ThreadBoard ArchivesSite FeaturesActiveworlds SupportHistoric Archives |
major security problem (Wishlist)
major security problem // Wishlistdlp anneMay 23, 2003, 8:24pm
Can you please do something to stop people from making propdumps from the
cache files? This is a major security problem. People could go in your world, wait for it to fully load in and then create a full propdump of it without your permission or knowledge they are doing it. I don't like doing all my hard work just to have someone copy it and dump it into there world under there name using similar objects then calling it there work. I understand that some may want this ability in case something happened to the world server and the only backup is in there cache. But most of us use a bot to backup everything or make regular backups of the world through the admin. tool. strike rapierMay 23, 2003, 8:30pm
Oh for gawd sakes we just have to live with things like this. Appart from
Andras and Annanas coming in and biting our heads off. Its a standard database, unless you would like everything cyphered which Sleepy would probably break in 20 seconds and give to the An<Somethings> peoples its kinda pointless. Its a risk with everything, hey whats to stop someone driving a proxy'd bot in and scanning it, or using citSDK? - Mark [View Quote] brockMay 23, 2003, 9:48pm
Heck people can just go into a world, boot up dat2dmp, and make a propdump
of the world, and then use it, your really not safe from anything like that, although I do agree with you, it shouldn't be that way. -- Brock - 308723 - DE Leader [View Quote] sk8man2May 23, 2003, 10:44pm
You'll be happy when you accidentally delete your world and someone has the
propdump to re-build most of it again. =) [View Quote] count draculaMay 23, 2003, 11:37pm
Most private owned worlds use custom objects and those are most likely
password protected; so even with a propdump one would end up with a lot triangles. I belive most people want to build their own worlds, those wanting a copied worlds are probably not taking worldowning seriously anyway and will be gone in a while. Drac dlp anne <anne at dreamlandpark.com> kirjoitti viestissä:3ece9f8f at server1.Activeworlds.com... > Can you please do something to stop people from making propdumps from the > cache files? > > This is a major security problem. > People could go in your world, wait for it to fully load in and then create > a full propdump of it without your permission or knowledge they are doing > it. > > I don't like doing all my hard work just to have someone copy it and dump it > into there world under there name using similar objects then calling it > there work. > > I understand that some may want this ability in case something happened to > the world server and the only backup is in there cache. But most of us use a > bot to backup everything or make regular backups of the world through the > admin. tool. > > agent1May 25, 2003, 12:30pm
[View Quote]
The only way to do this would be to encrypt them somehow, and since they're expected to be updated in realtime, the encrypting and decrypting every time you want to read the cache would be a major slowdown. You're not going to prevent someone who really wants to copy your world from doing it and adding this to the browser will just cause problems for everyone.
-Agent1 codewarriorJul 7, 2003, 6:31am
At the expense of performance, the ability to mark a world as uncacheable
would completely remove the ability to obtain a propdump. No cache... no propdump. In advance to all the people who will object about how it's impossible to protect content, about how performance will suck and all your other objections, we who care about protecting content really don't care what you who don't want anyone to be able to protect it think. It's Annes choice to try to do something about leeches, and I have to wonder why some people are so quick to try to snuff out any discussion on the topic. [View Quote] |