second life

What is the grid?

The grid is not the matrix, that’s for sure, but you could be forgiven for drawing the comparison. Like the fictional Matrix, the grid is a network of computers designed to simulate a 21st century-like world in which people can live out their lives – buying and selling real estate, building toys and devices, going to nightclubs and malls, and even working for each other. The grid runs a world known as Second Life, and it’s a massively multiplayer online role playing …. er …. game? Not quite.

Unlike in games like World of Warcraft, there are no goals, no points, no levels, no lives. The makers tagline is “Your World. Your Imagination.” and that pretty much sums it up – you can do anything you like, limited only by the capabilities of the engine. This should be interesting, entertaining, and a little creepy. And often it is: but, still, like most online digital entertainment I’ve tried I found its appeal is complex and ever shifting.

What is it?

It’s easier to say what it isn’t.

It isn’t a crappy 3D chatroom like so many previous attempts I’ve seen. The Second Life engine isn’t going to be beating Doom 3 anytime soon but as you can see from the videos it can generate some pretty stunning scenes when given powerful hardware (alas, my old PC isn’t really up to the task). It requires broadband, and uses it, most of the time when exploring the world it’ll pull down data at 350kbps or more. The effect works well – modern 3D effects are combined with a world that streams in as you move around fast enough that it’s not distracting. You can quite easily spend hours just exploring the beautiful scenes people have created here.

It isn’t like a traditional online community either. For one, the demographic of its users is radically different to most online games – there’s a roughly 50:50 split of male/female players. There seems to be remarkably few cases of men pretending to be women or vice-versa, generally the gender of the avatar represents the users real gender. The age demographic is different too – there are many more players in their 30s, 40s, even retired people playing it. Compare that to your typical text-only chatroom or game like WoW and you can see why it’s remarkable.

This has the nice effect that people typically talk in full English sentences, don’t say “roflololol” every few seconds, and the topics of conversation are more interesting. It’s worth remembering SL just for that!

There’s a third aspect to the demographic – many of the people in-world are actually talented content creators in real life too. The qualifications for playing a game like WoW are basically zero, and indeed that’s one of its main advantages as entertainment. But because the Second Life engine lets you easily create quite advanced “content” (whether it’s worlds, avatars, or discrete objects) it attracts the type of people who enjoy doing it, often as a living. Many of the people in Second Life get their kicks from building things, not killing things, and as a result the quality of the content is stunningly high. After reading about the concept I expected the world to be littered with sucky amateur 3D models and buggy or boring scripts, but not so.

There is a 1st Life tab in peoples profiles, many of which are empty or say words to the effect of “I have no 1st life” or “I want to keep my 1st and 2nd lives separate”. So it seems the escapism aspect is a big draw currently. I’m pretty happy with my first life right now so this aspect doesn’t hold any appeal to me, but everybody goes through different stages in their lives and I won’t assume my life will always be full of cool people, interesting things to do and exciting changes as it is now. Maybe one day I’ll want a fantasy life too. Clearly, plenty of people do.

What isn’t it?

Now this is a tougher question. It’s not brainless switch-off entertainment, which is what I was actually looking for. I can create interesting digital content as I know how to write software, and my first creation in one of the sandboxes was a plywood trampoline which entertained people for a few minutes (seeing a 10ft tall robot bouncing around on a trampoline was funny!). But do I really want to? Or do I want to run around killing things/snowboarding? So far Second Life has fascinated me more than it’s entertained me.

Potentially, I haven’t really given it a chance. The entertainment in SL comes from several sources:

• Chatting to people. Because the people inside are usually pretty interesting, this holds up far longer than in other online games I’ve tried.
• Exploring. You can fly around the map, or use the built in Find tool to locate popular/interesting attractions. This isn’t as easy as it sounds, as the directories are spammed with tons of virtual casinos and Tringo zones. Tringo is a game that is notable primarily for being created first in Second Life and then making the leap to a real world Gameboy/phone game. Still there are quite a few sights to see.
• Building things. Well this entertained me for a bit, but I’m not much of an artist and do plenty of programming in real life. Also the LSL scripting language is pretty limited. The ability to open a network connection to an external server would alleviate a lot of the problems it has, but the facilities for this are crippled due to Linden Labs not wanting people to launch DoS attacks from their servers (scripts run gridside).
• Playing games. Oh yes. In a world where you don’t need to eat, sleep, or find shelter what else can you do? There are all kinds of games in the grid, the most popular seem to be gambling/bingo type games. I haven’t really explored this aspect of Second Life yet, but I’ve seen references to a lemmings clone, a few first person shooters, a board game and a Myst-type adventure game. I should probably try at least a few of these.
• Take part in the virtual society, for instance, taking care of newbies. One group runs an in world information service called InfoNet: this is a cross between the web and teletext.
• Earn money. I mean hard cash, in US dollars. The internal Second Life currency is Linden Dollars, which can be converted to/from US$. Some people, notably Anshe Chung (real estate) earn good money that way. The actual currency turnover is respectable for an online game, and the economy is inflation controlled. Linden Lab let you keep the IP rights to any content you create, in an attempt to encourage this economy.

So is it any good?

Yes and no. This sort of open ended world is obviously going to fascinate economists, socialogists and fiction writers far more than World of Warcraft ever will, and actually the bulk of my time that’s been taken up by Second Life so far has been spent reading about it on the web rather than actually being in world.

The main thing to realise about Second Life is that it’s not a game. It’s a platform. Expecting to be entertained by it is like expecting to be entertained by the web. Sure, you can while away a few hours “surfing” the web but that experience won’t keep most people coming back for more. What keeps people coming back is the cool stuff you can find there. When I’m bored, I don’t surf the web, I go to Slashdot or Fark because I know I’ll probably find something interesting or funny there.

Right now, Second Life has something of an identity crisis. If you go to the website, it’ll try and sell you on what a great world it is, and what fun the residents have. You then have to download the 20mb client, register yourself which means finding a name that isn’t taken (can be hard!), prove your identity using a credit card or mobile phone, go through the orientation island tutorial, and unless you want to feel like a muppet customize your generic man avatar.

So the barrier to entry is pretty high. The whole program and website is oriented around recruiting you to be a resident. You can’t just dive in, dive back out again. This is what you’d expect from a game.

But the actual experience is closer that of the web. You can browse around and find some really interesting things. I chatted to an artist in her self-built art gallery about her paintings, something I’d never have done in real life. But, it’s not really targetted. Once the novelty of surfing the grid wears off there isn’t much left to do.

To fix this, I think Linden Labs need to make links between real web sites and SL locations work much better. You can do it with the secondlife:// protocol today, but for a random web surfer who has never heard of SL this experience is pretty awful ….. there’s a lot of effort involved in getting connected and of course dialup users are already excluded anyway. It also doesn’t really scale. Browsing an art gallery with the artist next to you is amazing when there’s only a few people around. I can’t imagine doing the same thing with a site as popular as Amazon or Slashdot – the people there would be a bad thing, not a good thing.

The most compelling content is on the web and SL needs to leverage that. If I’m interested in ancient Rome maybe I start with a Google search, take a look at what the BBC has to offer, go to Wikipedia, branch off to a dedicated site from there etc …. now imagine one of those sites advertises a full scale 3D reconstruction of a Roman city, complete with bots to make it feel busy and at set times actors from a historical re-enactment society taking part to make it feel really alive. Now that is something I’d be interested in, maybe even willing to pay for. If I can click a link from that web page and have the Second Life client download in 2 minutes, drop me into the world and let me start exploring with no hassle then Linden Labs will be succeeding. Right now that’s just impossible.

apple 4 zawinski

It was Jamie Zawinski who said

Narrow the focus. Your “use case” should be, there’s a 22 year old college student living in the dorms. How will this software get him laid?

OK, he said it in relation to groupware and not music players. Still, this screenshot is from the iTunes installer, and I found it quite entertaining:

Apple are fashionable, on the rise and taking mindshare (and developers) from Linux – and this is why. Their marketing department absolutely know who their audience is, and they know how their audience wants to feel. What does that image say to you? The implication is hardly subtle.

revisiting windows xp

My Linux install finally gave up the ghost. After a foolish attempt to try the Banshee music player from the nrpms repository, I managed to wreck most of the operating system. Random errors about /dev/null would appear on startup, many programs began crashing, a few panel applets just disappeared (presumably they’re crashing too), the screensavers no longer work and Nautilus has taken to hanging at random intervals. It’s quite “old” now in that when FC4 came out I upgraded from FC3, and of course I have fiddled with it plenty over the course of the years (year?), but still, it worked OK before nrpms tried to upgrade me to GNOME 2.12. So I’m going to have to reinstall.

My current dilemma is – FC4 again, or Ubuntu? The ‘Core has ticked me off many times in the past, most notably with their absolutely blind refusal to do anything about software I actually like and use such as the nVidia drivers, or Mono based apps. Meanwhile they bloat it up with Java related crap like Jonas which I’m sure is important for enterprise servers but not for me. On the other hand, I like the security features in FC4, and my dissertation project is likely to be a lot easier with SELinux around. Still, I can always use a chroot/user jail to “pretend” the process is sandboxed and my markers are unlikely to know the difference. So I’m likely to go with Ubuntu.

I know before I start that it won’t be particularly enjoyable. The Badger will introduce as many problems as it solves. Synaptic is better than yum in most respects, but it’s also more fragile. It’s based on Debian too, which means replacing the lovely Anaconda for Debian Installer, and having to deal with the “Debian Attitude”. It also means losing the system-*-config tools that I’ve become used to. The replacements are sometimes better, sometimes worse and sometimes non-existant. Still, only time will tell whether it’s an improvement or not.

on windows

As my last XP install had been toasted by the Bagel virus, and I felt like GAMES!, I decided to blow it away and reinstall. This was a good chance to see how the Fedora and Windows XP installs compared. Short story: Linux does very well here. Long story: Windows is very easy to set up, but bodged detection of my audio hardware, which Fedora dealt with flawlessly. It also has some whacky usability issues in the installer, like not installing Japanese fonts unless you go through about 5 different dialogs and the default recommendations on computer/user naming leading to a mysterious error message.

Windows Update is a much more pleasant experience than yum is – it’s graphical for one, for another yum likes to fail at random and spew HTTP errors to the console. It’s also very slow, and uninterruptable a lot of the time. Going with yum over apt was still one of the biggest mistakes Fedora has made IMHO, and to do it because “Python > C++” is even sillier. Proven software is proven software, regardless of what language it’s written in. Version 6 of Windows Update is also quite advanced technically: it downloads binary deltas in the background when your connection is idle. Something like that for autopackage would be good.

The biggest downside of Windows Update is that it’s only for Windows. I’ve been expecting Microsoft to produce an API for this for years now, yet they never have. It’s a mystery why not: Microsoft survive primarily because everybody uses their APIs and they rarely miss the opportunity to create a new one.

The rest of my setup journey was just as uneventful:

• First stop, install all updates, including SP2 and Windows Media Player 10. Reboot a few times. See that it tried to install an audio driver for me – impressed that online update includes hardware detection and driver installation – unimpressed that it installed the wrong one – even more unimpressed when I find the uninstaller for this driver doesn’t work.
• Next, grab Firefox and Thunderbird. I love Thunderbirds junk mail filtering.

• OK, now I need an MSN Messenger client. I try the official one – BIG mistake – I felt like I was being mugged by marketing executives. Heard good things about Trillian, let’s go try that ….. wow this is pretty ….. now how do I change my display name ….. (15 minutes pass) ….. you have to click the envelople icon wtf.

• Hurrah! Time for some gaming. I’ve heard good things about Second Life, so I grab that and run it. It tells me to upgrade my drivers (twice) so this is when I go get the nVidia and SiS packs. The SiS drivers are a bit confusing, they rely a lot on opaque model numbers. Fortunately they have an ActiveX control that tells me what I need.

• Play SL for a while. Time passes. Lots of time. After a few days I got bored of it, but I’ll write more about SL later. It’s a fascinating thing.

• OK, now I need something to code with and IRC. On Linux I use emacs and ERC for that, so I find a build of emacs CVS for Windows and install it – nicely integrated, spiffy. I install an ext3 filesystem driver so I can access my Linux drive as drive L:, copy across my emacs settings, install PuTTY and away I go.

• Luna is a bit ugly. ReLuna is much nicer, let’s go grab that theme. I have to binary patch uxtheme.dll to install it – second wtf. Even though the theme signing code was cracked almost as soon as XP came out, Microsoft apparently never bothered to remove it. Great. Amazed once again by the atrociously crappy hack that is Windows File Protection.

• Final thing – need a command line. Heard interesting things about Monad, the next-generation .NET command line Microsoft is producing. Read about it, the theory seems sound, replace text based piping with a true object oriented data stream between commandlets, great! Install it (manually resolving the .NET2 dependency) and run it …… argh! It still uses the magical console windows of doom, the ones that you can’t resize by dragging the borders, that don’t support colour or transparency, and which look ugly as hell. It seems in their quest to build the most theoretically asskicking command line ever the boys and girls at Microsoft forgot that you need both a good command line AND a good terminal emulator for a good experience. So I use the “eshell”, which is a UNIXy command line implemented entirely in Emacs Lisp instead.

• Do homework. Sleep. OK, actually all this took more than a day. But at least it’s all set up now.

apt

is autopackage secure?

People often wonder whether autopackage will lead to an invasion of spyware on Linux.

To me, this question is of dubious value, because I personally believe that desktop Linux cannot ever be robust or easy enough for non-technical users whilst centralised software distribution is used. There are too many tough questions like “why can’t I get the newest XYZ feature when my friends can” (eg, in relation to Skype or an MSN client) or “why can’t I find ABC in the list” (eg, Banshee music player on Fedora). Not to mention that most distros don’t even try to provide a GUI for package management, and even in Ubuntu which has the best GUI tools of them all, they still kind of suck and break randomly.

So to ask “does autopackage allow spyware” is a silly question for several reasons. Firstly, it makes no difference if the answer is yes or no because the people most at risk from malicious software are exactly the type of people who would never use desktop Linux in its current incarnation. What’s the point of elaborate schemes to prevent spyware when they simultaneously prevent people from using Linux at all?

Secondly, it contains an implicit assumption: that the existing centralised system does prevent spyware. This is vague thinking, and was the topic of a big IRC debate last night.

I can’t reproduce the whole discussion because it was too long and touched on many different things. But I can try to summarize it all here so we can point to it later instead of repeating the same things over and over on web forums and mailing lists.

are distros secure?

The whole idea is based around a warm fuzzy feeling that the distro is run by geeks like me who would never allow software I disagree with to enter the distribution … so if end users (who are of course stupid and helpless creatures – not) cannot install software outside of their distro, we “solve” spyware. Easy!

Of course the problems and solutions are not so simple – if they were then you’d have seen a Synaptic clone for Windows years ago. In reality the problems are deep and complex, and the solutions poorly understood.

1. First point – nobody has defined what evil software is. There isn’t even a universally accepted definition of spyware! We have to talk about Evil in general terms because if somebody figured out a totally rad system to block spyware, within 5 minutes somebody else would be saying “but why doesn’t it stop adware too?!” or “what about dialers?”.

   A good illustration of this – on IRC somebody said words to the effect of “nearly everything phones home these days, even printers, so stopping spyware on Windows would be really hard”. But this conflates one thing (phoning home) with a related but different thing (spyware). Legitimate programs like Firefox also phone home.

   There’s another – vital – reason to create a definition of Evil. If there isn’t one, application developers have nothing to work against. How can they know whether putting adverts in their program like Opera does is regarded as an illegitimate practice or a legitimate business model? What about popup adverts? What about a P2P program whos development is explicitly funded by popup adverts that appear when it runs in the background (and the user is informed at install time)? Where do you draw the line, and how do you avoid changing the rules after the game has started?

   This is why I’ve been making a start at writing a definition of Evil, in a previous blog entry.

   Conclusion: before we can solve a problem we must understand it, and that means we must define it

2. Second point – distributions do not exclude software on the basis of “morality”. Instead they exclude on the basis of license, and sometimes random other reasons. For instance Red Hat don’t ship Novells reimplementation of a well known companies technology (.NET), but they do ship their own reimplementation of a well known companies technology (Java). There’s no legal or policy basis for the exclusion of software in any existing distribution.

   Conclusion: when it comes to the crunch, distros won’t do what these people expect

3. Third point – adware isn’t just for proprietary apps. You may think that because most distros only include Free software, that unethical behaviour is a solved problem …. but you’d be wrong. There’s nothing in the definition of Free software that prevents people from bundling pop up adverts with their program and after all if you’ve worked long hours to write some most excellent software why not get paid for it? Many open source websites already include Google AdSense adverts, it’s not a big stretch to see adverts in the programs themselves.

   If you want a clear example of that, during the whole WordPress fiasco, the software was not removed from Debian. I think it’s obvious that spamming Google for profit is unethical behaviour for a program.

   Conclusion: what makes people think that unethical software cannot be installed if even users of the most legally anal distribution around contains it?

4. Third point – the issues don’t stop there, oh no. We’ve barely even got started. In fact, the Debian ChangeLog entry includes the line “Changed upstream’s default links. Controversial?”. So you may say, well spyware cannot be a problem on Ubuntu because you can only easily install Free software, and Free software can always be patched to remove nasty advertising or unethical behaviour.

   But wait – who ever said advertising was unethical? The WordPress author did it in a covert way because he knew people would object. But what about our hypothetical P2P application which is GPLd but has a full time hacker, funded by pop up adverts that appear when the program is running. What if users like this feature because they know the program is as good as it is because of the funded developer? One persons annoying advertising is another persons salary, and who is to say opinion will always be unanimous on whether it’s right or wrong? Was Opera wrong to have advertising? What if it tracked your browsing habits server-side and fed you customized adverts? Is this spyware? Is it adware? Should it be “blocked”?

   Conclusion: being a part of the in-club in major distributions is nice, but it reflects a black/white divide where none exists. Distributions that attempted to enforce some code of morality by making it hard to install non-packaged software for “security reasons” would soon run afoul of the greyscale nature of reality.

That’s just the philosophical issues

I could continue with them. But there are some simpler objections too.

Having centralised packaging hosting and build servers is a massive central point of failure. Debian servers have been cracked before and it’ll happen again in future – the nightmare scenario is somebody compromising a build server and then silently modifying the compiler, without being noticed. That system can then insert backdoors into every compiled program (or just a few). This attack was first outlined by Ken Thompson “Reflections on Trusting Trust”.

And most screamingly obvious of all, it doesn’t scale. There’s a simple test you can use to help determine if an idea is any good or not: “would it work if everybody did this”. A simple translation to our scenario is “what would happen if Microsoft did this?”. Imagine if Vista shipped with a new anti-spyware feature in which only software downloaded from http://download.microsoft.com/ could be installed. Microsoft would require every software developer to submit their program to them, and they would reserve the right to drop or modify any program in any way at any time, without notifying the original authors. Of course, people would go beserk, the massive abuses of power it’d allow would simply be unacceptable. This is exactly the scheme the Linux community, “defenders of freedom”, promote every day.

It’s ironic that our primary competitor could never implement the schemes we use because it would be too monopolistic.

is it hopeless?

No, of course not. Solutions do exist. The ultimate solution is of course the same one we use to stop most undesirable behaviour – the law. Unfortunately the law hasn’t quite caught up with Internet Time yet, and due to the international nature of the ‘net it’s a bit hard to enforce rigourously anyway. That’s even assuming the lawmakers can agree on a definition, a solution and how to enforce it! The DMCA showed quite clearly the dangers of bad lawmaking in the digital age, so we don’t want anti-spyware legislation to be rushed through if it’s poorly thought out.

Until then, we need to make do with what we’ve got. Lots of discussions around this topic have come and gone on autopackage-dev over the years, and many interesting ideas have been floated including:

• Package whitelisting networks: this is a distributed variant of the “only authorized software” idea. Like SSL, root certificate authorities use PKI to sign software releases. Software that isn’t signed won’t be installed by the OS (or installs with a warning). There are lots of problems with this approach, as has been covered previously.
• Origin point blacklisting. This is a band-aid that could be implemented quickly and might help stem the flow for a while. Or it might not. Hard to tell.
• Lockdown – assume the worst, that the software is out to screw you over, then jail it so that it can’t (whilst still letting useful software do what it needs). This forces control back into the hands of the user – nobody tries to define at what level advertising or tracking becomes unacceptably intrusive, instead, software is prevented from tampering with the operating system internals so it can be quickly and accurately removed. This puts the user back in control and pushes policy decisions back onto them.
• Show user ratings/opinions before installing sofware, giving users distributed advice on what the software does and how it works.

None of these are perfect solutions: usually, there’s a balance between effectiveness and implementability. And some have other problems. Maybe I’ll talk more about them in future.

trust

In a previous post, I made a pretty pathetic attempt to define Evil. I suck at it, which is weird because it’s something I do every day – we all do. Every time we interact with somebody we have to make a decision on whether to trust them or not. Buying some food from a stall: are they likely to sell me an under-cooked burger? Lending some money to a friend: are you likely to get it back? Telling somebody a secret: will it stay a secret for long? Listening to somebody tell theirs: are they lying? We make hundreds of trust decisions every day and never even think about it because it feels so natural.

So you could be forgiven for asking why desktop computing is nearing collapse under the weight of untrustworthy software. Of course in our lives sometimes we’ll be conned or cheated or lied to. Hopefully, not very often. But for many people, if their computer was a person it’d be going straight to jail for serious fraud: their computer deceives them, cheats them, annoys them and sometimes downright steals from them every single day. Computers aren’t built that way, they get that way because – ignoring the influence of instant code execution (ICE) exploits – people make bad trust decisions.

WHY do people trust Kazaa, a program designed specifically to let you break the law? WHY do they act surprised when shortly after installing it pop up adverts start appearing? I think we now have to delve into the realm of psychology.

When people make a trust decision with a real world person or entity (such as a company), we base that decision on many factors:

• Past experience (how well we know them) – of course this assumes we can link consequences with their actions. IE if we don’t know we’re being cheated this one can lead us astray
• Advice from people we already trust
• Strength of motivation (do they have something I want?)
• Attractiveness. In a person this can be how smartly they are dressed, for a company or website how professional it looks
• Synthesis of various visual cues. For instance, does a website have a privacy policy, does it have contact details ….. for people, how are they acting, do they seem nervous, how easy is it to contact them, how did you meet etc.
• Understanding of what they might do to you – it’s pretty obvious that if you lend somebody your phone in the middle of the night on a dark street with nobody around, they may do a runner. That’s common sense.

Problem! Most of these factors are less effective with software. For past experience, you have to go on your experiences of the company or group who made it. Have you used other programs by these people? Were they good? Most critically of all, if something bad happened shortly after you used their program, did you figure out where it came from?

Advice from people we trust is very valid – why do you think Firefox got so popular so quick – but this only works for commodity software like web browsers or chat programs. There is so much software in the world that the chances of personally knowing somebody who can vouch for a program is slim. Large auction sites like eBay have the same problem, a reputation system is used there to make up for lack of personal trust with sheer weight of numbers.

Strength of motivation ….. aaah this is so important. People install filesharing apps sometimes despite knowing the risks because they want the program so bad! Not much you can do there, except to reduce the risk.

Attractiveness is not a useful cue with software, because GUI software tends to look the same due to the widget toolkit imposing a certain visual style.

Perhaps the biggest problem is users not understanding what rogue software can do. People who are attacked by dialers are often shocked that a computer program was able to run up a huge phone bill by dialling numbers in Russia or Cuba behind their backs. Yet to any computer engineer this fact is obvious: the modem is controlled by software, and any software can control the modem.

The following quote from Security and Usability sums up the challenge nicely:

Users often want to make use of things they don’t completely trust. For example, it’s reasonable for people to want to run programs or visit web pages without having to understand and audit their source code. Instead of trusting the unknown entity, users trust an agent (such as a secure operating system or web browser) to protect their interests by placing constraints on the unknown entity. The agents challenge is to determine the correct constraints.

Think about that.