While I understand the issue that people are banning based solely on
viewer ID, I don't see this as being a security issue. The client is
NOT being hacked, the information is just not as easy to access as it
is for a web browser.
I see the info bring gathered as nothing more than the user agent
st
This is clearly a security hole that is being exploited, so it should be fixed.
___
Policies and (un)subscribe information available here:
http://wiki.secondlife.com/wiki/OpenSource-Dev
Please read the policies before posting to keep unmoderated posting p
On 2010-05-02, at 17:01, Skills Hak wrote:
> The people with bad reviews are mostly copybotters who have been
> banned by the system and are coming up with crazy quicktime hack
> theories, Dekadance Mint isn't even in search any more.
You could eliminate the "crazy quicktime hack" theories if you
then what exactly does cds ban? if no clients? because as long as you only
use emerald or second life then you wont get banned by cds. if you start
dabbling on other clients you get banned. so what does cds ban if no
clients?
On Sun, 02 May 2010 19:01:19 -0300, Skills Hak
wrote:
> Um, ple
Tigro Spottystripes schrieb:
> AFAIK only LL (and someone intercepting network communications) knows
> what channel some client is using
Yes and no - it is also transmitted with the useragent of the build-in
webbrowser.
Armin
___
Policies and (un)subsc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
>From that chat log it seems the banning system in question (not CDS)
uses heuristics, it banned that person for using a rare client, unless
i've misunderstood what was said there.
On 2/5/2010 19:01, Skills Hak wrote:
> Um, please don't confuse this
Um, please don't confuse this incident with CDS which doesn't ban clients
arbitrarily, this seems to be about a similar system of a more
unscrupulous "competitor". There isn't even a copybot client with
Snowglobe 2.0.0
() (CommunityDeveloper) as base we are aware of, so not sure why
zFire Xue i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
AFAIK only LL (and someone intercepting network communications) knows
what channel some client is using
On 2/5/2010 18:42, Rob Nelson wrote:
> The only way to reliably detect a client is if the client sends an MD5
> hash of the executable to the log
The only way to reliably detect a client is if the client sends an MD5
hash of the executable to the login server, and that function was
removed ages ago from the login process due to ease of spoofing.
Requiring a unique login channel requires manual intervention to change
the login channel from t
as far as i can tell the detection is done by loading a url on the client.
the browser in the client loads the url which is a server side script that
rips apart the header of the post and searches for a certain part which
happens to be the name of the client. if the name of the client matches
On Sat, May 01, 2010 at 06:53:49PM -0400, Glen Canaday wrote:
> Though WHY anyone wouldn't want to come HERE to talk about client
> detection is far beyond my grasp. That's like AVG not wanting to talk to
> Microsoft.
Probably because it's a moronic asshole, who is only
interested in making mon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
according to Skill LL knows how the system works and has not taken any
measures to prevent it, which indicates they are ok with it
On 1/5/2010 18:50, Bryon Ruxton wrote:
> Is that thing really exploiting a quicktime hack?
> I.e. Trying to protect Co
My mistake. I was under the impression that anything not on the list
wasn't supposed to be able to get on agni. I must have read it wrong.
--GC
On 05/01/2010 09:50 PM, Maya Remblai wrote:
> Glen Canaday wrote:
>
>> [14:57] GC Continental: anything not on the TPV list as of yesterday
>> can't
Glen Canaday wrote:
> [14:57] GC Continental: anything not on the TPV list as of yesterday
> can't connect to the grid at all. This one does.
Just wanted to point out, that isn't true. The TPV list is merely for
advertisement, and an unlisted viewer can still connect. Cool SL and
Rainbow, for in
On 2010-05-01, at 17:53, Glen Canaday wrote:
> Me too, but I don't think it's against TOS. A sim owner can do what a
> sim owner wants, and if it's to trust client/copybot detection to an
> inworld device they didn't make themselves, that's not against the
> rules
> afaik. Of course, I'm complete
Me too, but I don't think it's against TOS. A sim owner can do what a
sim owner wants, and if it's to trust client/copybot detection to an
inworld device they didn't make themselves, that's not against the rules
afaik. Of course, I'm completely unaware of any method that's not going
to result i
On Sat, May 1, 2010 at 6:09 PM, Glen Canaday wrote:
>
> [15:05] GC Continental: Compile it yourself - use the svn sources
> [15:05] zFire Xue: but being that I have IDed Snowglobe over 2800 times
> with the system, and then there is you, and 2 others... it doesnt look
> good that you are such a ra
On 2010-05-01, at 16:50, Bryon Ruxton wrote:
> Is that thing really exploiting a quicktime hack?
> I.e. Trying to protect Computer Crimes Law by violating the very
> same laws.
Setting a media stream and looking at the query string isn't violating
any laws.
It's sleazy, and HTML on a prim wil
EDIT:
The rest of the conversation was actually very gracious. I do expect his
product not to be the only one to provide false positives.
He is checking into it to see how it could be changed to properly detect
unchanged clients - after now, it's likely going to be th beta grid for
any testing
Well OSS devs, be prepared to be banned by anyone using the redzone
thing even when using unpatched LL svn. Sorry to spam, but this type of
attitude is spreading, and I thought that *EVERYONE* on this list best know.
[14:54] zFire Xue: Your comming up as Community Developer
[14:55] zFire Xue: wh
Is that thing really exploiting a quicktime hack?
I.e. Trying to protect Computer Crimes Law by violating the very same laws.
If so, isn't that against the LL TOS and shouldn't it be taken down by LL?
The below reviews have me raising eyebrows...
https://www.xstreetsl.com/modules.php?name=Marketpl
I don't know if this store is (badly) detecting client versions/channels
through the media plugins' user agent strings, or if it's just that I didn't
move enough for their taste after teleporting. I went there with my test alt,
using Snowglobe 2.0.0 () Apr 22 2010 00:11:09 (CommunityDevelope
That's me on the list. You go in Snowglobe V2? My partner was also there
in Emerald and did not get banned - that's why I was asking about
client-based ban (and hence why I even brought it up on this list, even
though it's only on topic in a very cursory way).
--GC
On 05/01/2010 12:45 AM, And
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
there is Skill's CDS system
On 1/5/2010 01:45, Andromeda Quonset wrote:
> I went there. I saw a "GC Continental" was on the ban list for both
> of the sims. That was the closest I could find to you.
>
> I am not aware of there being any autobann
I went there. I saw a "GC Continental" was on the ban list for both
of the sims. That was the closest I could find to you.
I am not aware of there being any autobanners that ban by client that
any landowner or sim owner can use. I don't know of any way to
detect via script or estate or land
There are autobanners that ban by client, no? Full-sim, estate ban?
I'm on Snowglobe 2 and just got banned from both The Loft and The Loft
II; both are furniture store sims. Can someone TP there and test if they
get banned? If someone is banning by presence on the TPV list, then snow
needs to b
26 matches
Mail list logo
