Fleur Orchid

This was not really all that much of a shock to me lol. The thought did cross my mind that LL knew about it the whole time and is now busy trying to cover their collective asses. Oh and also my source tells me that Phox <3 aka loney bluebird aka ???? (scripted reg api makes this kinda limitless?!?!) and Skills Hak EDIT: & Discrete Dreamscape have all supposedly quit the Emerald Dev Team as part of LL's requirements. In light of this I must now say that LL removing Emerald from the tpv list was just a publicity stunt to try and calm the angry residents and keep us from leaving SL.

2010-03-18 16:41:57] Lonely <3: Speaking of which, has Fractured mentioned EmKDU/OnyxKDU to you at all?
[2010-03-18 16:42:12] Soft Linden: Nope
[2010-03-18 16:42:46] Soft Linden: We haven't talked much of late. I think he was annoyed that I offered to rename groups for the *Life viewers, after asking him to get clearance from Kyle for a group rename before
[2010-03-18 16:43:19] Lonely <3: Ah, well, we needed some way to identify people using our kakadu library, we came up with something really clever: The Emkdu variant encodes the window title into the j2c comment.
[2010-03-18 16:43:32] Soft Linden: Nice!!!
[2010-03-18 16:43:41] Lonely <3: The OnyxKDU variant contains the other end of the cipher, and an exported function to retrieve said comment.
[2010-03-18 16:43:44] Soft Linden: I'd figured that library would be the place to hide things. So it shows up in their baked texture.
[2010-03-18 16:44:07] Lonely <3: Yup, Linux variants encode 128 characters of the path, since window title depends on window manager etc.
[2010-03-18 16:44:27] Lonely <3: I've got it nicely tied in to the radar here, it's fun to see the various names I get when all I see on people is a shiny emerald tag.
[2010-03-18 16:44:45] Soft Linden: I'd look at other places you might store that. We were at least planning to start encoding some info there to help us with DMCA takedowns
[2010-03-18 16:44:56] Lonely <3: We caught the HXO/Sl Black edition creator that way.
[2010-03-18 16:45:11] Soft Linden: Does the jpeg2k format support arbitrary tag/value pairs?
[2010-03-18 16:45:12] Lonely <3: Hmm, well there are various places we could encode that.
[2010-03-18 16:45:21] Lonely <3: Yes
[2010-03-18 16:45:25] Lonely <3: At least I think it does
[2010-03-18 16:45:33] Soft Linden: You could make something misleading like "encode parms" or w/e
[2010-03-18 16:46:38] Lonely <3: Unless someone starts poking at it with a disassembler all they'll find is a string of mixed printable and unprintable characters in the comment.
[2010-03-18 16:47:18] Lonely <3: We figured it was a good way to keep track of who's using the proprietary library without a license, not to mention identifying those viewers that want to hide, which is always a goal.
[2010-03-18 16:47:29] Soft Linden: :3
[2010-03-18 16:47:33] Soft Linden: I love that you guys are doing this
[2010-03-18 16:47:55] Lonely <3: Saves you guys some work I guess.
[2010-03-18 16:49:01] Soft Linden: I'd also be inclined to get the end of the path for Windows & Mac builds too. Odds are people are going to rename the viewer filename, even if they don't change the window title, etc
[2010-03-18 16:49:12] Lonely <3: Yeah that's what I said >_>
[2010-03-18 16:49:15] Soft Linden: just w/e is in **argv
[2010-03-18 16:49:19] Lonely <3: Zwagoth and Fractured wanted the window title.
[2010-03-18 16:49:19] Soft Linden: I thought you said you just did it on Linux?
[2010-03-18 16:49:27] Soft Linden: Gotcha.
[2010-03-18 16:49:32] Soft Linden: Yeah, I'd shoot for both.
[2010-03-18 16:49:35] Lonely <3: Only because linux doesn't offer a single function to grab the window title in all window managers.
[2010-03-18 16:49:55] Lonely <3: Yeah I know the path is more useful.



[2010-03-25 16:35:40] You sense a disturbance in the force... (Soft Linden is typing)
[2010-03-25 16:35:51] Soft Linden: Are the marked textures in the current release version?
[2010-03-25 16:36:01] Lonely <3: Yes
[2010-03-25 16:36:06] Soft Linden thumbsup
[2010-03-25 16:36:27] Lonely <3: After we spoke I decided to make a bit of a change to kdu
[2010-03-25 16:37:40] Lonely <3: I made it check the top corner of the image for transparent pixels, if it finds any it encodes the folder name like the linux lib originally did.
[2010-03-25 16:37:50] Lonely <3: If not it encodes the window title.
[2010-03-25 16:38:28] Soft Linden: ah cool hack :3
[2010-03-25 16:38:56] Lonely <3: That hasn't been released yet, but it can go out at any time since the pack is seperate from the binary.
[2010-03-25 16:39:00] Soft Linden: the transparent pixels specifically - last I knew you were only doing the meta tag
[2010-03-25 16:39:04] Lonely <3: We are
[2010-03-25 16:39:08] Lonely <3: Just the image comment
[2010-03-25 16:39:14] Soft Linden: right

Talwyn Mills

Was Soft Linden one of the ones that got the boot from the lab? After a violation of trust like that, he sure as hell should be.

__________________

Kate M.

Oh man, that is some incriminating shit right there. Thanks for posting

Fleur Orchid

Not according to his profile

Kate M.

He's still at the lab.

Tya

i dont get it. call me stupid

Ann Otoole

Khamon

The explanation is pretty straightforward Tya. Linden Lab have never been concerned about your security. They've covered their collective butt legally; but you've always been dealing with a bunch of young-to-middle-aged script kiddy types that thoroughly glorify bots and cracks and griefers and hacks. The lot of them don't care one wit, beyond what might land them in jail, if users export your builds, or sell copies of your wares, or launder money through your business, or screw pixel representation of children on "your" land.


View Linden Lab as a middle-school classroom full of thirteen-year-olds planning a fashion show. Get it?

__________________
I'd rather be playing Minecraft.

"Not only should you learn to be more precise in your choice of words, you should learn to pay attention to others words too. That way you can reply to actual posts and not the fictional ones in your head" - Myf

Camille Serpentine

Chat logs can be altered so I'm not sure I trust this one or the person you got it from since "<3" isn't a Linden name and you are unsure of who the other person is.

Kate M.

Camille, Phox and Jay discovered a way to hack lats names into whatever they wanted. They actually made a group to sell this hack to people who would shell out for it. If anything, it makes the chatlog more believable.

Fleur Orchid

phox <3 is a nametag hack that LL has since fixed.
I am told this information has been sent BY phox to Alphaville Herald in response to the recent articles.

So, no, I'm not "unsure" of who anybody is.

Misty Harley

Unless it was done through another messenger service...would that last name be possible if that were the case?

I'm also not going to say that LL actually knew what Soft was doing, if indeed...this is a true chat log. It may have been underneath their radar. I dunno....what I do know is this certainly adds a lovely new twist to the game.

Whole thing makes me scratch my head.

Jesse Barnett

???????

Soft reads a stream feed from this forum and Phox is aware of that. It would be kind of stupid to post an altered chat log at this point in time.

Free Xue

Alternative SL Clients - SLUniverse Forums

Please, for the love of Isis, can we start using that for Emerald-related drama?

__________________
Single people should be allowed the right to marry[/controversial!]

Ann Otoole

I just gotta ask. Soft is the one that has his job. Not any of rest of the internet. Does anyone think LL actually cares what anyone here thinks? lol

If someone seeks soft::fail they are going to have to do it a very different way lol.

Innula Zenovka

Or at least keep things in the same thread? We started talking about this over here, too -- Emerald falling back on LL's demands?

Fractured Crystal

Oh murr.

Kate M.

Hey Jay!

Joshua Nightshade

Oh look, someone took the child out of its crib.

__________________

Eva Ryan

Teh Dramaz iz tu much fer me.

__________________

ElyHynes Elysium

@EvaRyanSL is so FIC Humble follows her

Camille Serpentine

It's easy to cut and paste and alter.

Khamon

When did this thread become all about buying Ingrid's prefabs?

Fleur Orchid

Here is the full list of requirements from LL:

Emerald Project Team:

We have removed the Emerald viewer from our Third-Party Viewer Directory because of its multiple violations of our Policy on Third-Party Viewers.

Our Policy prohibits the intentional targeting of third-party sites as was done recently by the Emerald viewer’s login page. Specifically, the Policy prohibits the distribution of harmful functionality like denial of service attacks or griefing attacks. (TPVP section 2.d.iii)

Our Policy also requires a published privacy policy that specifically describes what user data the third-party viewer collects, stores, or uses, and how it uses, displays, or shares that data. (TPVP section 4.b.i).

The published privacy policy for the Emerald viewer does not disclose what user information the viewer collects. When it came to our attention that the Emerald viewer was collecting the installation path without stripping any user account names present in the path, and storing it in textures produced by the viewer’s graphics library wrapper, we asked that this code be altered to omit full directory paths. After assurances from Emerald developers (Lonely Bluebird) that the code would be altered, we were disappointed to learn that instead of stopping the practice of adding data to textures, the Emerald viewer code encrypted the data in order to obfuscate the data collection practices.

In addition to violating our Policy on Third-Party Viewers, these actions are significant breaches of the trust of the Second Life community. Please remedy these breaches immediately by taking the steps outlined below. Taking these steps is critical to providing transparency around Emerald’s viewer functionality and collection of user data, and to ensuring that the viewer complies with Linden Lab policies and the law. The steps alone do not, however, guarantee that the Emerald viewer will be readmitted to the Third-Party Viewer Directory.



Provide transparency in your development efforts to both the Second Life community and Linden Lab, including:
Use open mailing lists or forums for your developer communications.
Provide a publicly viewable source code repository.
Provide public code commit notices.
Demand accountability from each and every Emerald developer, including:
Require each committer to provide real-world identity information to Linden Lab as a signatory to the certification of compliance with the Third Party Viewer Policy.
End the participation of any developer who has deliberately violated Linden Lab policy or the law.
The Emerald viewer’s closed source emkdu library is not in compliance with the GPL. Bring all current and future versions of the Emerald viewer into compliance with the GPL by omitting emkdu. Use OpenJPEG or other GPL-compatible code.
Update your posted Privacy Policy for the Emerald viewer to specifically describe what user data has been collected or stored by any version of the Emerald viewer that may be used to log into Second Life. For all user data collected or stored, specifically describe in the policy how that user data has been used, displayed, or shared. If you wish to disable login of any versions of the Emerald viewer that may be collecting user data, please advise us immediately of the specific viewer versions.
Do not distribute any functionality that conceals information in Second Life assets, including through encryption or steganographic techniques, with the sole exception of information that LSL scripts produce or consume. We will be updating the Third-Party Viewer Policy shortly to clarify this requirement. Be sure to bring all current and future versions of the Emerald viewer into compliance with the requirement.
Please respond to this notice no later than this Friday, August 27 and confirm the date by which you will have completed the above steps. Failure to comply with the steps may result in further action by Linden Lab, beyond removal from the Third-Party Viewer Directory. We look forward to your prompt response.



Sincerely,

Oz Linden

Ann Otoole

What is the source of this?

Innula Zenovka

Phox has just put his hands up to it:
EMKDU vs LLKDU - HELP?