« Why I Don't Go on Social Media So Much Any More | Main | Cory Still Drinking the Kool-Aid »

06/23/2008

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Gigs Taggart

I agree with you in terms of Linden Lab needing to actually make a policy decision before these debates can end.

Obviously we differ on what that decision should be, but we at least agree that Linden's lack of decisiveness is a damaging course of action.

I told Rob this in MISC-1267, when he asked about the best way to handle hot-button issues on sldev. The root cause here is Linden refusing to take a stand.

Melissa Yeuxdoux

"Even Wikipedia's article on the subject doesn't contain some long-winded homily about how it is "impossible" and "always cracked"."

No, but see the paper they link to by B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan and K. Yang. From the summary: "Our main result is that, even under very weak formalizations of the above [informal definition of an obfuscator], obfuscation is impossible.... We extend our impossibility result in a number of ways, including even obfuscators that (a) are not necessarily computable in poly nomial time, (b) only approximately preserve the functionality, and (c) only need to work for very restricted modules of computation (TC0). We also rule out several potential applications of obfuscators, by constructing "unobfuscatable" signature schemes, encryption schemes, and pseudorandom function families." The paper was presented at the International Cryptology Conference in 2001, and papers presented at the conference were (and are; it's an annual conference) subject to peer review.

Prokofy Neva

Melissa, you're merely confirming my point -- you have a selected, biased notion of this, you cite selectively, and you have religious beliefs about this. It's not interesting. We understand the position, and we don't buy it. Not because we're stupid and because we can't be made to understand technical limitations, but because *you're* stupid and can't think beyond your own religious belief.

That's the problem. You're not persuasive because are stupid, dense, and religious about something that you claim is technical, and we can all see that.

Eris'

You're so right about the adolescent code-ismo that surrounds this issue and only those kind of men could conceive of using their inability to achieve something as a merit! "We can't do it, so there!" - do they ever hear themselves? Their silly posturing would be less laughable if they gave away their own dog-food for free like they expect content creators to. The day I can have the code for Photoshop for free and no dev can make a penny from a line of code they spent weeks on - then, on that day, their argument will have legs to stand on.

But will obfuscation work in SL? Almost certainly not in my view. I think there's an argument for some degree of it, just as a deterrent for casual pilfering, but it will just make stealing more fun for those sad ****wits driven to do it.

Two things more likely to reduce theft are accurate attribution for original content and denying anonymity for uploaders. If original content can be accurately traced back to source and any thief knows they can be traced to a RL person, then you'll make a huge dent in texture theft.

Besides, how many of us trust Linden to implement a technical solution like obfuscation without spinning SL titsup?

Thoroughly Disgusted

Prokofy, enough is enough. Calling people stupid is uncalled for. As a self-proclaimed "non-specialist", how can you seriously make these kinds of accusations to specialists about their speciality?

And what is it with the obviously male-hatred thing you have going on?

The simple fact is that no matter how hard one tries to obfuscate, someone else with enough time and interest will break through. Haven't years of failed copy-protection schemes already proven this? Or aren't you paying attention?

Fruit Sorbet

As a self-proclaimed "non-specialist", how can you seriously make these kinds of accusations to specialists about their speciality?

Because he/she is nothing but an internet troll.

Prokofy Neva

Thoroughly, you must have a first and last SL name to post on this blog, or a RL or recognized blogger's name, no unaccountable sniping from anonymity.

You haven't been paying attention, apparently. As I explained, it's Napster that went to the wall, and closed, and iTunes that now collects 99 cents. Software goes on charging. Everywhere, people obfuscate and charge. It's only when we come to this wacky-ding-hoy planet of Second Life that people become such mindless freetards.

And yes, indeed, they ARE stupid. Stupid means you simply cannot think outside of the box, you can't get over your ardently held machismo-juiced religious belief, and that's a big problem in an innovative scientific project.

I don't believe a word that is said here because not only the behaviour and morals of the people on the forums and JIRAs are utterly questionable, their argumentation amounts to "Because I say so and you're stupid." So I can only say in response to such people, "But you're stupid for saying that, you've proved that in spades."

The idea that there are all these people with "time and interest" out there is merely a religious doctrine. The belief that the wily team of Linden Lab can't foil them with frequent changing of the obfuscation (and that's hard because...why? Doesn't sound like it...) also seems like a mere dogmatic and petulant belief.

It's done all the time. THe idea that it can't be done here is merely ideological. We need some grownups to look at this and really address it. For one, just because you can't do something FOREVER isn't any reason to do it FOR NOW. It might be a very good restorative to the economy, and a very good gesture of faith if the Lindens did try to stem the tide on a number of fronts.

It's like AIDS. You can't really cure AIDS as such. But you have about a dozen strategies you use, none of which if used in isolation will work -- whether prevention, education, retroviral therapy, etc. People go on living with AIDS; AIDS is prevented. It's not cured, but you deal.

The same kind of attitude has to be brought to these matters which are not purely technical around SL. An obvious correlary of having obfuscation is that it is a crime to break it. And then you begin to have a simple, technical way to get rid of these hackers without having to drag creators, lawyers, judges, Lindens through courts that turn out very paltry results ($500 for Stroker, after all his trouble, and settled out of court, with no precedent value).

Accurate registry for creations is something that residents must begin and maintain without Lindens, and get to working at such a robust level, that they will possibly then co-opt it. There isn't another choice. Whining and mewling about their failure to do this is silly when residents themselves are perfectly capable of setting up a registration system, like the notary once set up by Zarf, only for textures or designs, and perfectly capable of finding internal sanctions -- bannings, public announcements of violation of copyright, etc. consumer boycotts.

I'm not going to bother with many more rounds of this. I've heard the arguments already for four years about why you can't do it, and yet other companies do it. I want to hear from non-ideological grown-ups working in real companies discuss this -- and I don't mean tools like Dale Innis who merely enjoy being contrary to grief in sophisticated forms.

There are coders on the SLDEV list who wrote perfectly normal stuff about how to do this, and then asked the Lindens, well, is there a reason you can't do this technically, i.e. performance wise? Or is it only ideological unwillingness, i.e. fears of it being broken?

Fear of technology being broken seems to me to be the worst kind of phallic loss fear on the planet. We need to get the coders to substitute their phallic fears of loss of their code with a fear of the loss of the residents' created content.

I don't have anything against males. I'm describing a perfectly visible problem of young male machismo on this issue so that we can see that we're dealing with something here that has social and political influences and origins so that we can try to combat it at that level, as it is not "technical".

It's not about 'male-hatred' to explain that these aggressive freetards have a hammerlock on this discussion, and their grip needs to be pried loose. Their arguments are known. We are not stupid. They are stupid for continuing to hammer what is already clear -- their position, which we simply don't buy as unbiased and as truly technical and informed.

I was blown away at VW08 walking from panel to panel. In the panels with Lindens and opensourceniks like Adam Zaius talking about copyright and IP protection, we encountered this blunt, ideological, aggressive hatred of efforts at IP protection, and even a kind of sneer at anyone even still trying to make a business model built on such a thing.

But as soon as I walked into another room with three OTHER games and worlds, including Raph Koster's Metaplace and two others I was less familiar with (not recalling names now), I encountered a completely different attitude. Completely! They talked openly of how they had to protect IP, and not only in the TOS. I told them of the Linden "inevitability of broken obscurity" theory in the questions, and they just shrugged, because they didn't feel limited by it. They were finding ways to make things open and accessible, but they weren't somehow unconcerned about IP protection, starting with their own!

The ultimate irony about all this, and which discredits these people the most, is that while they are for making all textures free, and for not bothering to protect IP, and for open sourcing, they are for closing accounts that have NPIOF.

That's why I always say: open source=closed society.

Prokofy Neva

I don't believe in the concept of "troll". And non-specialists have every right to challenge the silly "specialists" of SL who amount to semi- or unemployed IT guys, kids in Mom's basement, freaks, goofs, hackers, criminals.

I fail to see why I'm supposed to trust the rabid, non-scientific spouting of people who are anonymous, unaccontable, and don't even have real jobs, or who are young and inexperienced, or who are extremist and obsessive. I don't have to.

They may know technical functions of coding, but they are not programmers with any kind of depth or insight.

Instead of being able to answer the questions I've posed on SLDEv, and be able to coherently take us through real proof that performance would suffer, or that regular obfuscation would not be a deterrent, by citing cache this or compression that or whatever, they say stuff like "You're a troll" and "we hate you" and "we're going to grief you" like common street thugs.

John Lopez

Prokofy, the cite that was referenced is a *mathmatical* proof.

http://www.wisdom.weizmann.ac.il/~oded/p_obfuscate.html

I know, I know, you want the math to work differently, and your will to make 2+2=5 may well be indomitable. It still remains wrong.

What the paper doesn't show impossible is the reason that Napster went down. The law. The reason that iTunes sells for $0.99 a song: the law (imagine a major corporation not following such an obvious requirement).

On the other hand, please note that much of the iTunes catalog is available DRM free, and even the DRMed stuff can be burned to CD (which negates the DRM).

The law is the reason that lawlessness ended for some users online, not any technical solutions. Well, that and the fact that iTunes is just handy to use and it is worth a buck to not worry about malware infested sites. Until that happened, the better "user experience" for music was ripping it off for those with no moral qualms about doing so.

As an aside, textures can be ripped from There and WoW just like they can from Second Life. Again, the people to talk to about this are the *hardware* guys, as they are the ones who make open render buffers that lay bare everything in them.

Hardware *can* use encrypted textures and keep private buffers for the decrypted textures, making the traditional texture ripping techniques far less useful. But they don't build like that because nobody is demanding it of them.

Melissa Yeuxdoux

"We understand the position, and we don't buy it."

Then you reject formal logic. The paper proves that no such program exists, just as Turing proved that the halting problem can't be solved.

Prokofy Neva

Nice try there, John, but figures liar, and liars figure.

I don't care that some "mathematical proof" is cited -- it is merely tendentiously cited and selectively cited.

"The Law" isn't the only factor here. If "The Law" were enough, you could copy iTunes easily. But you can't. They are encrypted and obfuscated, like CDs and DVDS are. Duh.

"Much" of the catalogue? People disagree about this, and burning to a CD isn't the same as mass producing CDs for sale. The ability to burn the tune on your own computer is a different act than what happens on the website. If you could just burn it off the website, you'd have no reason to pay the 99 cents.

Coders who in fact believe code is law and should control everything are the first to very hypocritically reach for law when they want to solve the social problems spawned by their extremist ideological take on tech.

Instead of moderating their views and making the tech moderated, too, they adopt extremist positions, throw up their hands, and offload everything to law or policy. It's really utterly disingenuous.

I'd like to hear from WoW and There whether they have textures that are obfuscated or not. The fact that they can be ripped is beside the point. I want to know whether they obfuscate them, and change the obfuscation in response to ripping. I'd like hard facts on this, from credible sources, and not from you. I don't believe you know the answer to this; you have no verifiable direct sources in those companies, and you are conjecturing based on ripping, and not on knowing how those companies in fact do things. You are not credible.

Of course they can build like that, and in fact people do demand, starting with the bosses of software companies.

Prokofy Neva

>Then you reject formal logic. The paper proves that no such program exists, just as Turing proved that the halting problem can't be solved.

See what we're dealing with here, people?

*Waits for the normal people to get here.*

Jimmy Dell

Prok, thank you for taking up this issue. For the record, I've been programming for over 20 years and I often read SLDev and find myself either laughing or tearing my hair out when I see people I know have at most a couple of years of work experience attempting to dictate their views. This mathematical proof simply talks about the fact that any protection is defeatable, but what these kids fail to realize is that, in the real world, less than perfect protection still reduces theft. The reason why this is even a cause of debate in this situation, yet we don't complain that all locks are pickable and shouldn't exist, and all cars are hotwireable and shouldn't have keys, and so on is that there is an underlying philosophical and not technical motivation. Working engineers in the real world look at the business requirements, point out that nothing they do will stop a determined thief, implement a simple obfuscation that prevents the file from being copied by a casual user, and move on. Anything other than that is not engineering, it's proselytizing.

John Lopez

Prok, you can rant on and on, but in this case you just keep looking sillier and sillier and less and less educated. Some of these items are founded on simple, basic premises, and rejecting them *is* a rejection of formal logic. You know, the stuff that made computers happen in the first place.

There are plenty of flat earthers and plenty who think that Pi can be "decreed" to be 3.14 or 22/7 or whatever. Incorrect thinking is a defense against reason, but it isn't a defense against *being wrong*.

For a less mathematical point where you are wrong, burning a CD means you can endlessly *duplicate* that CD. More worryingly, CDs *aren't* protected in any way shape or form against such copying, making "They are encrypted and obfuscated, like CDs and DVDS are. Duh." a nice snappy comeback but also wrong.

I have nothing against technological protections, I use them in my own code distribution (via a license server). What I do have a problem with is misinformation, and this post has been one of your most misinformed yet.

Really, your obfuscation via political and social ills is far more convincing, as at least someone can't prove anything one way or another about what you said.

Prokofy Neva

Thanks, your response was just the sort of thing I figured was out there somewhere in the real world.

Re: "there is an underlying philosophical and not technical motivation"

Bingo. And what that amounts to is an entire ideology, one that bears a striking resemblance to communism -- the belief that the people will altruisticall work for free and share and everything will be available for free, and resources will be distributed equally and fairly.

John Lopez

See, all you had to do was switch to ideology, communism and such... and now nobody can point out that you are making massive errors in logic! Yay obfuscation!

Jimmy Dell

Every project I've ever worked on for an employer, and frankly even the well-organized open source projects, have had a well-defined set of business requirements. Prok is just as qualified, if not more so, than any person outside of LL to discuss business requirements. Some of the people in these comments are resorting to technical slight-of-hand, where they're in-effect saying that because any lock can be picked, that no locks should be used. Because Prok isn't trained in software project management, he may have fallen for this neophyte insubordinate engineering trick, but it's still B.S., and in most companies, trying to sandbag the software requirement definition process with false technical arguments will quickly get you shown the door. This isn't about mathematical proofs, it's about whether textures should be easy or difficult for the non-technical user to copy.

John Lopez

"less than perfect protection still reduces theft. The reason why this is even a cause of debate in this situation,"

The reason is believed to be fairly simple: the faulty lock forces someone to take a step beyond which they feel uncomfortable.

Right clicking a picture on a website and hitting "save as" is so easy many think there is nothing wrong with it (although in most cases there very much is something wrong with it).

Having to download "rip-o-matic 9900" from a seedy website and run the risk of malware or a trojan causes people to think "hmmm, maybe I shouldn't do this". Sometimes they may even realize that the reason things weren't made easy for them was because they weren't supposed to do it in the first place.

Thus, putting weak locks in place weeds out all but the determined.

I know that before I put the license server in place we had about a 30% rate of "unauthorized copies" (thanks to "phone home" pings, I'm pretty comfortable with that).

Since adding it, I haven't seen any cracked versions. Of course, the cracker may have been clever enough to take out the phone home code as well, but on the other side of the fence our license count went up at the same time, so I think it just did what it was supposed to for us.

Prokofy Neva

John, your narrow-mindedness is on display, and I suppose that's one of the reasons you don't work at Dell or IBM or Xerox or as the head of a thriving software company, but, whatever it is you do...

Proof that protection isn't perfect is merely a narrow mechanical obvious proof. As I've said now 100 times, we all get that. That's not interesting; it's not necessary to keep pounding on it.

But what Jimmy Dell here has said far more eloquently than I could ever say, you don't limit yourself and hobble yourself by such narrow technicalities in real life. You find ways to do the obfuscation *anyway* and do *some* deterrence.

It's as he said -- you don't stop putting locks on doors because they can be picked or stop having car keys because cars can be hotwired. I mean, it's just logic and common sense.

I don't think there is any "obfuscation" in pointing out that hidebound, extremist ideology around code, just like Bolshevism, is a killer, and mainly ensures only one thing: the power of extremist coders over others affected by their code.

Gosh, I realize that if you can burn one CD, you can burn a zillion. Duh! That's like, so obvious my cat gets it.

But it won't be a high-quality CD. And most people don't make zillions to sell that way. And the download costing 99 cents is something that still has an interface on it that prevents you from merely right-clicking and copying it, AFAIK, of course, shoot me if I'm wrong.

Re: "I have nothing against technological protections, I use them in my own code distribution (via a license server)."

There we go. No business but my business. Your information can't be protected, but mine can be shrinkwrapped...Ohhhkkkay...

I haven't said anything misinformed here. I've explained that literalism is in fact based on ideology -- and Jimmy Dell backed that up, saying that the exttremism on this is based in a *philosophy* that is merely one school of thought -- and as we all know, it's the Stallmanite school, the copyleftist approach.

There isn't any "misinformation" in what I've said here:

1. Real world companies obfuscate and encrypt. CDs. Movies. Software.

2. Napster didn't prevail. Today, people pay 99 cents per iTune.

3. Mathematical proofs that protection can't be 100 percent are beside the point. What's wrong or incorrect isn't the *math* or the narrowly-conceived "proof". What's incorrect is the application of extremist notions to this problem. In the real world, engineers adapt, and create barriers as deterrence.

4. The hidebound, obsessive, rabid clinging to this ideology is really like a kind of cult religion. It's what the broken Internet children cling to for their very sense of self.

Like I said, acquire the same fear of people losing their content to thieves that you have about your unwillingness to write protections and lose your code to hackers.

Anything else is just adolescent posturing.

John Lopez

Jimmy, you seem to have confused me for someone arguing against technical solutions. I'm arguing against naked misinformation. Prok can specify any feature she wants as a desired feature, but her factual errors pretty much make her points moot at times.

As my post (which apparently crossed yours) indicates... we use security in the products that my company sells.

As the lead designer on the project and one of the owners of the firm, I assure you I was well aware that it wouldn't be 100% leakproof, and in fact we made only minimal effort to avoid hacking. The project was one of locking the door to keep the honest people honest, not putting the code in a safe where we were assured nobody would get at it.

However, texture pools are currently available via simple tools for every program that uses texture buffers and will remain so until hardware support for something more than XOR encoding arrive and will be better when protected buffers for decoding are available.

I say it again, yelling at LL will do very little until infrastructure is in place to lock the door even weakly. I for one would hate to see resources dumped into something that would stop nobody (the texture rippers are already willing to visit the seedy sites) and instead work on things that are meaningful.

Prokofy Neva

Jimmy, I haven't fallen for any tricks, as I've been challenging this sort of BS as you say since day one in SL. I'm not a software project engineer obviously, but I've been near some in real life enough to realize that they are never run this way. I can see that in SL, there is some really skewed, extremist strain of the OS movement that has totally taken over the discourse and made it impossible to discuss these issues reasonably and rationally.

In fact, the extremism seems to be in LL itself, and that's the problem.

I don't know how this will all resolve itself but I find it very worrisome. There aren't enough adults and people grounded in real-world experience at the helm either in or around the Lab on this it seems to me.

John Lopez

"John, your narrow-mindedness is on display, and I suppose that's one of the reasons you don't work at Dell or IBM or Xerox or as the head of a thriving software company, but, whatever it is you do..."

Aw, and now it is time for misinformed personal attacks I see. Time to move along then and lick my wounds, seeing how perceptive you are.

Prokofy Neva

I haven't made any factual errors; in fact, Jimmy has helpfully explained that this silly banging on literalisms like this "math proof" that Melissa was on about is "neophyte insubordination" that would get you shown the door. That's good to know!

As I know from reading SLDEV, your opinions about XOR are just your opinions; others have spoken to the other side of the issue and discount what you say.

John *is* arguing against technical solutions. He *is* making the insubordinate neophyte's literalist and stupid excess. He isn't even bringing to bear his actual own RL company's experience!

Prokofy Neva

So your company thrives? It's like a big company? You are independently wealthy now and can retire at the ripe old age of, oh, 30 or 35 perhaps? You make a fortune?

Prokofy Neva

Amazing, how what you have to do as the owner of a company in real life, with others to hold you account, and the bottom line, such as it is, and how you can throw that aside in a setting where you think "anything is possible" and there are no rules.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)

Blog powered by Typepad

Advertisements

Ads.text

  • Ads Text
    google.com, pub-2776838938932602, DIRECT, f08c47fec0942fa0