On 6/05/2010 11:32 PM, Argent Stonecutter wrote: > On 2010-05-06, at 01:23, Ricky wrote: > >> How can that be a source of correlation, unless you are using a viewer >> that has a userbase of one (yourself and your alts)? >> > When you're gathering information on someone for tracking purposes you > don't need certainty. Even a viewer with a few percent of the market > can be used to direct suspicion at a new account unless they > completely avoid all their old hangouts. > > There are precisely four viewers that are common enough that using one > wouldn't be a red flag: The current and new Linden viewer, Snowglobe, > and Emerald. > > People who are currently using other viewers and don't pay attention > to the privacy implications of new features (ie, just about anyone) > would be wearing a target. New privacy exposures have to be opt-in, > not opt-out. > > This functionality would have to not just be spoofable, but be off by > default and turning it on would be done through a user interface that > actually shows you the current string and presents common alternatives. > > If you were doing this, then it would be easier, easier to understand, > and MUCH more useful to implement a general set of account tags or > properties that people could edit at will. This would provide all the > functionality people would get from a genuinely secure > "llDetectedViewer()" type of API, since viewers could have a nice easy > button that sets "Emerald: yes". > I can see value in a viewer being able to advertise (or, I guess repudiate) capabilities. I imagine that most non-security-related viewer identification would relate to having a guess at viewer capabilities/features. Also there's not much value in spoofing viewer capabilities, since the only person to whose detriment it would be would be the spoofer's.
Would something like llDetectedViewerCaps() that returned a well-defined, yet open, capabilities string be potentially more useful than just asking for the brand of the viewer? -- Tateru Nino http://dwellonit.taterunino.net/ _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
