't significantly affect usability, but it does have influence on the overall impression. Even although Snowstorm might now have priority, this issue should be fixed. (I thought I'd have seen a JIRA issue about this some time ago, but can't seem to find it again.) cheers Boroondas ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
I hate replying to a policy thread here but will make this one time exception for my humble input for LL's consideration: What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login. This simple policy, if correctly followed, would have prevented the incident. It would also eliminate a tpv team from monitoring logins and usage but then where exactly did they get to do that in the first place? It is a missed policy bullet. There is no reason a client should connect to anything except an LL server when an LL grid is selected. LL needs to be totally security conscious about the login process and what rigid requirements must be met for connecting to the LL grids. I.e.; I watch my port activity. Everyone should. But not everyone would know what they are looking at. But had they been watching I bet they would have been wanting to know what all those connections to that host were all about right away. Had I been using Emerald and saw thirty something connections to iheartanime dot com appear I would have been raising hell immediately. What you connect to on the internet can be and is monitored sometimes and being open to forced connections to something really bad would be extremely unfortunate for many that have tom be squeaky clean. I use Kirstens and I don't even care much for it's connection for motd. However it does tell me when the latest release is available and that is very useful information. Maybe there is a way for LL to provide motd bullets for tpvs so they can get the word out about updates or something. There has to be a better way. Regards Ann Otoole InSL From: Brian McGroarty s...@lindenlab.com To: Thomas Grimshaw t...@streamsense.net Cc: opensource-dev@lists.secondlife.com Sent: Sat, August 21, 2010 10:33:52 AM Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? On Sat, Aug 21, 2010 at 7:04 AM, Thomas Grimshaw t...@streamsense.net wrote: Loading 1mb of content per user is hardly a denial of service attack. Crosslinking occurs everywhere on the web, this is simply nothing but paranoid bull. Crosslinking drops the context of hiding gibberish requests to a critic's website in a hidden frame that will never be revealed to the user. This isn't a mere hyperlink to another page or naively stealing someone else's image hosting. My read (but I'm no lawyer) is that this looks like 2.d.iii of http://secondlife.com/corporate/tpv.php and we're already having that discussion. If anyone can come up with specific reasons why this might have had legitimate reason to be there, or how this one could be yet another oversight or mistake, that would be helpful. I sure haven't heard any to date. -- Brian McGroarty | Linden Lab Sent from my Newton MP2100 via acoustic coupler ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
[opensource-dev] SVN dead at LL?
In the subject really - is subversion just dead now? -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] SVN dead at LL?
On 08/22/2010 02:32 PM, Gareth Nelson wrote: In the subject really - is subversion just dead now? Define dead. The server is still up and running and I guess it'll stay like that for the foreseeable future. About the code hosted there, and the projects behind that: * I assume there will be no further source drops of *official viewer* code on SVN, as there are now public hg repositories for that purpose, first of all http://bitbucket.org/lindenlab/viewer-development * I assume the community committers still have write access, so *Snowglobe 1* might (and probably will, if necessary) still receive security fixes. There will probably not be any new features developed for Snowglobe 1. I don't know whether some Viewer 2 features will be backported. * Features of *Snowglobe 2* will be cherry picked into Snowstorm (lindenlab/viewer-development) if LL thinks they should be in the mainline viewer. It's unclear what happens with features that the community wants but LL doesn't. (For implemented ones, you'll probably be able to get them from the individual dev's repo. We aren't yet sure whether we also want to establish a common community repo for that purpose.) cheers Boroondas ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, Aug 22, 2010 at 1:22 PM, Ann Otoole missannoto...@yahoo.com wrote: What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login. This simple policy, if correctly followed, would have prevented the incident. It would also eliminate a tpv team from monitoring logins and usage but then where exactly did they get to do that in the first place? It also prevents third-party viewers from notifying users that updates are available, including security updates. Whole bunch of other stuff too - for example the official Second Life login screen doesn't actually work on unofficial viewers. Besides, both incidents like this and undisclosed monitoring of usage violate the TPV policy anyway (and at least one of Emerald's privacy issues didn't involve connecting to any non-LL server at all). Have you taken a look at Imprudence's Privacy Policy, for example (http://imprudenceviewer.org/wiki/Imprudence:Privacy_policy)? This is roughly the level of disclosure the policy calls for regarding data collection associated with viewer use (the information related to the website goes beyond what the policy requires). I assume Emerald has a similar page somewhere too. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] SVN dead at LL?
So basically, server is still up but no updates, that pretty much answers my question On Sun, Aug 22, 2010 at 2:05 PM, Boroondas Gupte slli...@boroon.dasgupta.ch wrote: On 08/22/2010 02:32 PM, Gareth Nelson wrote: In the subject really - is subversion just dead now? Define dead. The server is still up and running and I guess it'll stay like that for the foreseeable future. About the code hosted there, and the projects behind that: I assume there will be no further source drops of official viewer code on SVN, as there are now public hg repositories for that purpose, first of all http://bitbucket.org/lindenlab/viewer-development I assume the community committers still have write access, so Snowglobe 1 might (and probably will, if necessary) still receive security fixes. There will probably not be any new features developed for Snowglobe 1. I don't know whether some Viewer 2 features will be backported. Features of Snowglobe 2 will be cherry picked into Snowstorm (lindenlab/viewer-development) if LL thinks they should be in the mainline viewer. It's unclear what happens with features that the community wants but LL doesn't. (For implemented ones, you'll probably be able to get them from the individual dev's repo. We aren't yet sure whether we also want to establish a common community repo for that purpose.) cheers Boroondas ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
[opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sat, Aug 21, 2010 at 7:48 PM, Phox p...@modularsystems.sl wrote: (Since then, all additional metadata information has been removed from emkdu). The change in encryption was simply a result of inertia being able to decode the viewer window title information. It is my understanding that the emku was placing the hidden viewer window title information into the baked textures. So in one sentence you are saying the information was removed. And in the next you are saying it is still there just encrypted better so others cannot decode it and out you. Which is it? ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Found this morning, forgive me for not noting where, but it puts it in context: Anonymous said... Why did they do that? Well, you may recall that Emerald (more specifically the libemkdu library in it) was caught leaking personally-identifiable information about its users in an encrypted form that could be read by Emerald developers. They were then caught continuing to do so after the developers in question claimed the problem was fixed, just with stronger encryption that made it harder to prove. iheartanime.com is the website of the person who figured out how to decrypt the secret information they were leaking both times, and the website on which he publicised this issue. It's basically a vendatta attack against someone who revealed the Emerald developers had been up to no good. From: Simon Disk Sent: Sunday, August 22, 2010 9:47 AM To: Phox Cc: opensource-dev@lists.secondlife.com Subject: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? On Sat, Aug 21, 2010 at 7:48 PM, Phox p...@modularsystems.sl wrote: (Since then, all additional metadata information has been removed from emkdu). The change in encryption was simply a result of inertia being able to decode the viewer window title information. It is my understanding that the emku was placing the hidden viewer window title information into the baked textures. So in one sentence you are saying the information was removed. And in the next you are saying it is still there just encrypted better so others cannot decode it and out you. Which is it? ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
Please be careful not to screw up debug settings that must NOT be changed. Some are capital for the viewer to function normally, and would completely shut out users who don't know how to change them back offline, and to what. It would be easy to make a gesture that completely messes up your debug settings and to distribute it. I'd like to point out that the RLV has been controlling all the windlight settings and a couple debug settings for two years now, through scripts, and it works well. I took the whitelist approach to the debug settings precisely for the reason I explained above, and it can't modify anything else so the user is safe. Marine On 22 August 2010 16:38, Morgaine morgaine.din...@googlemail.com wrote: On Sun, Aug 22, 2010 at 7:01 AM, leliel leliel.mir...@gmail.com wrote: /set debugvar value +1 lelie This symmetrical handling for all parameters is far superior to defining abbreviations for each one, and it is inherently extensible as the set of parameters grows. I support this. Morgaine. On Sun, Aug 22, 2010 at 7:01 AM, leliel leliel.mir...@gmail.com wrote: On Sat, Aug 21, 2010 at 9:36 PM, Miro Collas miro.col...@gmail.comwrote: How about bbeing able to just type it in? Why a slider, or mouse wheel, which is inaccurate? How about being able to type it in chat? Instead of a one off thing just for the draw distance, I'd rather we had a general command input system similar to the console on id's games. So since we use /# for the channel and /me for emotes how about /set for setting debug variables with the following syntax. /set debugvar value Where value is one of bool, integer, float, or a vector using the lsl style of 0.0, 0.0, 0.0. With tab line completion of course. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Hi Ann, You suggested: * What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login.* I'd change that to require that any TPV *disclose* the specifics of any and all non-LL servers that they are connecting to, and the details of why they are doing so. Otherwise, some of the possible value-added functionality gets crippled. The real issue here is the TPVP is just legal CYA for LL, it's not something they actually monitor or enforce. There is no assurance being provided by LL or by the TPV developer, that they have any sense of reasonable security, including processes that limit rogue devs from pulling the kind of stunts that the Emerald team seem to favor. If the TPVP really matters, we'll see Emerald shut down from the TPVP program, because of this accumulated nonsense. If not, then it confirms that it's all just a paper chase. Regards, - JB On Sun, Aug 22, 2010 at 8:22 AM, Ann Otoole missannoto...@yahoo.com wrote: I hate replying to a policy thread here but will make this one time exception for my humble input for LL's consideration: What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login. This simple policy, if correctly followed, would have prevented the incident. It would also eliminate a tpv team from monitoring logins and usage but then where exactly did they get to do that in the first place? It is a missed policy bullet. There is no reason a client should connect to anything except an LL server when an LL grid is selected. LL needs to be totally security conscious about the login process and what rigid requirements must be met for connecting to the LL grids. I.e.; I watch my port activity. Everyone should. But not everyone would know what they are looking at. But had they been watching I bet they would have been wanting to know what all those connections to that host were all about right away. Had I been using Emerald and saw thirty something connections to iheartanime dot com appear I would have been raising hell immediately. What you connect to on the internet can be and is monitored sometimes and being open to forced connections to something really bad would be extremely unfortunate for many that have tom be squeaky clean. I use Kirstens and I don't even care much for it's connection for motd. However it does tell me when the latest release is available and that is very useful information. Maybe there is a way for LL to provide motd bullets for tpvs so they can get the word out about updates or something. There has to be a better way. Regards Ann Otoole InSL -- *From:* Brian McGroarty s...@lindenlab.com *To:* Thomas Grimshaw t...@streamsense.net *Cc:* opensource-dev@lists.secondlife.com *Sent:* Sat, August 21, 2010 10:33:52 AM *Subject:* Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? On Sat, Aug 21, 2010 at 7:04 AM, Thomas Grimshaw t...@streamsense.net wrote: Loading 1mb of content per user is hardly a denial of service attack. Crosslinking occurs everywhere on the web, this is simply nothing but paranoid bull. Crosslinking drops the context of hiding gibberish requests to a critic's website in a hidden frame that will never be revealed to the user. This isn't a mere hyperlink to another page or naively stealing someone else's image hosting. My read (but I'm no lawyer) is that this looks like 2.d.iii of http://secondlife.com/corporate/tpv.php and we're already having that discussion. If anyone can come up with specific reasons why this might have had legitimate reason to be there, or how this one could be yet another oversight or mistake, that would be helpful. I sure haven't heard any to date. -- Brian McGroarty | Linden Lab Sent from my Newton MP2100 via acoustic coupler ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Being listed in the directory is a sign that viewer devs have self-certified compliance, but it's also an unconcious sign to users that the viewer is legit, even if not intended. On Sun, Aug 22, 2010 at 3:56 PM, JB Hancroft jbhancr...@gmail.com wrote: Hi Ann, You suggested: What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login. I'd change that to require that any TPV disclose the specifics of any and all non-LL servers that they are connecting to, and the details of why they are doing so. Otherwise, some of the possible value-added functionality gets crippled. The real issue here is the TPVP is just legal CYA for LL, it's not something they actually monitor or enforce. There is no assurance being provided by LL or by the TPV developer, that they have any sense of reasonable security, including processes that limit rogue devs from pulling the kind of stunts that the Emerald team seem to favor. If the TPVP really matters, we'll see Emerald shut down from the TPVP program, because of this accumulated nonsense. If not, then it confirms that it's all just a paper chase. Regards, - JB On Sun, Aug 22, 2010 at 8:22 AM, Ann Otoole missannoto...@yahoo.com wrote: I hate replying to a policy thread here but will make this one time exception for my humble input for LL's consideration: What I think LL should consider is something in the TPV policy that prohibits any tpv from connecting to any non LL server for any reason when a LL grid is selected for login. This simple policy, if correctly followed, would have prevented the incident. It would also eliminate a tpv team from monitoring logins and usage but then where exactly did they get to do that in the first place? It is a missed policy bullet. There is no reason a client should connect to anything except an LL server when an LL grid is selected. LL needs to be totally security conscious about the login process and what rigid requirements must be met for connecting to the LL grids. I.e.; I watch my port activity. Everyone should. But not everyone would know what they are looking at. But had they been watching I bet they would have been wanting to know what all those connections to that host were all about right away. Had I been using Emerald and saw thirty something connections to iheartanime dot com appear I would have been raising hell immediately. What you connect to on the internet can be and is monitored sometimes and being open to forced connections to something really bad would be extremely unfortunate for many that have tom be squeaky clean. I use Kirstens and I don't even care much for it's connection for motd. However it does tell me when the latest release is available and that is very useful information. Maybe there is a way for LL to provide motd bullets for tpvs so they can get the word out about updates or something. There has to be a better way. Regards Ann Otoole InSL From: Brian McGroarty s...@lindenlab.com To: Thomas Grimshaw t...@streamsense.net Cc: opensource-dev@lists.secondlife.com Sent: Sat, August 21, 2010 10:33:52 AM Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? On Sat, Aug 21, 2010 at 7:04 AM, Thomas Grimshaw t...@streamsense.net wrote: Loading 1mb of content per user is hardly a denial of service attack. Crosslinking occurs everywhere on the web, this is simply nothing but paranoid bull. Crosslinking drops the context of hiding gibberish requests to a critic's website in a hidden frame that will never be revealed to the user. This isn't a mere hyperlink to another page or naively stealing someone else's image hosting. My read (but I'm no lawyer) is that this looks like 2.d.iii of http://secondlife.com/corporate/tpv.php and we're already having that discussion. If anyone can come up with specific reasons why this might have had legitimate reason to be there, or how this one could be yet another oversight or mistake, that would be helpful. I sure haven't heard any to date. -- Brian McGroarty | Linden Lab Sent from my Newton MP2100 via acoustic coupler ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting
Re: [opensource-dev] Draw Distance
related line of thought: how much faster could the viewer be if every single of these do not change this ever settings was replaced with a #define in a central include file? or in other words, what is the cpu cycle penalty for a SavedSettings.getBOOL() and the others? bye, LC Am Sunday 22 August 2010 schrieb Lance Corrimal: Am Sunday 22 August 2010 schrieb Marine Kelley: Please be careful not to screw up debug settings that must NOT be changed. Some are capital for the viewer to function normally [...] could someone please elaborate on why those settings even exist and are changeable? i mean, basically, a debug setting is nothing other than an entry in the global settings.xml file. According to my understanding of what marine points out, seetting certain of these to other than the default values will render the client unusable... then why on earth are these changeable settings at all, instead of #define lines directly in the source??? or, at least, autogenerated variables in the source, instead of something that users can f'ck with? bye, LC ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
On 2010-08-22, at 10:14, Lance Corrimal wrote: Am Sunday 22 August 2010 schrieb Marine Kelley: Please be careful not to screw up debug settings that must NOT be changed. Some are capital for the viewer to function normally [...] could someone please elaborate on why those settings even exist and are changeable? Some of them can be changed, but only if you know exactly what you're doing. They're in the advanced debug settings list because they're there for the people who DO know exactly what they're doing. Some used to be meaningful but are no longer sensible to change. Some are there for cases when you DO want the viewer to function abnormally... for example changing port numbers. There really needs to be a not so advanced advanced debug subset that could then be exported via a /set option. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, Aug 22, 2010 at 10:56 AM, JB Hancroft jbhancr...@gmail.com wrote: If the TPVP really matters, we'll see Emerald shut down from the TPVP program, because of this accumulated nonsense. If not, then it confirms that it's all just a paper chase. actually lets see whats going on here 1 the whole texture thing was due to the viewers install folder being baked into textures IF THIS IS LEFT AS DEFAULT then very little info is actually given the problem is some folks were doing installs into their own home folder (somebody did not account for that) 2 the whole login screen edit was mostly the person in question err being drunk at the time and not going back to fix/revert his editing (btw he is in fact stepping down and surrendering the domain) I would say that since 1 the problems are being fixed 2 former lindens (from the recent Night of Glass set of layoffs) are now being hired as part of the E-Team this is a closed issue -- Robert L Martin Phox whenish is the next beta coming out and is 2439 being blocked?? ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
this has been put many ways and this is the clearest it can be put. FC quits, hands off to Arabella (read the sandbox dialogs to gauge her reliability), FC creates new account with new name, make some meaningless webserver changes, FC comes back with a new name, lather/rinse/repeat. They have proved that they can not be trusted. I love deadlines. I like the whooshing sound they make as they fly by Douglas Adams On Sun, Aug 22, 2010 at 12:20 PM, Robert Martin robertl...@gmail.comwrote: On Sun, Aug 22, 2010 at 10:56 AM, JB Hancroft jbhancr...@gmail.com wrote: If the TPVP really matters, we'll see Emerald shut down from the TPVP program, because of this accumulated nonsense. If not, then it confirms that it's all just a paper chase. actually lets see whats going on here 1 the whole texture thing was due to the viewers install folder being baked into textures IF THIS IS LEFT AS DEFAULT then very little info is actually given the problem is some folks were doing installs into their own home folder (somebody did not account for that) 2 the whole login screen edit was mostly the person in question err being drunk at the time and not going back to fix/revert his editing (btw he is in fact stepping down and surrendering the domain) I would say that since 1 the problems are being fixed 2 former lindens (from the recent Night of Glass set of layoffs) are now being hired as part of the E-Team this is a closed issue -- Robert L Martin Phox whenish is the next beta coming out and is 2439 being blocked?? ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Fractured has stepped down and out of the Emerald picture http://blog.modularsystems.sl/2010/08/22/emerald-off-with-his-head/ But it is painfully obvious that the comments are being heavily moderated and I know that neither of mine have gotten through. The Phox is still in the hen house and it is going to take much more then this token response to restore confidence. Anyone watching the videos and listening to their voices can see that a complete reorganization needs to be done and transparency demonstrated and verified. I hope that the upper echelons of Linden Lab are not fooled by the blog post and instead demand that more action be taken. At the bare minimum, they need to be delisted until real change has been shown. Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Jesse Barnett ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
oh.. what this mean? we cant use emerald anymore? On 22/08/2010 2:01 PM, Lance Corrimal wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnettjess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- AnSky Grid is fun enjoy with community AnSky Grid http://www.ansky.ca ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
As they shouldn't be! Although one does wonder whether users are now at risk of being banned if they keep using it On Sun, Aug 22, 2010 at 7:01 PM, Lance Corrimal lance.corri...@eregion.de wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
They may be waiting to make a formal announcement before they pull the plug on the viewer- didn't they make a policy of not allowing any viewer to connect that wasn't on the list? I think so- -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 2:50 PM To: Lance Corrimal lance.corri...@eregion.de Cc: opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As they shouldn't be! Although one does wonder whether users are now at risk of being banned if they keep using it On Sun, Aug 22, 2010 at 7:01 PM, Lance Corrimal lance.corri...@eregion.de wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. On Sun, Aug 22, 2010 at 8:54 PM, Will wdema...@verizon.net wrote: hmm ok I may be wrong but remember a rush to update viewers from the approved list, didn't look over my shoulder and just for good housekeeping I don't venture from approved viewers. Seriously hope you are wrong or there will be little to no control over who gets to connect. -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 3:25 PM To: Will wdema...@verizon.net Cc: Lance Corrimal lance.corri...@eregion.de; opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As I understand it, you don't need to be in the list, just comply with the policy. On Sun, Aug 22, 2010 at 8:19 PM, Will wdema...@verizon.net wrote: They may be waiting to make a formal announcement before they pull the plug on the viewer- didn't they make a policy of not allowing any viewer to connect that wasn't on the list? I think so- -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 2:50 PM To: Lance Corrimal lance.corri...@eregion.de Cc: opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As they shouldn't be! Although one does wonder whether users are now at risk of being banned if they keep using it On Sun, Aug 22, 2010 at 7:01 PM, Lance Corrimal lance.corri...@eregion.de wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, 22 Aug 2010 21:10:00 +0100 Gareth Nelson gar...@garethnelson.com wrote: There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. wait... TPV listing is based on volunteer action, somebody can develop a viewer (maybe TPV compliant) and don't ask to be listed in the directory but in term of service at point 7 all resident accept to use only approved viewer to connect to Linden Grid (and if they login a time they must approve it) ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, 22 Aug 2010 15:30:55 -0500 Brandon Husbands xot...@gmail.com wrote: As a X-emerald Dev (I am Dimentox) Most of the stuff people are saying that is going on or has gone on.. Most of the other devs had no idea. We just did our parts to make the viewer better. I left due to the fact that i did not have time to continue to work on the project. Unfortunately a few bad seeds ruin the apple. emerald *is* a TPV compliant viewer, but isn't listed this is a grey zone in ToS and TPV policy... not an dev-emerald fault ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, 22 Aug 2010 21:10:00 +0100, Gareth Nelson wrote: There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. Which is a non-sence. Quoting the TPV policy: 6. The Viewer Directory and Self-Certification We created the Viewer Directory to help promote awareness of Third-Party Viewers within the Second Life community. Unlike the other sections of this Policy, participation in the Viewer Directory is currently not a requirement for connecting to Second Life. So, the viewer directory is just a promotion tool. Also, having a viewer listed in the directory is in no way a guarantee, since LL clearly disclaims it; still quoting the TPV policy. 6.c. The Viewer Directory is a self-certification program. Linden Lab does not represent or warrant any independent testing or verification of compliance of any application listed in the Viewer Directory. We disclaim all liability associated with applications in the Viewer Directory. And the 3rd paragraph of the forewords of the directory itself: .../... However, because third-party viewers are not our viewers, we cannot guarantee that they will follow our rules. You are responsible for evaluating whether you want to use and share information with them. As you can see, being listed in the directory means nothing, and not being listed means nothing either as far as the safety of the viewer goes. I myself didn't list the Cool VL Viewer, not because it would not be TPV policy compliant (it is, 100%), but because Linden Lab requires private data about me that I won't disclose so to protect my privacy and anonimity in SL. Henri. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Then this is confusing, to be listed you have to within the policy approved for lack of a better word: Someone please clarify- If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. To me it sounds like any viewer not on the list is not approved and that means by their own statement it will not be allowed to connect. -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 4:10 PM To: Will wdema...@verizon.net Cc: Lance Corrimal lance.corri...@eregion.de; opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. On Sun, Aug 22, 2010 at 8:54 PM, Will wdema...@verizon.net wrote: hmm ok I may be wrong but remember a rush to update viewers from the approved list, didn't look over my shoulder and just for good housekeeping I don't venture from approved viewers. Seriously hope you are wrong or there will be little to no control over who gets to connect. -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 3:25 PM To: Will wdema...@verizon.net Cc: Lance Corrimal lance.corri...@eregion.de; opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As I understand it, you don't need to be in the list, just comply with the policy. On Sun, Aug 22, 2010 at 8:19 PM, Will wdema...@verizon.net wrote: They may be waiting to make a formal announcement before they pull the plug on the viewer- didn't they make a policy of not allowing any viewer to connect that wasn't on the list? I think so- -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 2:50 PM To: Lance Corrimal lance.corri...@eregion.de Cc: opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As they shouldn't be! Although one does wonder whether users are now at risk of being banned if they keep using it On Sun, Aug 22, 2010 at 7:01 PM, Lance Corrimal lance.corri...@eregion.de wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
On Sun, 22 Aug 2010 22:40:26 +0200 Henri Beauchamp sl...@free.fr wrote: There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. Which is a non-sence. sorry cannot see the no-sense, The non-sense is about LL saying be wary of viewers not listed in this directory (while the TPV policy clealy states that to be compliant, a viewer does NOT need to be listed in the directory) and then we can't give you any guarantee for the viewer listed in this directory. again... is a self-certification, you may be listen submitting your data, but linden cannot guarantee you say the true :) if else isn't a self-certification ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Login Pic
I don't know. If in doubt, search the string (or parts of it, in case it gets constructed on-the-fly) in the config files and edit it there. If that too doesn't help, search it in the source. Probably creators of TPVs can tell you more, as they have to handle that issue anyway. cheers Boroondas On 08/22/2010 09:18 PM, a...@skyhighway.com wrote: Thanks for the info! But, can you tell me what string i should use for the --channel argument? i've tried quite a few different values, including leaving it off the way my stock SL 1.23 installation has it, but never get the login pic. i'm guessing that when the --channel spec is left out it the built-in default it uses is the wrong one. Does it have some override authority built into it as well? Thx!! - AK (Aklo Modan) On 08/22/2010 10:09 AM, a...@skyhighway.com wrote: So, is it fixable? Yes, but the proper fix would be server side, so we volunteers can't do it. (Except we would create our own login page altogether and point the viewer at that. Dunno how good an idea that would be.) Is there some way to change the Snowglobe login channel? Yes, see the --channel option on the Viewer parameters page. For third party viewers (shouldn't apply to Snowglobe, just mentioning it for completeness), please be aware of the Channel and Version Requirements imposed by the TPV policy. Or can the server be configured to respond to the channel Snowglobe already has? I certainly assume so. I don't know how much work that'd be for LL, though, but I guess it can't be very much. Or is this just something Snowglobe users should not care about? These little things are important, especially if they have relatively easy fixes. Of course this on here doesn't significantly affect usability, but it does have influence on the overall impression. Even although Snowstorm might now have priority, this issue should be fixed. (I thought I'd have seen a JIRA issue about this some time ago, but can't seem to find it again.) cheers Boroondas ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
I was hoping for something first hand - like a post by her or some other member of the Emerald team. Sorry, but so many things have been written that are not supported by evidence. Like videos of chats logs: text can be altered so that's hardly reliable, solid evidence of anything. On 08/22/2010 05:16 PM, Michael Daniel wrote: Confirmed by Paisley Beebe, a talk show host: http://tonightlivewithpaisleybeebe.com/ Should be a good show tonight. I'm actually looking forward to hearing what Rose Borchovski has to say more than whatever BS the Emerald team cooks up. ~Bubblesort Triskaidekaphobia == Miro Dollas wrote: Do you have a cite for that, Tateru? Not saying it is false, I'd just like to see it in context if possible. On 08/22/2010 01:38 PM, Tateru Nino wrote: / Arabella has also resigned. // // On 23/08/2010 3:32 AM, Jesse Barnett wrote: // Fractured has stepped down and out of the Emerald picture // // http://blog.modularsystems.sl/2010/08/22/emerald-off-with-his-head/ // // But it is painfully obvious that the comments are being heavily // moderated and I know that neither of mine have gotten through. // // The Phox is still in the hen house and it is going to take much more // then this token response to restore confidence. Anyone watching the // videos and listening to their voices can see that a complete // reorganization needs to be done and transparency demonstrated and // verified. // // I hope that the upper echelons of Linden Lab are not fooled by the // blog post and instead demand that more action be taken. At the bare // minimum, they need to be delisted until real change has been shown. // // Ignoring this and giving the all clear with no other action taken on // the part of Linden Lab will instead demonstrate that the TPV is a // worthless scrap of paper. // // Jesse Barnett // // // ___ // Policies and (un)subscribe information available here: // http://wiki.secondlife.com/wiki/OpenSource-Dev // Please read the policies before posting to keep unmoderated posting privileges // // -- // Tateru Nino // Contributing Editorhttp://massively.com/ / ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
As a X-emerald Dev (I am Dimentox) Most of the stuff people are saying that is going on or has gone on.. Most of the other devs had no idea. We just did our parts to make the viewer better. I left due to the fact that i did not have time to continue to work on the project. Unfortunately a few bad seeds ruin the apple. On Sun, Aug 22, 2010 at 3:20 PM, Will wdema...@verizon.net wrote: Then this is confusing, to be listed you have to within the policy approved for lack of a better word: Someone please clarify- If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. To me it sounds like any viewer not on the list is not approved and that means by their own statement it will not be allowed to connect. -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 4:10 PM To: Will wdema...@verizon.net Cc: Lance Corrimal lance.corri...@eregion.de; opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? There isn't anything in the policy itself which says you must be listed, there is however a note on the directory page warning users to be wary of unlisted viewers. On Sun, Aug 22, 2010 at 8:54 PM, Will wdema...@verizon.net wrote: hmm ok I may be wrong but remember a rush to update viewers from the approved list, didn't look over my shoulder and just for good housekeeping I don't venture from approved viewers. Seriously hope you are wrong or there will be little to no control over who gets to connect. -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 3:25 PM To: Will wdema...@verizon.net Cc: Lance Corrimal lance.corri...@eregion.de; opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As I understand it, you don't need to be in the list, just comply with the policy. On Sun, Aug 22, 2010 at 8:19 PM, Will wdema...@verizon.net wrote: They may be waiting to make a formal announcement before they pull the plug on the viewer- didn't they make a policy of not allowing any viewer to connect that wasn't on the list? I think so- -- From: Gareth Nelson gar...@garethnelson.com Sent: Sunday, August 22, 2010 2:50 PM To: Lance Corrimal lance.corri...@eregion.de Cc: opensource-dev@lists.secondlife.com Subject: Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything? As they shouldn't be! Although one does wonder whether users are now at risk of being banned if they keep using it On Sun, Aug 22, 2010 at 7:01 PM, Lance Corrimal lance.corri...@eregion.de wrote: Am Sunday 22 August 2010 schrieb L. Christopher Bird: On Sun, Aug 22, 2010 at 11:32 AM, Jesse Barnett jess...@gmail.com wrote: Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Correction, it only exist on paper if printed. The proper phrase is a worthless configuration of pixels The TPVP makes it clear what the consequences are for breaking the policy. 8c says: If a Third-Party Viewer or your use or distribution of it violates this Policy or any Linden Lab policy, your permission to access Second Life using the Third-Party Viewer shall terminate automatically. You acknowledge and agree that we may require you to stop using or distributing a Third-Party Viewer for accessing Second Life if we determine that there is a violation. So either the lab will enforce this, or they will say Well you are so popular you can screw around all you want. Is Emerald the viewer too big to fail? -- ZenMondo I just looked and emerald's not in the tpv directory anymore. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going to print more printers. Lots more printers. One for everyone. That’s worth going to jail for. That’s worth anything.” - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- “Lanie, I’m going
Re: [opensource-dev] RenderVolumeLODfactor (branch from Draw Distance)
On Sun, Aug 22, 2010 at 7:48 AM, Trilo Byte trilobyte5...@gmail.com wrote: Actually, it would be nice if RenderVolumeLODfactor could either persist from one version to the next (instead of getting reset with everey new version installation), or be set based on GPU detection. Put it in the settings_per_account.xml file. I imagine the default of 1.125 is based on class 0 (intel integrated graphics) but anybody using better than that can go to 2.0 at a bare minimum. More powerful GPU's can easily handle 4.0, and from my experience the ATI 4xxx series and above/nVidia 9xxx series and above can do 6.0. The default for class 1 and up is 2.0. On a side note, I've found that setting above 6.0 can have unexpected and unwanted results, most notably 'disappearing prims' with smaller sculpts (necklace chains, etc). That's because you're running into RenderMaxNodeSize. Having to manually jump into debug settings with every viewer release is a pain. If it could be auto-detected, that would save a lot of novice users from having to mess around in the Advanced/Debug menu I'll counter that by saying people shouldn't be making jewelery with 500,000 vertices. We need mesh uploads, if only so people can make necklaces that don't have more geometry data than half a sim. ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
i dont think emerald is TPV compliant. data mining, DDoS attacks, User data leakage. clearly they have violated not only the TOS but the TPV. so no emerald IS NOT TPV Compliant. On Sun, 22 Aug 2010 16:55:56 -0400, Altair Sythos Memo syt...@gmail.com wrote: On Sun, 22 Aug 2010 15:30:55 -0500 Brandon Husbands xot...@gmail.com wrote: As a X-emerald Dev (I am Dimentox) Most of the stuff people are saying that is going on or has gone on.. Most of the other devs had no idea. We just did our parts to make the viewer better. I left due to the fact that i did not have time to continue to work on the project. Unfortunately a few bad seeds ruin the apple. emerald *is* a TPV compliant viewer, but isn't listed this is a grey zone in ToS and TPV policy... not an dev-emerald fault ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] display names = the end of 1.x viewers?
On Sat, Aug 21, 2010 at 1:36 PM, Argent Stonecutter secret.arg...@gmail.com wrote: That's one thing Blue Mars does better. Your actual login identification is by an email address they don't share with anyone, so there's no collection of login names available for bulk attacks. I really wanted LL to add another layer ABOVE the account name, not BELOW it. :) This was considered when the Display Names feature was designed, and while this separation is not part of this work, there was care to make sure that it wasn't precluded either. Ideally, IMHO, there would be at least three names: (1) login identifier (used with password as login credential) (2) unique human readable identifier (3) casual conversational identifier Prior to Display Names, the Second Life (firstname, lastname) tuple was used as all three. Display Names separates (2) and (3), but (1) and (2) are still the same. I'm not sure if the work to do so is on anyone's backlog - I'm betting there's a PJIRA on it, though. Technically, it's much less code to touch than Display Names (since a login-only private credential would be used in far fewer places in the code than username or display names), but it would be mostly server-side so the community can't help much. Joshua ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Draw Distance
Marine Kelley a écrit : Please be careful not to screw up debug settings that must NOT be changed. Some are capital for the viewer to function normally, and would completely shut out users who don't know how to change them back offline, and to what. Wouldn't it be possible to have an argument default like this for example : /set debugvar default which would put back the debugvar to its default value ? ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
Yes she did. Here's the interview from treet.tv: http://treet.tv/people/gracer/blog/20100822/audio-excerpt-interview-arabella-and-jessica See also: http://blog.modularsystems.sl/2010/08/22/emerald-resurgence/ On 08/23/2010 12:17 AM, Tateru Nino wrote: Sure do. Although apparently she un-resigned shortly after, which I do not yet have a cite for. Still waking up. http://dwellonit.taterunino.net/2010/08/22/hijack-hijinks/ On 23/08/2010 5:49 AM, Miro Collas wrote: Do you have a cite for that, Tateru? Not saying it is false, I'd just like to see it in context if possible. On 08/22/2010 01:38 PM, Tateru Nino wrote: Arabella has also resigned. On 23/08/2010 3:32 AM, Jesse Barnett wrote: Fractured has stepped down and out of the Emerald picture http://blog.modularsystems.sl/2010/08/22/emerald-off-with-his-head/ But it is painfully obvious that the comments are being heavily moderated and I know that neither of mine have gotten through. The Phox is still in the hen house and it is going to take much more then this token response to restore confidence. Anyone watching the videos and listening to their voices can see that a complete reorganization needs to be done and transparency demonstrated and verified. I hope that the upper echelons of Linden Lab are not fooled by the blog post and instead demand that more action be taken. At the bare minimum, they need to be delisted until real change has been shown. Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Jesse Barnett ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- Tateru Nino Contributing Editorhttp://massively.com/ ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
Re: [opensource-dev] Malicious payloads in third-party viewers: is the policy worth anything?
And now, perhaps, we can get back to the important stuff, like the viewer itself. ;) On 23/08/2010 3:15 PM, Miro Collas wrote: Yes she did. Here's the interview from treet.tv: http://treet.tv/people/gracer/blog/20100822/audio-excerpt-interview-arabella-and-jessica See also: http://blog.modularsystems.sl/2010/08/22/emerald-resurgence/ On 08/23/2010 12:17 AM, Tateru Nino wrote: Sure do. Although apparently she un-resigned shortly after, which I do not yet have a cite for. Still waking up. http://dwellonit.taterunino.net/2010/08/22/hijack-hijinks/ On 23/08/2010 5:49 AM, Miro Collas wrote: Do you have a cite for that, Tateru? Not saying it is false, I'd just like to see it in context if possible. On 08/22/2010 01:38 PM, Tateru Nino wrote: Arabella has also resigned. On 23/08/2010 3:32 AM, Jesse Barnett wrote: Fractured has stepped down and out of the Emerald picture http://blog.modularsystems.sl/2010/08/22/emerald-off-with-his-head/ But it is painfully obvious that the comments are being heavily moderated and I know that neither of mine have gotten through. The Phox is still in the hen house and it is going to take much more then this token response to restore confidence. Anyone watching the videos and listening to their voices can see that a complete reorganization needs to be done and transparency demonstrated and verified. I hope that the upper echelons of Linden Lab are not fooled by the blog post and instead demand that more action be taken. At the bare minimum, they need to be delisted until real change has been shown. Ignoring this and giving the all clear with no other action taken on the part of Linden Lab will instead demonstrate that the TPV is a worthless scrap of paper. Jesse Barnett ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- Tateru Nino Contributing Editorhttp://massively.com/ ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges -- Tateru Nino http://dwellonit.taterunino.net/ ___ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges