He's the only person I've seen propose a decent and effective non elitist proposal in the IP theft debate.

Huns.

YOU ROCK

this rave is worthless with a link. :-)

Here you go, Troy

I'd rather see something a bit different...

I don't want to see restrictions placed on unverified accounts that would prevent them from transferring items. For cashing out, yes, I agree on that. Restricting them from passing scripts and notecards is a waste of time as all it will take is an external communication method or even just pasting the contents to chat to get around that.

There should be a way for a person to get LL to remove stolen content without having to go through DMCA. It does leave open the potential case of a person who sells something full perms and then fraudulently sends LL a takedown notice, but I think we can take care of that case as follows:



LL adds a field to all objects which contains a checksum describing the object - all of its prims, and all content contained in those prims, and all permissions applied to the object and its assets - a digital signature
When the object is transferred, that digital signature is saved in the object's metadata and can be looked up by LL at any time
This makes it possible for you to transfer something to someone else in a way that indicates, for the record, that the permissions applied (copy/mod/transfer) are exactly what you intend for that object as you are giving it to the person you're giving it to
This makes it impossible to take a full permissions prim from someone and use it as a basis to replicate something and claim that the creator gave it to you with full permissions
There could be a field in the object properties & made available from the Inspect window that indicates whether the object has been modified since the original creator transferred it; this would indicate whether the object's signature matches the one stored when the creator first transferred it

WE WANT HUNS!! WE WANT HUNS!!! WE WANT HUNS!!

(hrm, why do I feel like I'm encouraging an invasion?)

can i be robin hood?

can i be robin hood?

I thought you were Andy Kauffmann?

"Mercy will not be shown, prisoners will not be taken. Just as a thousand years ago, the Huns under Valen (Etzel) won a reputation of might that lives on in legends, so may the name of Valen in SL be asserted such that no resident will even again dare so much as to squint at a Valen."

-Kaiser Wilhelm II

Nice idea, I do not see how it can prevent theft as the copybot type of software gathers all parameters and simply creates NEW objects on the server side with identical information. If there's a field that identifies the object as stolen, then the copybotters can simply elect to omit this field.

OR are you saying:

3-4 objects gathered together as a linked object create a unique set of numbers that come together in a unique way -- THIS is the digital watermark -- the dimensions etc of the object. So if someone else gets all these numbers exactly the same then their object gets rejected by the system?

What about textures then? How are you handling those?

Huns Linden just doesn't have the same ring to it.

The idea is this...



Your object has a digital signature, including timestamp, that proves you created it first
Any like object created later, even if a perfect copy, will be provable as a copy because its digital signature identifies it as being created after the original
Because the digital signature includes the C/M/T permissions, the original creator can't give you something full perms and then claim later that you copybotted them or used some full permissions prim of them to make a fake copy; therefore, if the creator give you something full perm, it's yours - so you are protected from a fraudulent takedown by a malicious creator
Because we now have a way to prove who originally created the object, we have a way of demonstrating that a takedown request is legitimate without having to resort on the DMCA (which is slow, costly, and reveals RL info)

No, it doesn't stop someone from copybotting you. It gives you recourse to having the copies quickly lasered off the grid.

Go back there, there is another challenge to your solution, which frankly doesn't make sense.

If you change an object, it is still listed as your original creation.

I think I would be highly insulted if someone thought I was Linden employee material...you know...with their record of competence :frolic:

Just sayin'

Go back there, there is another challenge to your solution, which frankly doesn't make sense.

If you change an object, it is still listed as your original creation.

i would bet the date parameter is factored into the hash

so the same object created a minute later would be a different hash

it might work if the hash was solely server side and never displayed to the client

an invisible field

but your question does poke a little hole in it... what about updated products?

a knock off of an older version would be newer than an updated version

i would the date parameter is factored into the hash

so the same object created a minute later would be a different hash

it might work if the hash was solely server side and never displayed to the client

an invisible field

but your question does poke a little hole in it... what about updated products?

a knock off of an older version would be newer than an updated version

True, but the original creator could present the older iterations also, to prove it was his.

This is the clarification I just posted:

I haven't really gone into a lot of detail on what the digital signature would comprise. It's not just a hash. It would have these attributes and possibly others, to be thought up by people smarter than myself:


Original creator
Timestamp at last link
Timestamp at last link change (i.e. you repositioned a prim or changed a texture on a face)
Timestamp at most recent taken-into-inventory (which is already stored, actually)
Parameters on object & all contained assets as well as source and destination avatar at first transfer (i.e. owner -> buyer)
Parameters on object & all contained assets as well as source and destination avatar at most recent transfer (i.e. friend -> other friend)
A hash uniquely identifying all of this that can be indexed for fast lookup without having to do a mass comparison of multiple properties

What goes into "parameters" is a snapshot of permissions on all assets. You can also store the complete primitive params of all objects in the link set, although that would be pretty space-intensive. It could be compressed or you could simply store a hash of it all. However, the permissions could not be stored as a hash because that is a one way proposition and LL needs to be able to inspect the permissions at different stages in order to determine what permissions the object was transferred with (& thus whether the creator is trying to initiate a fraudulent takedown.)

And so, when Big Jerk steals the dong, Stroker tells the abuse department where to find his original, where to find the ripped copy, and the abuse department is able to get a substantive history on both objects. With that, they are able to quickly determine which is legit and which is not.

In the case of Big Jerk making a total carbon copy and not trying to adjust the parameters at all, finding any variants is made even easier because they will have a compound signature (e.g. numerous identical parameters) as the original. However, that would require a more expensive database query & I doubt they would want to run it on any kind of regular basis. If they have a true data warehouse set up, it would make it easier to run that kind of query. Even if the knockoff has a few parameters adjusted, it will still visually be close enough that the abuse dept. will have little trouble recognizing it as a knockoff.

Some you fine FIC folk should pass this on to the people with power.

I think I would be highly insulted if someone thought I was Linden employee material...you know...with their record of competence :frolic:

Just sayin'I have a few friends/acquaintances who are Lindens. They are actually pretty good at what they do (*VERY* smart) and I wouldn't mind working with them.

Now if LL will just open a satellite office in L.A. San Francisco is a nice town, but a team of wild horses couldn't drag me away from this place.

Now if LL will just open a satellite office in L.A. San Francisco is a nice town, but a team of wild horses couldn't drag me away from this place.

funny, i need a team of wild horses to drag me into L.A., and thats just for the night

I have a few friends/acquaintances who are Lindens. They are actually pretty good at what they do (*VERY* smart) and I wouldn't mind working with them.

Now if LL will just open a satellite office in L.A. San Francisco is a nice town, but a team of wild horses couldn't drag me away from this place.Aww heck, I was only joking, kinda :angel1: :pie3:

Lindens as individuals are fine. the only problems seem to happen when they all get together on something.

Bump.

Bump.

dood

we got a smiley for that

:bump:

Thanks for developing this idea and telling us what it is Huns.

I hope I would not offend you if I continued asking questions... so I proceed...

So far most of your focus has been on prim objects and such. Does your protection scheme also help with textures, scripts, animations?

As you know Stroker is suing for script theft and I think Munch is suing for texture theft.

A little prim theft is inevitable as we're a monkey see monkey do species. It is rare that we hear about uproars over furniture or prefab transfer of "inspiration". We seem to be constantly talking about theft of skins, fashions and scripts.

So I would not worry too much about protecting prim work as no one seems to care about it anyway. Hehehe I am being a little tiny bit sarcastic there with that last sentence.

I really don't think prim theft is something no one cares about. It is worth protecting with this system.

I didn't mention this in the original spec, but yes, the digital signature would apply to textures, skins, articles of clothing, scripts, sounds, animations - any asset, really. Obviously things other than objects don't require as much metadata since you can't link two textures together.

Some Honest Comments & Thoughts

I hate to rain down on smart good willed people's parades but all of this is assuming that Linden Lab wants to commit any bandwith human or machine to the trackdown of content thievery. They have simply refused that this is a problem.

When copybot first came out there were people who were comparing the SL client to a web client and saying just like you can not copy protect HTML, you can not copy protect your designs in SL -- it is an open platform -- it needs to run free.

At the time I said omg are you insane? What kind of a comparison is that??? So the ability to copybot things was touted as actually A FEATURE by Linden Lab and estate owners like Prok actually freaked out and sided with Linden Lab thinking that if they protested all of this their estates would be in danger. It's all there in the forumz, how everyone went up in arms first when copybot became public and then how estate owners coerced people to open their shops back and in a few weeks it was as if it never happened. Amazing what you will get used to given enough time. ... Look it up -- official forums, SLU, and unfortunately old SC had all the records of these discussions.

I find it so ironic that here we are 2 years later, at the point I said we would get to. I hate to say this but "I told you so" and you know there's a dance that goes with that:

YouTube - Scrubs Elliot's New 'I Told You So' Dance


Some Technical Thoughts:
In a database, this signature would be what type of field? Any thoughts? What would generate this signature? A Linden algorithm on the server side?

I have noticed that lindens try to be REAAALLL conservative with changes to the asset tables. I wonder how much change this would require, how much processing would be needed to assign a signature to all assets, how much extra storage space is needed for this signature? How would we roll it out? The grid would have to come down while they're updating all the asset tables to include a signature for every asset. How much downtime is needed?

A Scenario:

Say a signature is generated and assigned to a texture on the server.
The asset record in the database for this texture will have name, properties, permissions, creator, owner, and the signature fields in addition to a pointer to the texture in the asset repository.
Then I copybot the texture out of SL.
All the fields in the database are now beyond reach, all I have is the texture itself.
I load it up into photoshop, screw around with it a bit and then reupload.
When I reupload a new record is created with the appropriate fields for creator, owner, properties, permissions and a brand new signature as this is a new asset.
You as the original content creator notice I am being an ass and report me.
Linden Lab looks at the signature of your texture and then somehow the signature of my texture also the same? (how does that happen btw??) and then they take down my texture and my second life hell.

How does the uploaded ripped off texture have the same signature as the original? That's the million dollar question here.

Could you walk us down this pathway? I am just trying to understand what is to be implemented as a coder. Like Desmond said us "dumb" coders need a lot of information before we can write the code you need.

What will make sure that a signature is retained from an original to ripped off content that gets converted to txt(xml for the prims), jpg/bmp(for the textures) none of which have fields to store the signature mentioned. I am just not seeing the pathway that allows the signature to be retained so that it can be recognized and help isolate stolen content.

Final Words:
Does the current pending class action lawsuit actually change all of these previously noted dynamics? Perhaps. But it may just be easier to pay a fine and then eject all the people that participated in the class action lawsuit and continue with the grid unchanged. Keep that in mind.

Participants of the class action lawsuit have to understand that they may be burning bridges with SL for say 30 dollars in compensation per head. You can not sue a company and then expect to continue relations with them. SL is not a public property -- it is not a street, a public park or the subway -- it is someone's property and they will kick you out as fast as they let you in and delete all your assets while the door slams you in the butt.

I frankly don't think copying is that much of a big deal. Having been in the whole-sale markets of Beijing before which resemble the mainland except in RL, there are reasons why rampant IP theft don't destroy capitalism:

1. Merchants need to maintain a reputation for quality and value (as enforced by media, et al.) Rippers run fly by night operations that are not respected and may well rip off the customer with shoddy property. This is true in RL as in SL.

2. The perception of value means that people would have a real Coach purse with all the status that presumes than a fake because it makes them feel better.

3. People who value a particular person's work will want to reward that person so they continue putting out new things. See the Cult of Steve Jobs in RL and of Last Call in SL.

4. People will fear downloading a client such as ThugLife because of the obvious risk of viruses and Trojans.

In essence, if you're a real business person who puts out quality work and not a complete hack, you're going to be fine.

Some Honest Comments & Thoughts

I hate to rain down on smart good willed people's parades but all of this is assuming that Linden Lab wants to commit any bandwith human or machine to the trackdown of content thievery. They have simply refused that this is a problem.

When copybot first came out there were people who were comparing the SL client to a web client and saying just like you can not copy protect HTML, you can not copy protect your designs in SL -- it is an open platform -- it needs to run free.

At the time I said omg are you insane? What kind of a comparison is that??? So the ability to copybot things was touted as actually A FEATURE by Linden Lab and estate owners like Prok actually freaked out and sided with Linden Lab thinking that if they protested all of this their estates would be in danger. It's all there in the forumz, how everyone went up in arms first when copybot became public and then how estate owners coerced people to open their shops back and in a few weeks it was as if it never happened. Amazing what you will get used to given enough time. ... Look it up -- official forums, SLU, and unfortunately old SC had all the records of these discussions.

I find it so ironic that here we are 2 years later, at the point I said we would get to. I hate to say this but "I told you so" and you know there's a dance that goes with that:

YouTube - Scrubs Elliot's New 'I Told You So' Dance (http://www.youtube.com/watch?v=rOMk5GWvlks)


Some Technical Thoughts:
In a database, this signature would be what type of field? Any thoughts? What would generate this signature? A Linden algorithm on the server side?

I have noticed that lindens try to be REAAALLL conservative with changes to the asset tables. I wonder how much change this would require, how much processing would be needed to assign a signature to all assets, how much extra storage space is needed for this signature? How would we roll it out? The grid would have to come down while they're updating all the asset tables to include a signature for every asset. How much downtime is needed?

A Scenario:

Say a signature is generated and assigned to a texture on the server.
The asset record in the database for this texture will have name, properties, permissions, creator, owner, and the signature fields in addition to a pointer to the texture in the asset repository.
Then I copybot the texture out of SL.
All the fields in the database are now beyond reach, all I have is the texture itself.
I load it up into photoshop, screw around with it a bit and then reupload.
When I reupload a new record is created with the appropriate fields for creator, owner, properties, permissions and a brand new signature as this is a new asset.
You as the original content creator notice I am being an ass and report me.
Linden Lab looks at the signature of your texture and then somehow the signature of my texture also the same? (how does that happen btw??) and then they take down my texture and my second life hell.

How does the uploaded ripped off texture have the same signature as the original? That's the million dollar question here.

Could you walk us down this pathway? I am just trying to understand what is to be implemented as a coder. Like Desmond said us "dumb" coders need a lot of information before we can write the code you need.

What will make sure that a signature is retained from an original to ripped off content that gets converted to txt(xml for the prims), jpg/bmp(for the textures) none of which have fields to store the signature mentioned. I am just not seeing the pathway that allows the signature to be retained so that it can be recognized and help isolate stolen content.

Final Words:
Does the current pending class action lawsuit actually change all of these previously noted dynamics? Perhaps. But it may just be easier to pay a fine and then eject all the people that participated in the class action lawsuit and continue with the grid unchanged. Keep that in mind.

Participants of the class action lawsuit have to understand that they may be burning bridges with SL for say 30 dollars in compensation per head. You can not sue a company and then expect to continue relations with them. SL is not a public property -- it is not a street, a public park or the subway -- it is someone's property and they will kick you out as fast as they let you in and delete all your assets while the door slams you in the butt.


That sums up the dilemma clearly. The minute the stolen content is altered, it becomes unique. The signatures will differ.

It would be really cool if LL provided a way for you to see your unique textures all on a web page to make it much easier to illustrate to everyone that your content is stolen. It would be alot easier (and good thread material!) if you could send an email with a link to your own stuff and the stolen stuff. Of course there'd be arguments, but this would be a good deterrent to alot of em.

I think a key could be generated off of sufficiently unique prims too. The number of prims, their various properties and relationship to one another in some algorithm could produce a unique key. Definitely if timestamped, surely if custom textured. I think this is what Huns is talking about.

Legally, I still believe the TOS will hold. If this ever even sees a courtroom, that'll be the first argument before the class action question is even addressed.

I have noticed that lindens try to be REAAALLL conservative with changes to the asset tables. I wonder how much change this would require, how much processing would be needed to assign a signature to all assets, how much extra storage space is needed for this signature? How would we roll it out? The grid would have to come down while they're updating all the asset tables to include a signature for every asset. How much downtime is needed?Whether or not it would require downtime depends on how they are storing the data. Assuming it is a simple SQL table (or array of tables, e.g. assets_000001 through assets_99999 like I've seen some people do with large amounts of data) it would be a matter of adding a bigint field pointing to the primary key of another table where the new metadata can live. If they are doing something different, like storing it as XML in a blob, then something would have to go through and update the XML one by one. I have no idea how it really works on the backend. The simulators don't need to be halted unless the entire asset service system needs to be since they can run on different versions just fine.

How does the uploaded ripped off texture have the same signature as the original? That's the million dollar question here.It doesn't. Again, the signature is there to prove who created the asset first and to allow LL to see what the permissions were set to when it was transferred. Storing hashes and primitive parameters and such things is just a paper trail that makes it easier to prove certain things. I made this bed and its animations on 5/8/07, you ripped it 10/4/08. My digital signature proves that I created it first and that I didn't give it to you or anyone else with full permissions, therefore you are a thief and goodbye.

SIGNATURES DO NOT NECESSARILY PERSIST FROM THE ORIGINAL TO THE COPY. THAT'S NOT THE POINT. If someone copies an item illegally and doesn't change a single parameter, it will indeed have the same "footprint" (params) as the original, aside from date & some compression artifacts on the textures and the slight "poisoning" SL does to .bvh animations for exactly this reason. If they DO change some params, but it is still obviously a copy, the original creator - on finding it - has only to present the copy and the original to LL for action.

Thanks Huns for being so patient with me and my questions. I see your point now. I was however hoping that what you were proposing was somehow removing the human element out of the judging process -- like a watermark of sorts that persists. THis is why I kept misunderstanding what you were saying. Now I get it.

If the human element is back in then I do not see though how the signature helps as the date of creation of every single prim in every object is stored including creator, and permission info. So the signature you speak of to some degree already exists in the database as a separated pieces of a composite time/perm signature of an object.

I think what's missing is a web based interface where assets can be inspected, queried and evaluated.

The said evaluation should be handled by a blended team of lindens and resident elders. READ: FIC. I know, that will come up for sure. Think of it as a sort of a Court of Disputed IP Rights in SL. However such a committee will get bogged down by hundreds of cases real fast and how do we make sure that no factions, alliances, or biases exist within the committee and certain parties in the content creation community? We run into this problems with Lindens even today whenever they take an action that affects a part of the community negatively.

Finally thanks for getting us started on the most reasonable, positive, and useful conversation we have had on the subject in quite some time.

I hope my posts have helped to challenge and therefore further the idea rather than discourage and take steam out of it. I am available to provide help if help is needed. If not, I will be here cheering you on.

:-)