The Trouble With libsecondlife

I touched on the libsecondlife project to a certain degree when I talked about CopyBot back in November, but a recent comment on that post reminds me that this subject is worth considering in more detail. (Oddly enough, when I tried to bring up that link to the project’s home page, it came back with an internal server error…and then with an infinite-redirection error from Firefox. Hmm. — UPDATE: And now it works. Go figure.)

Libsecondlife (so-named from the Unix convention for naming library files “libsomething.a” or “libsomething.so”) is, ostensibly, a project to reverse-engineer the protocol used by the Second Life client to communicate with the Grid and create a library, as open source code, allowing other programs, such as replacement clients, to be written. In this respect it’s a little like the various libraries allowing programs to communicate with proprietary instant-messaging networks, such as ICQ, AIM, or MSN. I did a little work with libicq back when I worked for Jabber, so I know something of the processes involved here. By capturing the network traffic flowing between the SL client and the Grid, they have worked out many of the details of the communications protocol and many of the functions which may be called upon in the server.

LL has stated, on at least one occasion, that the reverse-engineering work being done by the libsecondlife project is legit, and not a violation of the TOS. In fact, some Lindens are even involved with the project, and libsecondlife has been successfully used as a tool to expose bugs in the server-side implementation of SL. (The server code needs to handle anything the client can throw at it, even stuff which is obvious garbage, even if the real client would never even dream of sending such a thing. This is in keeping with the prime security rule for client-server software systems: You can never trust the client. libsecondlife allowed non-standard data to be thrown at the server, to see what happens.)

The creators of libsecondlife speak glowingly of possible applications of this technology, such as IM clients allowing people to send and receive real-time IMs in SL without using the complete client to do so. However, two of its best-known applications are, shall we say, somewhat more problematic. CopyBot was one of those, and, while the most dire predictions of various concerned individuals, including myself, did not come to pass, the aftereffects are still being felt by many. Another one appears to be the appearance of “CampBot” avatars, created and operated for, seemingly, no other purpose than to siphon money from camping chairs at casinos and other popular locations; indications are that these avatars are guided by “autopilots” created with libsecondlife. (While I’m not fond of camping as a general rule, I don’t think hordes of CampBots are fair to either the people deploying camping chairs or the newbies who seek them out to provide some manner of income, now that LL has completely shut off Basic stipends.) Still another involved the creation of “megaprims” larger than the 10-meter restriction for ordinary prims. (This illustrates the point I raised earlier: the megaprims could only be created because the server didn’t check the dimension values being fed to it by the client. LL has since fixed that hole, so no new megaprims can be created.) These megaprims are known to confuse the sim servers to a certain extent, yet people still use them, and, furthermore, sell them. There are some indications that LL may be cracking down on the megaprims, but they still exist. (A sky structure constructed using megaprims is visible from the Gin Rummy’s skybox office/conference room, for instance.)

There are allegations that many of libsecondlife’s project members are little better than griefers, or, worse, are griefers, or members of various griefing groups, and that they sit back in their private IRC channel and laugh while their tools are used to wreak havoc on the Grid. (Side note: “Griefer groups” are one thing we don’t need, no matter what tools they’re using. If I were in Philip’s shoes, I’d do everything I could to locate all identifiable members of these groups, then mass-ban and call in the FBI. These groups not only wreck the experience of SL for all the legitimate end users, some of whom are paying customers, they wreck it for all the companies coming in and setting up shop in SL, all of which are even higher-paying customers. This is one instance where “good business” and “the right thing to do” go hand-in-hand.) In my post on CopyBot, I argued that “the libsecondlife project needs to ‘clean house’ in a big way.” This does not appear to have happened, at least not to any great extent.

It’s a shame, really, because, from a purely technical standpoint, libsecondlife is working in an interesting and challenging environment, and I might have the ability to contribute something to their efforts. As long as the specter of griefers and griefing hangs over the group, though, I am leery of involving myself in any way with their project, even to the extent of downloading their code to try it out. And therein lies what should be a major cause for concern on the part of libsecondlife: if their reputation is such that potential contributors are scared away from their project, does this not run contrary to their stated goals? I quote from their own home page:

The libsecondlife project is an effort directed at understanding how Second Life works from a technical perspective, and extending and integrating the metaverse with the rest of the web. This includes understanding how the official Second Life client operates and how it communicates with the Second Life simulator servers, as well as development of independent third party clients and tools.

How does their association with griefers and griefing mesh with this mission statement? Is this not a concern which should be addressed, post haste?

I still think, as I originally stated, that the ultimate solution to restoring libsecondlife’s credibility is for LL to assume administrative control of the project, setting up a sponsored “foundation” to manage the source tree, hold the copyrights (with availability under the same licensing scheme that libsecondlife uses now), and serve as an umbrella for development work on the project. This is similar to the arrangement that Jabber Inc. has with the Jabber Project, and it has been largely successful for both. (In fact, largely due to the synergy between the company and the project, XMPP, the Jabber protocol, is now an Internet standard.) However, in order for this to work, the existing leaders of libsecondlife would have to cede some degree of control of their project…and that would appear to be unlikely.

Still, it would be worth it to see LL make the offer, just to see how the libsecondlife people respond to it. The logical choice, if they truly are interested in what their mission statement says they’re interested in, would be to accept. After all, they would surely benefit from increased resources, increased cooperation from LL, an “official” imprimatur given to the project, and perhaps even to LL hiring some of the libsecondlife developers. If, however, they turn it down…some may then draw unsavory conclusions about where their true motives lie.

What can those of us on the “outside” do about this right now? Very little. Mostly, we can just watch…and wait.

“The price of freedom is eternal vigilance.” – Thomas Jefferson

“CONSTANT VIGILANCE!” – Mad-Eye Moody, Harry Potter and the Goblet of Fire

Advertisements

8 Comments

Filed under Griefers, Philosophy, Technical

8 responses to “The Trouble With libsecondlife

  1. You don’t need a campbot or whatever to turn off deidle.

    The client decides when you’re idle and when you fall off the server. So you can just turn that off.

    In the default client.

    Sorry, campers.

  2. Crissa, I imagine there must be some sort of idle timeout on the server side, to keep clients that aren’t actually doing anything from chewing up valuable system resources. (This is in line with that “never trust the client” principle I mentioned earlier.)

    However…even assuming there isn’t and that the client can be jiggered into never timing out, a workstation would only be able to run one or two copies of the full client–but that same workstation could run far more copies of this “virtual CampBot client,” hence could control far more camping avatars. Jiggering the idle timeout would be cheating done retail; this would be cheating done wholesale. Whether it is really “cheating” though, I suppose, all depends on what your view of camping is…

  3. Whenever I went and looked at the libsecondlife stuff it looked like they hadn’t really made a lot of progress. That was a few months ago. Have they actually had much successful breakthroughs that a developer could actually use?

  4. Sorry about that error on the website. We were moving away from the old CMS to go 100% with the wiki. Some of our redirection rules were getting looped. It’s all sorted now ;0

    There are allegations that many of libsecondlife’s project members are little better than griefers, or, worse, are griefers, or members of various griefing groups, and that they sit back in their private IRC channel and laugh while their tools are used to wreak havoc on the Grid.

    How does their association with griefers and griefing mesh with this mission statement? Is this not a concern which should be addressed, post haste?

    Some of my best friends are griefers. There is a very simple solution to 99% of the griefing problem.

    I’ll tell you what it is,Don’t be grieved.

    The next time you see a griefer, wrap your arms around him and give them thanks for showing you the folly of your ways.

    I still think, as I originally stated, that the ultimate solution to restoring libsecondlife’s credibility is for LL to assume administrative control of the project, setting up a sponsored “foundation” to manage the source tree, hold the copyrights (with availability under the same licensing scheme that libsecondlife uses now), and serve as an umbrella for development work on the project.

    This might be a viable option in the future, or maybe not.

    The core of libsecondlife is basically a bunch of people who hang out and try to make Second Life do interesting things. This lead to a good number of projects cluttering our source tree. Lately though the move has been to restrict commit access to a few core members and we prompt people to submit patches and bug reports.

    libsecondlife is growing up just fine without a corporate sponsor, though we would be glad of any contributions anyone wants to make to the project.

    Doubtless there will be more controversy, be it generated by libsecondlife directly or just one of our users, as libsecondlife gains new tricks.

    libsecondlife:
    understands avatar appearance, clonebot is born
    understands objects, copybot is born.
    understands animations, dancebot is born
    understands avatar controls, followbot is born.
    understands sitting, campbot is born
    understands images, imagetool is born…

    Everything new we learn how to do leads to someone making something that can use that feature. It will always be that way no matter who has control of the source.

    So, credibility? You don’t have to like our people or our users. We provide a tool, and it’s only a tool. Use it or don’t. A tool doesn’t need credibility.

  5. Glad to see you got the Web site configuration worked out, Baba, and that it was a transitory issue.

    I’ll agree with you that libsecondlife is, fundamentally, only a tool, the same way, for instance, a .357 Magnum revolver is. Both of those tools can be used for good or for ill. The issue is the people behind it, and what their intentions are…and, right now, the perception of your group is that it looks a lot more like the Montana Militia than like the National Rifle Association. Never mind that, for all I know, you guys are just a bunch of harmless developers with no intent whatsoever to grief anyone; perception defines reality a lot of time in this business, you know that as well as I do.

    See also this telling quote from Ms. Ordinal Malaprop on the possibility of libsecondlife being used to develop a “land swoop bot”:

    I have spoken at length about the fact that CopyBot now epitomises [the libsecondlife team’s] output, and from those that I have spoken to, I believe that this is accepted as a situation that was Not Necessarily Handled As Well As It Could Have Been. libsecondlife as the originator of both CopyBot and LandSwoopBot…well, if anything is going to have the inventors’ castle burned to the ground, it would be that, and one can argue until one is blue in the face that such things would have happened anyway and nothing is safe on the Aethernet blah blah blah but it won’t make a bit of difference if you are identified as the group who did it first.

    I’d say, ignore what she says here at your peril.

    The official sponsorship of the project by LL that I was advocating would, I think, at least bring some appearance of “responsibility” on the part of the group. Now, that appearance might be as nebulous a thing as the group’s present appearance of impropriety, but, again, perception defines reality much of the time.

    Tools don’t need credibility, you’re right there. Projects, and the organizations that run them, however, do.

    One more thing…it’s easy to say “don’t be grieved,” by which I interpret you mean “don’t take griefers too seriously.” However, suppose you are in the middle of an event at your club, and teleports start failing due to the increased load put on the database by a griefer attack, and people can’t get to your club. Or, money transfers start failing due to those same reasons, rendering your contest boards, your Sploder, etc. virtually useless. Or, LL has disabled scripts to try and deal with griefer objects, meaning none of your scripted objects work.Or, LL has disabled logins while they clean up after a griefer, meaning your DJ, who has just crashed out, can’t get back in-world. Sound unlikely? All of those have actually happened to us. When griefers cause problems that interfere with our ability to run our events, that makes it my problem…and it makes it rather difficult to just follow the advice of “don’t be grieved,” to say the least.

  6. Prokofy Neva

    Tools DO need credibility. Imagine if that attitude had been taken about the atom bomb. You cannot argue endlessly from the “neutrality” of tools to infer that therefore their handlers are morally neutral. They are anything but neutral when it comes to libsecondlife.

    >Some of my best friends are griefers. There is a very simple solution to 99% of the griefing problem.
    >I’ll tell you what it is,Don’t be grieved.
    >The next time you see a griefer, wrap your arms around him and give them thanks for showing you the folly of your ways.

    This sarcastic and nihilistic quote says it all. Why the Lindens can remain in a group with this sort of noir narf-narfing is beyond me.

    >libsecondlife:
    understands sitting, campbot is born

    So libsecondlife *is* involved in the creation and exploitation of the Campbots draining the casinos now in Second Life?

  7. Prok, I could argue the point about the moral neutrality of the atom bomb…for one thing, many historians now accept that the atomic bombings of Hiroshima and Nagasaki in World War II prevented the need for an Allied invasion of the Japanese home islands, which could easily have resulted in greater numbers of casualties to both the Allies and the Japanese. (And of course, part of that was a big bluff on the part of the U.S., making the Japanese think we had more A-bombs than we actually did. But I digress.)

    The issue with libsecondlife is that, while the tool itself may be considered “morally neutral,” the same cannot be said of its creators and their applications of the tool…as your own examples point out. I’m no big fan of camping myself, but wholesale fraud against casino owners–not to mention effectively stealing resources that the casino owners have intended to use to help newbies–is not a Good Thing.

    Of course, with the opening of the source to the client, things have radically changed. The libsl people, of course, will say that their scope is different (their code is in C#, for instance, while the client’s code is in C++), so their efforts will continue unabated, and they may even be able to use the published client source code to gain additional insight into the communication protocols and refine their own code. But I can’t help but wonder if the move by LL “stole their thunder,” so to speak.

  8. Pingback: The Technological Development of the Summer « Evans Avenue Exit

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s