Unless you’ve been on the SL equivalent of Mars for the past week or so, you’ve probably heard about the brouhaha surrounding “CopyBot,” a program which is apparently capable of duplicating objects, right down to textures and animations. It relies on the Open Source libsecondlife effort, which is a library to interpret the protocol used by the SL client that is currently in development. I’m going to try and piece together what is known, and then offer a few observations.
When the news first broke about the existence of this device, there was a great hue and cry from the content creators of SL…spurred along by a response from Robin Linden that seemed lukewarm at best. She said “copying is not necessarily theft,” and, while she is technically correct, that was probably the wrong thing to say at that point. Eventually, LL clarified its position:
[...] the use of CopyBot or any other external application to make unauthorized duplicates within Second Life will be treated as a violation of Section 4.2 of the Second Life Terms of Service and may result in your account(s) being banned from Second Life.
But, by then, the damage was done. Reports started surfacing of businesses closing due to the potential for CopyBot abuse, and a spike on the LindeX at the same time indicated panic selling of L$ might have begun. The affair gave every sign of turning into a full-scale witch hunt, which even ensnared an innocent maker of vendors. Some businesses issued stern warnings about the use of CopyBot (incidentally, after seeing the warning from GuRL 6, I crafted a similar one on behalf of Don’t Panic! Designs). Others put up “CopyBot blocker devices” that repeat the “!quit” command over and over, in an attempt to force any instance of CopyBot that might be listening nearby to close down. And, while the libSL developers protested their innocence, pointing out that they had pulled the source for CopyBot out of their development repository, evidence surfaced that the developers were gleefully anticipating the havoc they would wreak with their “object stealer.”
Prokofy Neva, of course, is utterly ripshit, accusing the libSL group of being nothing more than a glorified griefer group, and accusing LL of being, at minimum, utterly clueless, if not outright malicious, for associating with such. On another side of the issue, the esteemed Ms. Ordinal Malaprop contends:
To be quite honest I doubt that there will be many instances of copying and distribution resulting from these tools in practice; the vast majority of residents have no interest in such activities, and the vast majority of those left have not the technical abilities to carry them out or the knowledge that they are possible.
To be honest it is too early to tell what sort of development of the Copying Facilities and changes to the world will result, and I would say that it is *certainly* premature to shut up shop, but the mere idea is disturbing to many.
And now we have some hard data on the impact of CopyBot: just uner 100 complaints total, involving some 50 individual Residents, over the course of a few days. While even a fraction of that number of complaints would certainly be cause for some heightened concern, the fact that so few people were involved–less than 1% of the typical number of people logged into SL at any given time, let alone the total number of active or registered accounts–would scarcely seem to mean The End Of The World As We Know It. Perhaps Ms. Malaprop’s statement is closer to the truth of the matter…as is Tateru Nino’s:
The most severe effect that copybot will have on Second Life will be our reaction to what we /fear/ will be done with it, rather than anything that is actually done.
The first observation I could offer is that Cory Linden is right: There is no way to completely stop someone from copying an object, or at least the physical properties and textures thereof, in SL. If it can be displayed, it can be copied. This is like the old axiom about scrambled cable channels: no matter how badly the video signal was scrambled, somehow it had to be capable of being de-scrambled so it could be sent to a normal TV set. People have already had success in copying textures from SL by intercepting the stream of information going from the SL client program to the graphics driver that displays it. You can’t stop that without a fundamental shift in the way the graphics subsystem operates…something which falls firmly into the realm of Things That Are Not Going To Happen.
Which leads me to another fundamental point: you cannot assume a secure client. Even if someone runs the unmodified client as downloaded straight from LL, you have to assume that this client will be run on “Satan’s computer.” People will packet sniff, they will disassemble, they will do anything they have to to try and break your protocol or data format or security system, if they want to badly enough. They could even be running the client inside a VMware virtual machine or equivalent, with their debugging tools on the “outside” of the VM, and the client would never even know it was being watched.
Given the above two points, an effort like libsecondlife was pretty much inevitable…and, in this day and age, since the power of Open Source is apparent in many ways these days (see: Linux, GNU, Mozilla, OpenOffice.org, etc. ad nauseam), it was natural for the interested parties to combine their efforts into an Open Source project. Some people have held that they shouldn’t have opened the source, since it makes the code far too accessible to those interested in griefing. My response to that: Open Source is not to blame here. Not having the source would not make griefers’ tasks impossible, just more difficult. At least, in this instance, people, including LL, have some knowledge of what the libsecondlife developers were up to. Another group, working in secret and sharing their knowledge only between themselves, could have accomplished the same thing, albeit slower. CopyBot might have appeared, not today, but several years down the road…say, when SL had become even more successful and accepted by RL corporations…and when a successful security attack would be far more damaging than it is today. And combating the efforts of such a group would be more difficult; you might have to reverse-engineer their attack program to figure out what the vulnerability is and stop it.
This is not to say that we’re in the best of all possible worlds now. It looks to me like the libsecondlife project needs to “clean house” in a big way. In fact, I would go so far as to recommend that LL, which has some interest in libSL right now anyway, should take over the administration of the project entirely, and should eject developers from the project who are using the tools to intentionally violate the TOS. If it’s that valuable of a tool to them, for use in spotting possible exploits and such, why aren’t they administering it? They might, for instance, establish a “libsecondlife foundation” to hold the code in trust and coordinate its further development; this would be similar to the relationship that currently exists between the Jabber project and its corporate sponsor, Jabber Inc. of Denver.
People would also do well to remember that the CopyBot as it currently exists is not capable of making perfect copies of all objects. It cannot, in particular, copy scripts. This makes sense, as scripts are designed to be executed on the server; the only time the client ever sees the script source is while it’s being edited. In this limitation might lie the key to recognizing copied objects. I can envision a system, for instance, where each object would contain a script capable of answering a “challenge” from outside and responding with a message indicating that the item was the genuine article. A counterfeit object would not contain the script (assuming the script itself could not be copied by other means) and hence would not respond to the challenge, marking it as a fake. There remain many practical details to be resolved here (not least of which is the communication method to use for the challenge/response…having the object listening on a channel at all times for the challenge would cause many people to start screaming “LAG!”), but a scheme like this could provide at least some method of detecting unauthorized copies and act as a stopgap until LL can beef up their own means for doing so.
In Neal Stephenson’s Snow Crash, Hiro Protagonist recognized that the coming of the Snow Crash digital virus represented a need for a fundamental shift in the design of the Metaverse, with more emphasis on security. We may face a similar moment here in the history of our own Metaverse. But, just as the Chinese character for “crisis” is a combination of the ones for “danger” and “opportunity,” so too does the CopyBot crisis represent both a danger and an opportunity…one which I hope LL, the libSL developers, and others will rise up to the challenge of. In the meantime, stay the course. Content creators, keep watch for anyone trying to use CopyBot to steal your creations, and give some thought to technical measures whereby such may be detected. Residents, pledge yourselves to refrain from violation of copyright, and urge your peers to do likewise. And keep your eyes on LL and the libSL developers…encourage them to do the right thing.
“These things pass. The trick is to live through them.” – Lazarus Long, Time Enough For Love, Robert A. Heinlein