Hey Adam, thanks for the information. Just a quick couple comments and questions to what you said: Is there any special technique for passing down the CIL only to the assest server? I remember in the old days there was an app called SnowCrash for doing this in SL Grid. And are there apps out in the wild that can decompile the CIL, or any reports of anyone really do this? Mostly not to overly conserned when I hear this, but of course it is a risk. My code is like spaghetti already, added on top of what I am sure is even more spaghetti... I would pitty pirate...
Now your cryptogrid assest provider does sound interesting. Does this encrypt the appropriate assests comms for a sim to the assest server of an untrusted grid? Acting as like a proxy and decrypting/encrypting it (to dumb it down)? >From the description that is what I imagined but I hostly don't have a full understanding of how the assest server works. Also, I don't think I will play with that, but I was thinking of writing this info up in a blog post. Do you have a link to any additional information on your cryptogrid assest provider? Couple questions about the assest servers... Could I now run an assest server localy, and allow connections to other grids securing my assest here? Even if I could do this wouldn't it all still boil down to the CIL reaching an unsecure sim? I ask these questions because ealier someone mentioned trusted asset/inventory servers as possible furture solutions. I tried to find more info from past emails, but could not. Thanks again for everyone time answering my questions on this topic. I do appreciate it. I fully understand its impossible to protect data in any format 100% if its ever going to be used outside of a controlled enviroment. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Frisby, Adam Sent: Thursday, March 19, 2009 8:05 PM To: [email protected] Subject: Re: [Opensim-dev] Couple questions on scripts The short answers here are: - The sims need unencrypted copies of scripts for operations (to compile them, etc). You can pass them the assemblies (compiled results), however CIL (our bytecode language) can be decompiled back to source form with remarkable accuracy (it's at the very least human readable). - So anyone who has a region that is running your scripts could potentially intercept them. - The grid & asset servers don't need unencrypted copies. If you are uploading onto an untrusted grid for use in a trusted subsection, there is the cryptogrid asset provider I wrote a while ago -- however this only works if you trust the region operators who you give the decryption key to. (and of course, you won't be able to use the asset without them having it). It definitely won't be as convenient since you need to provide the keys before rezzing the object, but it might be useful if you want to say run some private scripts on a region you self-host on OSGrid.org, and don't want the osgrid team getting a copy. Adam > -----Original Message----- > From: [email protected] [mailto:opensim-dev- > [email protected]] On Behalf Of Skidz Tweak > Sent: Thursday, 19 March 2009 12:43 PM > To: [email protected] > Subject: Re: [Opensim-dev] Couple questions on scripts > > That's very interesting. I like the idea of trusted asset/inventory > servers. > I will look through the past emails for more information on that > project > aspect. Thanks. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Melanie > Sent: Thursday, March 19, 2009 2:23 PM > To: [email protected] > Subject: Re: [Opensim-dev] Couple questions on scripts > > Hi, > > basically, to answer "yes" to your question #1, ALL of the following > must be true: > > - The grid must be owned and operated by a single entity > - Said entity must have a TOS, statement and/or track record of > respecting content creators' rights > - No outside regions can connect > - No outside persons can access the shell or database of the grid > > It would be up to you to determine whether you trust the operator of > the grid. Currently a few such grids exist. > > Generally, if a grid allows outside connections or Hypergridding, it > is not safe. > > However, hypergrid is moving towards a safe way to distribute > content from authenticating asset/inventory servers. Eventually this > may lead to signed binary assemblies being passed around the > simulators, with the region operators trusting the certificates. > However, this will likely not prevent retention of copies of the > goods, so the above points about trusting the operators still apply. > Even though your script source code can't be stolen in this future > scenario, permissions as we know them today could easily be > circumvented. > > Melanie > > > Skidz Tweak wrote: > > Hi all, I finally set up a openSim of my own, and its working great. > The > > development community in this project has done an outstanding job so > far > > (based on my own experiences). > > The setup process was easy, so easy I over complicated it by creating > the > > database tables and such myself prior to running it causing some > problems > :) > > > > I just had a couple questions: > > 1. Are scripts safe on other grids? I get a number of request to move > my > > tools into other grids. > > And what I mean by safe is, people can't steal them. > > 2. I am guessing the real answer to question number 1 is no, so... > Has > there > > been any effort in the direction of maybe a different way to > distribute > > items on the new grids? > > For example, I could imagine an install package for a sim, or > grid > > that could ensure purchase in an encrypted maner with a cert or > something. > > > > Just some thoughts and thx for your time. > > > > _______________________________________________ > > Opensim-dev mailing list > > [email protected] > > https://lists.berlios.de/mailman/listinfo/opensim-dev > > > > > _______________________________________________ > Opensim-dev mailing list > [email protected] > https://lists.berlios.de/mailman/listinfo/opensim-dev > > _______________________________________________ > Opensim-dev mailing list > [email protected] > https://lists.berlios.de/mailman/listinfo/opensim-dev _______________________________________________ Opensim-dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-dev _______________________________________________ Opensim-dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-dev
