Skills Hak Tags Over 4000 Copybot Capable Avatars

by Pixeleen Mistral on 23/03/10 at 12:09 pm

Skills Hak is claiming significant success for the Gemini Cybernetics CDS anti-copybot system, and recently told the Herald "we looked up the number of uniquely flagged avatars using malicious viewers, the number is 4424. There have been around 70 appeals of which we granted 11, none of them were false posities, but extenuating circumstances".

When we first covered this story Hak’s database of digital rights management agnostic avatars there were around 1200 avatars tagged as dangerous, so the claimed growth since the system was launched is impressive, suggesting large numbers of players who are armed and potentially dangerous to Linden Lab’s DRM controls.

The CDS system detects the Second Life viewers of avatars in the vicinity and forcibly ejects anyone who has ever been found with client software which has to potential to make unauthorized copies of Second Life content. With a zero-tolerance policy for naughty client use and a centralized database of suspicious avatars, the CDS system provides a convenient way for subscribers to pool their resources in the fight against content copying.

However, significant concerns remain about the transparency of the process and potential for abuse. Because the banned avatar database remains secret, there is little if any public oversight possible, and the possibility that those running the database might add enemies to the ban list is at least a theoretical concern. Skills Hak told the Herald that Linden Lab suggested that Hak keep the list of copyright capable avatars private saying, "believe me i’d love to publish the names, but people will read it as a list of known thieves which it isn’t".

Are the copybot client users running on throwaway accounts? Aparently not, although Skills has yet to run an in-depth demographic study of players in the CDS database.

In Skill’s words, "from what i see it’s totally random. some 2005 accounts who "tried" cryolife, mostly clubbers and people interested in sl party with alot of ascii in the profiles, lots of fashionistas. the hottest places are the clubs. i gave out a good bunch of free relays to club and sandbox owners and asked them to set them to message only/no ban. these places are like nests, especially the clubs"

299 Responses to “Skills Hak Tags Over 4000 Copybot Capable Avatars”

Danziel Lane

Mar 23rd, 2010

Hmmmmm…. is this just another database harvesting avatar names and what viewer they use or used?

And how do they get the info that someone “… has ever been found with client software which has to potential to make unauthorized copies of Second Life content.”? How can they know that someone has ever used such a client software without investigating their harddisk?

And … do really all shopowners feel the interest to kick anyone that ever tried a viewer on their list? 4424 customers is not a small number, should they all be ejected from the malls and forbidden to purchase goods …. they might have tried different viewers some time … but if they are ejected and banned everywhere, they might think of using that viewer for what they might never have installed it for.
LOL

Mar 23rd, 2010

I agree with Danziel Lane, this just looks like a JLU style database wiki waiting to be exploited. A tool like this is dare I say it, best left to Linden Lab. Copybot sucks and has hurt the entire grid as a whole, however the potential that this tool will be missused in the hands of residents is too great.
shirlee

Mar 23rd, 2010

Well.. if this CDS System is active on a parcel and you tp there, your viewer connects to the CDS Server (media.syscast.net which resolvs to 69.163.231.197) , asking if there is a media stream. (regardless if videos are enabled or not as it seems).

Then the connection terminates. So there is no intrusion, no hdd scanning, no abused stream exploit or such at the moment (that is: until that system gets changed of course).

All information that is being collected seems to be the http stream data (i.e. User Agent Signature) and probably the IP. Nothing illegal as far as I can see (but IANAL).

And if you have a SL Viewer with a blacklisted signature, your ava is blacklisted from that moment on. Even if you relog with a legal viewer.

4500 blacklisted avas might be not a small number – but I don’t think those are4500 users. I am sure there are lots of users that have been blacklisted with several avas.

I do not think this device is very effective, just because it is very easy to bypass that kind of protection. All it does is catching thieves that yell and should “I AM A ROBBER” while trying to sneak at you in order to see what’s inside your pockets.

And to be honest:
This kind of bad-viewer-blacklisting (since they are clearly forbidden) should have been done by Linden Lab. and not by a third-party company that is not affiliated with LL in any way.

(for further information:
just use wireshark, tcpdump or such to have a look at your network and you can see what happens if you enter a protected sim. and if you do use a filemonitor, you can see what is happening on your system – or what is not happening…)

What I do miss is a list of Viewers that will not be banned. There is some confusion about viewers like Emerald, Cool Viewer and such.
Senban Babii

Mar 23rd, 2010

Ahh, another self-appointed group of vigilantes harvesting the private data of users with no oversight or transparency.

I’ve said it in a previous comment section: I won’t personally support any store using this system. I have already boycotted several stores which I used to consider among my favourites.

And for the record, I use the standard SL client, have never so much as installed Emerald let alone any of the more questionable clients and don’t support copybotting. But I don’t believe that any group of residents should have this kind of power over the experiences of others and I don’t believe there is any legitimate mandate to gather the data of other users.
K.T.D.

Mar 23rd, 2010

If I know a region is using CDS I choose not to do business with the owner in world, or on xstreetsl. That’s my choice.

Want to be sneaky and install it in secret? Fine, I’ll just file an abuse report on Skills and the land owner any time I run into her system, I explicitly deny consent for her system to scan me, and wish to be informed in the search results when a location uses it. Since the system does it anyway and the owner has not disclosed it’s use, they both get an AR for my inconvenience, and it’ll take a Linden Lab employee telling me not to to make me stop.

Don’t like that? Save the insults, I don’t care, and I don’t steal content. Be up front about the fact that you pay into this scam so that I can spend my time and my L$ on content created by people who aren’t dumb enough to buy into this scam.

What clients I use to mess around with my OpenSim are not her business, nor are they any concern of paranoid fashionistas. Her system may be able to detect prior use of these clients independent of which avatar used it, but as it can not tell the difference between past use on LL’s grid, and past use on my own private OpenSim. It’s mine. I pay for the hardware, the electricity, and supply the work that gets it running. This means I get to do as I please in it and with it, including trying out clients that are not appropriate for use on the Linden grid to see what they look like and what they do.

Were the system only scanning for and detecting ACTIVE use on an avatar, that would be one thing. But prior use from a clean avatar on a system that has used one of these clients in the past? That’s where Skills Hak is overstepping the boundaries.

Plus, this doesn’t even take into account a situation where a person may have a friend RL who also is an SL user, and they use that person’s PC to log on with the official viewer or Emerald for some reason or other. Why should they be held accountable for what software is/has been on that computer? I had a similar situation dealing with Linden Lab’s fraud department because of my being helpful and fixing SL’s performance on his PC. Couple weeks later he disputes what he felt was double billing on LL’s part, and I wake up to find my account locked out with a message to call their fraud department because he reversed the charges to his card.

LL’s response was to immediately unban my account because they could see that I had only connected from his PC once, while my own had connected hundreds of times. I can imagine such a conversation with Skills would go something like this:

User: “Why am I being banned from places by your system after using a friend’s PC?”
Skills: “You used (insert client name here)”
User: “No I didn’t! I don’t even know what that is.”
Skills: “You’re a liar and a crook, fuck off.” *mutes*

FYI here’s a list of clients I’ve connected to LL’s grid with on my AV:
Official Linden Lab Viewer
Nicholaz Edition
Cool Viewer (Mac OS Version)
Viewer 2.0 beta
Emerald (and promptly dropped Emerald/changed my password after learning more about it’s developers and this CDS bullshit.)

Aside from Emerald, which is shady as hell, none of those viewers are what I would call malicious.
Sandrina

Mar 23rd, 2010

What do you think get from a person who have designed and created the Emerald and Neillife Viewer? Yes Neil and Skills have worked together at the emerald team and there Skills tryied to get out the passwords and usernames of the users, maybe only the usernames are now on the list, but how can anybody trust a person who is not RL identificable, has faked the domain name registra and worked extremly in the develepment of the NEILlife Viewer…

That i cant understand sorry
Gaara Sandalwood

Mar 23rd, 2010

I would like to state I do have a few viewers, all packed in RAR archives and stowed away, never even installed. I have never used anything but standard SL and Emerald(and I am highly considering going back to standard SL).
Rumor Mills

Mar 23rd, 2010

I wouldn’t worry too much about this stuff. Rumor has it, Linden Labs is thinking about doing away with currency all together soon. Mainly because they know there’s nothing they can do about copy thieves.

Game over fellas. I hope you have something to fall back on when you lose your virtual jobs selling sweat layers.
Zauber Exonar

Mar 23rd, 2010

Detecting and stopping copybotters? After reading this, I would hardly call CDS Gemini successful at all:

http://antoniusmisfit.blogspot.com/2010/03/how-gemini-cds-fails-to-stop.html
Gooser

Mar 23rd, 2010

This system is senseless.

If one want’s to copy – why must he copy at the seller’s sim? Just look to the positive comments in xstreetsl, search with the picks of the writer of the comment – it’s likely the wantet-to-copy item is on his land.

btw, this system is possibly very easy to lock out.

A net sniffer analysis shows the way it works.
It uses a bug in Quicktime to contact two web adresses:

media.syscast.net
apache2-blow.port-au-prince.dreamhost.com

Both adresses point to the same IP: 69.163.231.197.

The Server behind the Adress fakes a downloadable Video and the response is a video request – the data given back by this call contains several details about the client. This seems to be analysed.

At first: This may be a serious violation of several laws. The Privacy Act in the US, the “Datenspionage” Law in germany (where it seems Silk resides).

Second: There are serveral Ways to lock it down.
- Just start the Client with the –noquicktime parameter.
- edit the file c:\windows\system32\drivers\etc\host,
add two lines:
127.0.0.1 media.syscast.net
127.0.0.1 apache2-blow.port-au-prince.dreamhost.com
and save the file.
- block the IP adress mentioned above in your Router or firewall.

Another way of killing the detector may be to change the Client identification in the client itself to the ID of the standard viewer.

The Domain is hosted at dreamhost.com.

If you think, this data spying is against law, write an abuse to abuse@dreamhost.com.

Quite unshure are some other details.
It’s been told that this system bans not only the avatar using the forbidden client, but also the alt’s to this avatar.

How should this work? This could only be done by lurking some hardware details from the computer (Serial numbers, MAC-Adresses), and this data is used to determine if it’s an alt or not. This would be a very insecure way of detection – there may be more then one User at the computer.

The other way would be a data leak from Linden databases… i really don’t hope, this is real.

I’ll changed my netsniffer to alert me, if a SIM is using the CDS. i never used any alternate or illegal viewer. But i don’t want to support the Users of this ridiculous system with my money.
WTF?

Mar 23rd, 2010

So somehow cds snoops past the firewalls into a persons computer without permission from from the grid? This means they can also hack into your saved passwords file and steal that information.Who knows maybe even take over a person computer too.
We all know emerald will deny this, but how many crooks admit to stealing any how?
cds is nothning but spyware using an exploit emerald found to hack into a persons computer.
Ban cds, ban emerald and stick with the Official Linden Lab Viewer
Gaara Sandalwood

Mar 23rd, 2010

https://blogs.secondlife.com/message/141971

Wow…..

I got as far as the quoted convo between Person and Lonely before getting bored. I lol’d.

As for getting rid of currency, don’t see it happening except as a last resort(a very last resort).
Gaara Sandalwood

Mar 23rd, 2010

Also, on the subject of this whole mess, I have very few opinions for two reasons:

1. If LL is indeed going through with a plan to make all viewers deemed malicious and disruptive not allowed, then Gemini CDS will be around for only a short while, so there’s little reason to continue a drama fest.

2. I know almost nothing of how CDS or similar things would work specifically, so I could only share opinions on this matter.

An exception to 1 is the privacy theory. From the look of it, I am reminded of how the JLU would pull data from a private database in world to suit their arguments. But in this case, it’s a group/person/device that somehow has a hammer, and gets information that pales the JLU’s efforts in comparison(there are tidbits of evidence throughout the blog that CDS can supposedly detect what viewer one is using, which goes into your computer, beyond SL, and therefore violates privacy and privacy policies). Of course it seems the device detects any remnants of old viewers as well, and uses that as a basis of banning.

I have about nothing further to say on this matter atm, but if what is being said is in any way accurate, LL will basically let people log in on viewers liek NeilLife and then ban them for using them…….seems like a slap in the face to me.

Regardless, much seems up to speculation at this point(except for the privacy violations).
Darien Caldwell

Mar 23rd, 2010

“Well.. if this CDS System is active on a parcel and you tp there, your viewer connects to the CDS Server (media.syscast.net which resolvs to 69.163.231.197) , asking if there is a media stream. (regardless if videos are enabled or not as it seems).
Then the connection terminates. So there is no intrusion, no hdd scanning, no abused stream exploit or such at the moment (that is: until that system gets changed of course).
All information that is being collected seems to be the http stream data (i.e. User Agent Signature) and probably the IP. Nothing illegal as far as I can see (but IANAL).”

There is a flaw with this assumption. Checking a media stream would get you an IP address, and maybe the viewer ID string. But it would not tell you what avatar is receiving the stream. So how would they know which avatar to ban? That is where the problem lies, assuming this is how it’s being done. How are they tying real-life IP addresses, to avatar names?
Ari Blackthorne

Mar 23rd, 2010

wow LOL

Practically all comments must be from “bopybotters” – else you’d support the efforts.

I know persoanlly of 17 sims using the CDS – not all are retail stores. From those that are I am hearing “if someone wants to boycot – go for it, you’re not a customer I want”. As for abuse-reporting land owner who has one, ummm… that’s totally laughable.

Only way to know a parcel has one is to get your ass busted red-handed as being on the ban list to begin with (or newly added) to which I laugh. And besides, a parcel owner owns the parcel and has a right to do with as they choose and please on their own property to which you are visiting. So your A.R. will fall on deaf ears. But if it makes you feel better, drive-on, sunshine.

As for the comment “What I do miss is a list of Viewers that will not be banned. There is some confusion about viewers like Emerald, Cool Viewer and such.” – Ummm… Official Linden lab viewer won;t be banned. Try using that.

I am amazed at the rhetorical diatribe from all the whiners.

Boycotters = good thing. You’re likely not wanted anyway.

A.R. Spammers = so what? It takes a copybotter to know when and where to A.R. – else the system is relatively invisible. ll you do is dilute the A.R. system with useless bullshit. Which is why most A.R.s are ignored (such as the ones you submit) LOL

All the rest = lulz.
Dr Hax

Mar 23rd, 2010

i’m an actual network engineer and what i found out is that there so called system probes a persons system and goes directly to the sl / emerald folders and scans it for certain signatures, but if you move that folder to another part of the system there program then scans your system.

oh did i forget to mention there system uses port 80 and uses a brute force system which is sent through the client viewer.

yep they are breaking the law since the details are saved on the same network as JLU
Danziel Lane

Mar 23rd, 2010

“Practically all comments must be from “bopybotters” – else you’d support the efforts.”

Nope, I do not think a “bopybotter” posted here.
This “must be” thinking causes people to build up databases with private database and then perform “justice” on people they THINK to be bad.
The information, which IP uses my ava with which viewer is private and nobody is allowed to harvest this information.
So, there is not much difference between stealing my textures and builds and stealing my identity.

Support the efforts?
Sure I would, but the way to fight one unlawful action by another unlawful action … no, I can’t suppor that kind of self justice.

“if someone wants to boycot – go for it, you’re not a customer I want”

This must be a real modern understanding of customer relationship. The Lindens perform a lot like that and residents whine a lot about it, so yes, why not do customer bullying like the Lindens demonstrate so well?

“As for abuse-reporting land owner who has one, ummm… that’s totally laughable.”

Yep, the same right as RL businesses have in their houses. They can kick out whomever they want.
But unlike SL “business people” I seldom see that in RL.
RL businesses are happy, when customers come, they do not talk about their domestic authority all the time.

“Only way to know a parcel has one is to get your ass busted red-handed as being on the ban list to begin with (or newly added) to which I laugh.”

I would call it “red handed” when I see someone copying, not when someone has one “bad” viewer on his harddisk. It’s like carrying a weapon … you are not a murderer caught red handed, only cause you wear a weapon.

“And besides, a parcel owner owns the parcel and has a right to do with as they choose and please on their own property to which you are visiting.”

1. Again, this must be the modern understanding of customer relationship.
2. No, it’s not land, it’s just server space. And if this server space should be used to tell others about my ava, IP and viewer, it’s nothing that is allowed even to so called parcel owners.

“I am amazed at the rhetorical diatribe from all the whiners.”

If you are ok with collecting and harvesting your private data, carry on to whine about the whiners.
Ari Blackthorne

Mar 23rd, 2010

@Denziel Lane – you are laughable!

“This must be a real modern understanding of customer relationship. The Lindens perform a lot like that and residents whine a lot about it, so yes, why not do customer bullying like the Lindens demonstrate so well?”

Why would you boycot a store that has security guards and cameras and a sensor that screams a million decibels if someone is caught stealing? It’s a stupid argument, except in the case that your intention is to steal from them and they make it too difficult to do so.

“Yep, the same right as RL businesses have in their houses. They can kick out whomever they want. But unlike SL “business people” I seldom see that in RL. RL businesses are happy, when customers come, they do not talk about their domestic authority all the time.”

You, like most, totally misread and don’t apply any effort to *comprehending* the statement I made. Which had to do with not the act of kicking people out, but the fact that one has the *right* to kick people out. But of course you spin it to make it sound like I am to mean that businesses choose to do so on a regular and consistent basis.

I said: “Only way to know a parcel has one is to get your ass busted red-handed as being on the ban list to begin with (or newly added) to which I laugh.”

…to which YOU said: “I would call it “red handed” when I see someone copying, not when someone has one “bad” viewer on his harddisk. It’s like carrying a weapon … you are not a murderer caught red handed, only cause you wear a weapon.”

This argument is laughable at best. Ludicrous at worst. I’d like to see you go gallivanting around into any public place in any urban setting in the Wesrn world with a firearm strapped to your waist. In some places, yes. But those are the exception to the rule. Most businesses (specifically commercial storefonts) would quickly escort you out of their premises for carrying a gun.

Hence your analogy only makes my point for me. if you have one of these :illicit” viewers, you first had to conciously seek it out, download it, and then actually use it (stupidly, I might add, by travelling the grid with it). Hence you intention has been revealed. Certainly not all people whom have used these viewers have the intent to do so with unscrupulous intent.

That is why there is a simple method of requesting an appeal to be removed from the ban list. Just like the “Do Not Fly” list of the United States contains many names of seemingly innocuous people, those people are on the list because they have a propensity to be a danger.

The same concept for the CDS list the way I see it.

“1. Again, this must be the modern understanding of customer relationship.

2. No, it’s not land, it’s just server space. And if this server space should be used to tell others about my ava, IP and viewer, it’s nothing that is allowed even to so called parcel owners. “

First of all your I.P. address is not private information. Anyone on port 80 can see it. As for the difference between “land” and server “space” – your point is moot. it’s my space. So my previous statement still stands.

“If you are ok with collecting and harvesting your private data, carry on to whine about the whiners.”

But this is where your argument falls flat on its face: what private data are you speaking on? I have yet to see anyone show me what data that is used or collected that is “private” in any sense of the word.
Gaara Sandalwood

Mar 23rd, 2010

“i’m an actual network engineer and what i found out is that there so called system probes a persons system and goes directly to the sl / emerald folders and scans it for certain signatures, but if you move that folder to another part of the system there program then scans your system.

oh did i forget to mention there system uses port 80 and uses a brute force system which is sent through the client viewer.

yep they are breaking the law since the details are saved on the same network as JLU”

But of course the supporters will refute such. The blog I posted has possibly over half of Rene’s posts as nothing but using info that’s not even related to CDS to attack Tux’s posts.

Ari: “As for the comment “What I do miss is a list of Viewers that will not be banned. There is some confusion about viewers like Emerald, Cool Viewer and such.” – Ummm… Official Linden lab viewer won;t be banned. Try using that.”

…….wtf? That’s the point, not everyone wants to be stuck using the SL standard and SL 2.0 clients. Most actually liked the third party viewers. As for the stores that use them, I am thankful I only shop at a few select places that likely haven’t given in the the advertisement of CDS.

“Practically all comments must be from “bopybotters” – else you’d support the efforts.”

I have never copybotted anything. As I said in a previous post here, I use only standard SL and Emerald. I’d LIKE to use other viewers to get a feel of them, see what the differences are between them and more standard viewers, but unfortunately things like this prevent me from even trying.

The fact that I don’t want to get my account banned should be proof enough I’m not a ripping obsessed botter.

And yea just about everything Danziel said.
Gundel Gaukelei

Mar 23rd, 2010

Is it just me or do I sense some anger in the words of Mr. Blackthorne?
Gaara Sandalwood

Mar 23rd, 2010

“Why would you boycot a store that has security guards and cameras and a sensor that screams a million decibels if someone is caught stealing? It’s a stupid argument, except in the case that your intention is to steal from them and they make it too difficult to do so.”

lol, sorry, but I have never seen a store like that.

“First of all your I.P. address is not private information.”

Um, if it’s not of a computer that falls as part of some sort of business, yes, yes it is.

Wow, less than a day after posting that blog and the defenders come.
Gaara Sandalwood

Mar 23rd, 2010

I stand corrected. yet again I was actually wrong about that last bit. technically, the IP address could be considered private information but once connected to the internet anyone who knows what they are doing can obtain it.

Still, just because someone can get it doesn’t mean the person wants it acquired by a third party.
Ari Blackthorne

Mar 23rd, 2010

@Gundel: it’s just you LOL

I am an agitator. I enjoy playing devil’s advocate in most subjects.

Never take anything “SL” so seriously that it allows you to get angry at SL anything. Rule: don’t really care what anyone else does or thinks. This is entertainment!

“They” like to say SL is not a “game” – but it is really nothing more than simple entertainment! if you take it (and this very subject for that matter) too seriously, there is a definite imbalance in your life!

Hahah!
Ari Blackthorne

Mar 23rd, 2010

OH! And for all you “MY IP ADDRESS IS PRIVATE!!!!” advocates…

http://whatismyipaddress.com/

If this web site can so blatantly show you where you are in the world, any other web site can do the same and just not tell you. The rampant ignorant-bliss is utterly astounding.

Okay – had my fun. You all can flame me to let out some of that hot-headed angry pressure you’ve built-up at my comments here. LOL
Gaara Sandalwood

Mar 23rd, 2010

Well I generally enjoy it being private, but like I said I can’t stop someone from getting it if they know what they’re doing.

At least CDS is not using them to obtain rl info on people.
Danziel Lane

Mar 23rd, 2010

Hi Ari,
interesting way you like to discuss matters. You say: “You, like most, totally misread and don’t apply any effort to *comprehending* the statement I made.”

OK, so the problem is that I don’t make and effort comprehending you.
Well, here is what I read of you talking about me:

“@Denziel Lane – you are laughable!”
“It’s a stupid argument”
“This argument is laughable at best.”
“But this is where your argument falls flat on its face”
etc. etc.

So, yes, we might talk about the matter, or we might talk about how stupid and laughable the other is.
If it comes to flaming the other side, there must not much be left of your arguments.
Thanks for making that so clear to us all.

“Why would you boycot a store that has security guards and cameras and a sensor that screams a million decibels if someone is caught stealing?”

I would not. But this system does not dectect stealing.
It detects the use of a viewer that is labelled malicious.
Nothing more.
And it is so easy to make it discunctional, so the real copybotters can come with an alt, block the server the system uses, and go on copybotting, while the shopowner thinks they are safe.

However, when I arrive at a store where at the door I have to give my name and address and then they count my fingers and find I got 10 of them and so say I am well prepared to steal, and then they would phone all the shops around and give them my name … yes, then I would start to think about boycotting this shop.

“except in the case that your intention is to steal from them and they make it too difficult to do so.”

All I see, the system in question does not detect stealing (copybotting) but only the tools to possibly copybot.

“Which had to do with not the act of kicking people out, but the fact that one has the *right* to kick people out.”

See, I have the right to do soooo many things.
But only because I have the right to do something, I would not do it necessarily.
So, for example, if I own a business, I would not necessarily kick people from my shop.
Like in RL: If you want success in your business, you should think more about good relations to as many customers as possible than of kicking some, cause you have the right to do.

“But of course you spin it to make it sound like I am to mean that businesses choose to do so on a regular and consistent basis.”

Yep, the argument about the right to kick is stressed a lot lately, so, yes, it almost sounds that it’s used on a regular and consistent basis. Also: I heard of a shop owner who installed the system and had 15 of their 20 customers ejected from their sim within seconds. So what they did next was to kick that system, send apologies, and now set up a sign that this shop is a CDS free area. I somewhat like that idea.

“Most businesses (specifically commercial storefonts) would quickly escort you out of their premises for carrying a gun.”

Hehe, this was not the question. It was a metaphor. The question was: am I a murderer, cause I carry a weapon?
Of course I would not carry it in a shop. In a shop I have 2 hands and 10 fingers, great tools to steal. So is the posession of hands and fingers a reason to kick me from that shop?

“That is why there is a simple method of requesting an appeal to be removed from the ban list.”

I have seen some mails that are answers to such appeals.
So I have my own thoughts about that.
Also: how can I appeal? All I can say is: I have not stolen content or even used a malicious viewer.
Their FAQ say, this is not, what would make an appeal successful.

So, tell me, how could I make evident that I have NOT stolen and NOT installed a malicious viewer?
And appeal can only be made, if the evidence of my “wrongdoing” would be told to me. But that does not happen.

“First of all your I.P. address is not private information.”

The connection between my IP, the avatar name and the used viewer IS private data, and I always mentioned them together.
I don’t want anyone but Linden Labs to have that combined data.
And if these come into a database of a third party and they might start to look at what variety of IPs my avatar uses, I really would not like that database in the hands of anybody else. I allowed that to the Lindens, but I will never allow that to someone that even hides their name when you look at the server they use.

See, what private data I talk of? If I walk through SL and come near their system 3 times a day … after some days they can extract very well, from what IPs my ava comes to SL, they can tell, when I travelled to the UK or to L.A. and they can tell, when I was online from my home or with my wireless stick. Whenever I meet their system, a new set of data is sent … and I do not want someone to harvest such information about me.

That is, why in my country (which they say might also be the country or the creator of that tool) it is forbidden to collect and harvest such data … even for the authorities, as the highest court here judged only 3 weeks ago.
We

Mar 23rd, 2010

“Practically all comments must be from “bopybotters” – else you’d support the efforts.”

I know there’s one convicted and banned copybotter behind CDS: Skills Hak. Banned on the account Skills Hax for knowingly copybotting and selling another user named JC Hill’s items. Interesting that she’s got a “second chance” but apparently believes no other copybotter but herself deserves one. Culling the competition I guess.

But sure, keep up the “If they disagree with me they must be criminals!!1″ argument, it worked for McCarthy.
Alyx Stoklitsky

Mar 23rd, 2010

Uninstall Quicktime.
???
PROFIT!
Gaara Sandalwood

Mar 23rd, 2010

I’m reading blogs and finding it very interesting. Nearly EVERY appeal request is overturned by Hak who responds that they were detected using a viewer in the past.

Nearly EVERY request is being turned down.
Senban Babii

Mar 23rd, 2010

@Ari

““Why would you boycot a store that has security guards and cameras and a sensor that screams a million decibels if someone is caught stealing?””

But that’s the thing though, right? This system doesn’t actually start screaming a million decibels if someone is caught stealing. It does so just because it *presumes the intention to steal* just based on how the person arrived at the store. For a RL analogy, consider a store that turns away customers simply based on what car they drove to the store in. If someone is *caught* stealing then fine. If someone has been caught stealing from that store *before* then fine. But banning someone from a store based on the presumption of intent to steal simply because they drive a different car to you? That’s right is it?

I’m all for punishing those who steal but presumption of guilt before the fact is not the way forward. That wouldn’t wash in the real world and for good reason. Innocent until proven guilty, remember?

Also, given the messed up state of the SL economy, I think stores need to be a little realistic and accept that they need to hold onto every customer they can, even if profits are a little degraded due to theft. Those that don’t care that people are boycotting them will probably be gone before long anyway in the current financial climate.
shirlee

Mar 23rd, 2010

@ Darien Caldwell:

connection IP to avatar name is not that big problem.
All you need is a time stamp when that avatar enters sim and a time stamp at which a viewer requests details about a stream.

Since this happens immediately after entering the sim (within a few seconds time frame) you have a good chance of getting IP the address of an Ava. And his HTTP Signature.

Only problem is if there are lots of TP to that sim, but in this cases a system just could ignore those avas, so that no false positives are generated.

If you just ask a befriended DJ with a server of his own, he probably might tell you what IP you do have when you enter his club with audio streaming enabled
Danziel Lane

Mar 23rd, 2010

@ shirlee
“connection IP to avatar name is not that big problem.”

Problem 0:
There are many things that are no problem to do, but should not be done, if others’ privacy is interfered.

Problem 1:
The problem is not to get that, but to collect it and harvest it for other reasons than to run that streaming server.

Problem 2:
The DJ has not installed a series of other objects that might show my way through SL and he will not store this to make conclusions from it about me stealing his music.

Problem 3:
Nobody who gets such data or connections is not allowed to pass it on to others especially without my knowledge and with no chance for me to check if he didn’t err.

Problem 4:
The DJ will not make conclusions from this data about me stealing music nor will he pass it on to others with the suggestion to eject or ban me.
WTF?

Mar 23rd, 2010

Well they can keep their spyware tools. I gave up shopping at laggy malls and stores in SL long ago. I can log in search, find and purchase what I need from xstreet in less time that it takes to TP and wait for a store to rezz.
I only use the Offical SL viewer and none of the 3rd party viewers that is just asking for your account to get hacked.

“I know there’s one convicted and banned copybotter behind CDS: Skills Hak. Banned on the account Skills Hax for knowingly copybotting and selling another user named JC Hill’s items.”

Amazing, we have a copybotter who has created a 3rd party viewer and now some spyware device to hack into your computer. Why is this not surprising? Yeah I’ll stick with xstreet and you guys can have your laggy malls and spyware devices.
Formerly Orion Shamroy

Mar 23rd, 2010

First and foremost I AM NOT a thief, nor am I a “copybotter”. I do however believe in the right to privacy, which is something that this system quite frankly invades. Any system which records not only your location throughout the grid, but as well details of your client / system configuration WITHOUT your permission or at least the option to leave before scanning is deplorable to say the least.

I stopped using Second Life on a regular basis long ago after prior fuck-ups by Linden, however this system in combination with Linden’s blatant support of it was the last straw for me. As of March 1, 2010 I’ve deleted my main account and two alts for good and I’m never going back.
K.T.D.

Mar 23rd, 2010

@Ari: “Practically all comments must be from “bopybotters” – else you’d support the efforts.”

Really? Did you borrow Prok’s pipe this morning? Can I have a hit? That shit you’re smoking must be dank as fuck!

But seriously, I challenge any *Linden Lab* employee reading this (Read: Not you, and not Skills Hak.) to search through my entire inventory. All 7000+ items in it and find one stolen item in it. And that counts my alts too. Why?

Because I don’t steal and they would not find anything. Why would I risk a nearly 2 year old account being permabanned for something stupid like stealing less than a dollar’s worth of content when I can just spin a set or two, work for it, have a good time and get what I want after I put the decks away RL?

They can even come to my OpenSim and have a look around. should they ask. I can arrange to open it up to one of them. Hell, they can have a copy of it’s database, I don’t care. Still, nice try to defame anyone who does not agree with your opinion.

““Why would you ‘boycot’ a store that has security guards and cameras and a sensor that screams a million decibels if someone is caught stealing?””

Yes I would BOYCOTT them, if something screamed loud enough to permanently damage the ears of every living creature inside the store, but seriously. It’s the same reason I loathe shopping at Fry’s Electronics, where you’re herded through the checkout like cattle and your bags are searched coming out of the store whether or not you were spotted doing anything wrong. Only this system goes further. With Fry’s you know you’ll have to deal with it prior to going to the store. You have the option to not go there based on that information. The CDS however, is installed silently by many of it’s users, and we as shoppers have no opportunity to say “No thanks” and opt out of being scanned.

The CDS does not detect THEFT. the CDS detects the mere installation or even ***past use*** of a client that fashionistas get their panties in a twist over. Regardless of if that use took place on LL’s grid, or one’s own private opensim. Would you support arresting Americans who smoked a little ganja on a trip to Amsterdam, where the act is legal? If yes, please move to Bali, you’d fit right in.

let me give you some real world examples of your twisted logic:

“You own a Corvette. We are going to take away your license because the car is capable of felony speeding, therefore you must be doing it. Anyone who objects to this is a street racer.”

“You touched a gun! You are under arrest for murder. Whose murder? Don’t argue with us, it only proves you killed someone, we just haven’t got a body or even a missing person but you did it!”

“You have a shovel, some dirt and access to water! You’re under arrest for growing marijuana! Only a dope growing hippie would dare question us on this!”

“You own a Blu-Ray burner! You’re under arrest for movie piracy! Why else would you have one of those drives if you weren’t selling pirated movies?!”

Some of the other batshit insane things CDS subscribers have done would include hair that deletes itself, calls you a thief and runs home screaming bloody murder to the creator if you dare to so much as try to rez it on the ground. Really? I guess anyone rezzing things on the ground should also be banned, after all, everyone knows some outdated copybot clients can’t copy attachments so what other reason would you have to rez a prim?

“This argument is laughable at best. Ludicrous at worst. I’d like to see you go gallivanting around into any public place in any urban setting in the WesTErn world with a firearm strapped to your waist. In some places, yes. But those are the exception to the rule. Most businesses (specifically commercial storefRonts) would quickly escort you out of their premises for carrying a gun.”

Uh, you try telling a Texan they have to leave their gun at home. Or come to Arizona and try that. Open carry is legal (including in bars now). Pointing it at random people is not. Even then your comparison falls flat on it’s face because the CDS detects past use of banned clients even if they were used to access one’s own private sim hosted on their own personal computer. It cannot tell if that use was on the LL grid or somewhere else where the TOS does not apply. Do banks shout “GUN” and call the cops in because a customer was at the firing range a week ago? Fuck no.

Want to argue with that? Prove that it doesn’t. I know for a fact that it does. Then tell the class why a CDS rep told a person who appealed to *REFORMAT HER HARD DRIVE AND REINSTALL WINDOWS* to have their ban lifted, because if they didn’t, CDS would keep booting them regardless of what client she used?

“That is why there is a simple method of requesting an appeal to be removed from the ban list. Just like the “Do Not Fly” list of the United States contains many names of seemingly innocuous people, those people are on the list because they have a propensity to be a danger.”

Man, stop bogarting that bowl and share it with the class! The no-fly list has 4 year olds, 80 year old grannies and people who dared to criticize Bush while he was in office. I can’t think of a single toddler that I couldn’t punt across the room or a little old lady I couldn’t snap in two if they tried to hijack a plane.

Still, it’s an accurate comparison at least in the fact that the appeals process to get off of the CDS is about as useful as the process of getting off the no fly list. And much like CDS cannot detect hacked versions of emerald or vanilla clients, the no-fly list does not stop every muslim with extremist views from making a try at getting his virgins in the next life.

Since there’s no requirement for disclosure, how about this suggestion: Lets compile a list of people who do NOT use Gemini CDS, and, regardless of one’s status on the ban list, have a day where we go to their stores….

And BUY a whole bunch of shit to reward them for being one of the smart guys/gals? It doesn’t matter if it’s L$1 or L$10000, whatever you can afford that you like. Reward them, they deserve it.
Darien Caldwell

Mar 23rd, 2010

I retract my previous statement. I do see now how an avatar could be associated with an IP address.

The process is pretty simple. The object detects an Avatar arrives in the sim using a sensor. It targets them with a PARCEL_MEDIA_COMMAND_AGENT command to get them to play the magic video. This sends the persons IP and Viewer id to the server. The Bot synchronizes these two events, The Avatar ID of who was targeted, and the IP/Viewer ID of who just viewed. Thus the connection is made, and based on the viewer ID, a ban is initiated, or not. Because they also have the IP, they *can* detect alts, because of IP matching.
K.T.D.

Mar 23rd, 2010

@gooser:
Thanks for the info. I’ve added those hostnames to my hosts file. As Skills does not provide an opt-out of being scanned option, I guess I’ll just take the matter into my own hands.
Gundel Gaukelei

Mar 24th, 2010

@Ari Blackthorne

Bx, fb unir cuha gebyyvat
Elle

Mar 24th, 2010

Skills Hak, really am I the only one to see the irony in that name
Elle

Mar 24th, 2010

I don’t think they are able to detect alts, even if they had IP address, surely only LL can ban based on IP address
Nebula/PinkBunny

Mar 24th, 2010

All right kiddos time to set thinks for the record. After hearing this i dusted off my old rar files got onto a viewer found sims running cds and was successfully able to copy bot things. I used kore, riv life, cryo life, sple, my old nebula life piece of shit viewer, and many versions of neil life. cds is fail. for the record i did not distribute any of the content i copy botted and deactivated the account after testing the cds systems. cds sucks skills needs to do more work on it, yet another emerald dev thinking they are smart but alas they are retarded. to be honest copy botting is retarded just inspect the prims look at the creation times. anyone who actually bots to avoid paying for content or to steal and resell it is stupid. copy bot is even stupid as back up and the entire argument is basically pointless. oh and may i remind you skills collects personal information from people with this shitty cds crap not to mention im sure there is some other sort of tos violation in there. so lets see emerald can break the rules becuase people use their shit? copy botter or not send an abuse report regrading the cds system over skills hax and all the other emerald team involved in the project. not to mention most of the clients it detects were made by some of the emerald devs. nice little racket they got going there isnt it?
Sylauxe

Mar 24th, 2010

I don’t know how someone makes their writing look like it was made by a very fat man, but somehow you did it Nebula. Literally everything you type gives one the mental image of a fat, ill-shaven man fused to his computer chair.
Holger Gilruth

Mar 24th, 2010

Click on my name you will find a website with the at the moment known sims who are using the gemini system. The text is german but i am sure everyone allready know what this tool do
LOL

Mar 24th, 2010

IDK if it is Funny or Pathetic that a resident has done what Linden Lab could not, offered a solution to Copybot. Granted this solution will most likely end up causing an even larger problem then copybot, however kudos to Mr. Hax you beat Linden Lab at thier own game. I hope ur making a small fortune of this product while you can.
Calif

Mar 24th, 2010

@Sandrina: Skills has nothing to do with NeilLife you crazy cunt.

The amount of bullshit and FUD spread by copybotters and people who have clearly no idea how things work on the intarwebz is amazing.

OMG it reads my harddrive! It must be banned and ban the creators too, oh wait it doesnt, wait – no quicktime exploit? damn – but it still invades my privacy, ban it! oh wait it doesn’t do that either? but it certainly must be against TOS, no? Oh crap – but it doesn’t ban all the copybotters, so boycott it !! Oh wait you knew that?
Oh well fuck it i’m just going to tell people skills is working on neillife lolol, everybody will believe me.
At0m0 Beerbaum

Mar 24th, 2010

Oh boy, another megalomaniac with a database of “here’s a list of people I don’t like and you shouldn’t either.” mixed in with a bunch of random alts that are used for copybotting to make it seem legit.
DarkAngel

Mar 24th, 2010

I dont really Trust CDS, I think it is Pathetic system. Because I got myself banned from CDS For no reason, without a chance of appealing really, or any response from Skills Hak, which already proves abuse right here. The reason I was banned, was simply because I was using an illegal viewer, which has the ability to detect, and ban griefers, as well as many other things, including copybot, if you decided to use this feature, which is illegal if you did not fully create the content only. However the bigger Concerns remain, While CDS detects and bans you From Hundreds of Simulators, Could This be Considered illegal under SecondLife Terms OF Service, as Defaming of a resident, or Global Attacks/Violation OF Privacy, although no Real Life Data seems to be collected, but SecondLife Data is without your concent.

Also This means that Legal uses of LIB SL, such as copybot 2.2, or a user that login to any copybot viewer to legally backup content 100% Created by them other than emerald cannot no longer use this feature,or a client like this, because if they try to in any Simulator, or parcel that has CDS on it, they automatically get flagged, and Banned from the entire CDS system for not even abusing. Thisi s why I see CDS as bad, and because this is not controlled by linden Labs, a normal resident should not be allowed to run thees type of systems.

So Is this a massive TakeOver, What will be the future of SecondLife really with these guys into it, There will be more attacks, More banned accounts by CDS of course, and a lot more stuff going down as long as this goes on. Also Has CDS attempted to cover up any Truths on Youtube? I have seen a lot of Videos against CDS removed for copyright violations which were fair use.
DarkAngel

Mar 24th, 2010

Oh Yeah not to mention now that my reputation in SecondLife has been ruined because of this, Over $2000 USD full of inventory content, and Land Losses, I wish I really had enough money to file Criminal Lawsuites against CDS, I would absolutely do it, because I Think all of things is wrong.
Alyx Stoklitsky

Mar 24th, 2010

@LOL:
>IDK if it is Funny or Pathetic that a resident has done what Linden Lab could not

Have you been living under a rock?
LL has a 5 year long track record of letting residents do their work for them.
Missy

Mar 24th, 2010

@darkangle oh for gods sake, why do people keep talking about sueing and court proceedings. WHere I live we don’t sue people or threaten to sue people every 5mins. Seriously, lawyers are not interested in your loss of freaken pixels, get overf it!!!