User:Which Linden/Office Hours/2009 Apr 2

From Second Life Wiki
< User:Which Linden/Office Hours
Revision as of 12:12, 2 April 2009 by Which Linden (talk | contribs) (-)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
  • [11:40] Morgaine Dinova: WOOHOO!!!!
  • [11:40] Which Linden: hello!
  • [11:40] Dale Glass: hi :-)
  • [11:40] Aimee Trescothick: yeah, I wouldn't mind a quick sandwich, but I ran out of quick
  • [11:40] Morgaine Dinova: Hiya Which!
  • [11:40] Which Linden: now that logins are back, I can come in
  • [11:40] Aimee Trescothick: we haz plant!
  • [11:41] Saijanai Kuhn: I thought I was having rendering issues. Could see everyone but Which
  • [11:41] Which Linden: I guess you all were here all this time?
  • [11:41] Dale Glass: very creative av O.o
  • [11:41] Dale Glass: I just managed to log in
  • [11:41] Which Linden:  :-)
  • [11:41] Morgaine Dinova: Glad you made it in Which :-)
  • [11:41] Aimee Trescothick: yeah, he's just terrified of Pandas and flute makers though
  • [11:41] Morgaine Dinova: lol
  • [11:41] Morgaine Dinova: And sugar barons
  • [11:42] Aimee Trescothick: lol
  • [11:42] Which Linden: also: kung fu masters
  • [11:42] Morgaine Dinova: Hehe
  • [11:42] Aimee Trescothick: Chinese scaffolders
  • [11:42] Which Linden: Yuppie homebuilders
  • [11:42] Morgaine Dinova: Which, can I bring up one of your topics, unless there's something urgent?
  • [11:43] Which Linden: Sure, what's on your mind?
  • [11:43] Morgaine Dinova: This --- [1]
  • [11:43] Morgaine Dinova: Versus Enus's version of Eventlet in PyOGP
  • [11:43] Which Linden: oh... yeah....
  • [11:43] Morgaine Dinova: The pypi package is 6 months old
  • [11:44] Morgaine Dinova: Since Eventlet is one of your babies, I was wondering whether you talk to Enus, and whether PyOGP's eventlet (which isn't changing anymore) can be made a standard package, or egg.
  • [11:45] Which Linden: Wait, what, pyogp is using an unchanging eventlet? Isn't it using this one: [2] ?
  • [11:45] Morgaine Dinova: Yeah. What I meant was, if you look at svn log for eventless, it seems quite stable now.
  • [11:45] Morgaine Dinova: s/eventless/eventlet/
  • [11:45] Saijanai Kuhn: well ENus has updated things within pyogp several times so not sure if that's true either
  • [11:46] Saijanai Dagger: Hi, I'm a bot!
  • [11:46] Saijanai Kuhn: wheee he finally logged in
  • [11:46] Which Linden: Ha ha nice
  • [11:46] Morgaine Dinova: Well even if it gets occasional changes, the public package still needs updating. Release frequently and all that.
  • [11:46] Which Linden: Yeah.... so, morgaine, you shouild check out the eventletdev mailing list
  • [11:47] Saijanai Kuhn: thought DOnovan said it was at release 0.9 now
  • [11:47] Which Linden: Sai: 0.9pre
  • [11:47] Which Linden: he planned to release 0.9 at pycon but I guess that didn't happen?
  • [11:47] Morgaine Dinova: Eventlet certainly aren't a major focus of change for Enus, so in that sense it's fairly stable within PyOGP.
  • [11:48] Which Linden: We eventually intend to stop using the svn version of eventlet in favor of the pypi one but there's some stuff we have to do to reach that point that we haven't done yet
  • [11:48] Which Linden: "we" meaning "server engineers"
  • [11:48] Saijanai Kuhn: well regardless it seems to work ok for pyogp so I'm happy.
  • [11:48] Which Linden: Enus and pyogp should just pick a stable version and stick with it
  • [11:48] Which Linden: yeah, exactly
  • [11:48] Saijanai Kuhn: ENus had it working with 20 bots and he sid he saw no extra cpu use between 1 and 20
  • [11:48] Which Linden: Heh, that's cool!
  • [11:49] Morgaine Dinova: Yep, it's important to pick a stable version, and stick to it. Otherwise PyOGP just grows hack upon hack.
  • [11:49] Morgaine Dinova: Yeah Sai, we all know about that.
  • [11:49] Saijanai Kuhn: bleh texture was taking forever anyway
  • [11:50] Morgaine Dinova: So has Donovan published an 0.9?
  • [11:50] Which Linden: I think we'd have seen it if he had
  • [11:51] Which Linden: But I bet it's coming, I think pycon just ended
  • [11:51] Saijanai Kuhn: I asked about eventlet in the pycon channel and someone said the bof meeting was scheduledat a bad time so it didn't happen (or something)
  • [11:52] Which Linden: Bummer
  • [11:52] Morgaine Dinova: Once 0.9 is released by Donovan, what's the relationship going to be between Enu's version in PyOGP and Donovan's?
  • [11:52] Morgaine Dinova: I'm having trouble finding a clear path through this.
  • [11:52] Which Linden: Incidentally, I don't mean to make a habit of replying to your emails in my office hours, but my experience with pycon was that internet connectivity is incredibly poor
  • [11:52] Which Linden: so mixed-reality stuff is pretty hard to arrange
  • [11:53] Which Linden: Morgaine: at that point 0.9 will be slightly incompatible probably with Enus's version, and probably have some more changes, but, I'm not sure what you're getting at?
  • [11:53] Patnad Babii: I have a question, I know there is quite alot of malicious bots made using Libomv, will PyOGP become the new standard or is there a way to make it more secure maybe
  • [11:54] Saijanai Kuhn: ironically fword is having problems installing pyogp possibly because of eventlet issues (#pyogp chatter)
  • [11:54] Morgaine Dinova: Which: I'm trying to find a clean route for PyOGP to take in its use of Eventlet.
  • [11:54] Which Linden: Patnad: I'm not really sure what the field of malicious bots is, and I suspect that there's not anything that could be done to a library of code that could prevent malicious bot creation
  • [11:55] Which Linden: Morgaine: well, it's up to enus really; if he likes 0.9 when it comes out he can pretty easily cut over to that and use it (modulo any bugs resulting from interface changes)
  • [11:55] Patnad Babii: well malicious like copybot by example or the ones that abuse those camping places cheating every system possible..
  • [11:55] Which Linden: Ideally once a 1.0 comes out in the future we'll all start using that because it'll have a stable API
  • [11:55] Saijanai Kuhn: I think we will always have maliciosu bots. One hope for OGP is that we'll be able to register limited capability clients/bots in such a way that they'll use less resources than regular avatars anyway
  • [11:56] Which Linden: Patnad: that sort of behavior has to be enforced on the server side, there's no possible way to prevent someone from trying to do those things
  • [11:56] Dahlia Trimble: what do bots do that is considered "malicious"?
  • [11:56] Aimee Trescothick: it's not bots that are malicious
  • [11:56] Aimee Trescothick: it's the user behind them ;)
  • [11:57] Morgaine Dinova: You need to factor out tools and malicious users. The more powerful a tool, the more can be done with it, both good and bad. I think our interest is in making a good tool, not in fixing humanity.
  • [11:58] Morgaine Dinova: Which: re 1.0 ... that's the first hint I've read of a plan :-))))))))))
  • [11:58] Patnad Babii: one of my product is the lucky money chair, and people are programing bots to cheat the systems we put in place to avoid beeing abused by bots.. and im affraid that PyOGP could just make it easier for them to connect many more bots without too many issues
  • [11:59] Which Linden: Ha ha, well it's mostly just an inevitability right morgaine?
  • [11:59] Morgaine Dinova: Hope so
  • [12:00] Which Linden: Patnad: I'm afraid you'll have to design your chair to be immune to bots; even if pyogp doesn't make it easier to create bots, some other tool wik
  • [12:00] Which Linden: *will
  • [12:00] Morgaine Dinova: Patnad: if we succeed in making PyOGP useful and powerful, then yes, it will undoubtedly be used for bad things.
  • [12:00] Saijanai Kuhn: Patnad how do you program against bots? SOme kind of test (forget the official name)?
  • [12:01] Patnad Babii: well its true that a bot should be allowed to do the same things as a normal user
  • [12:01] Morgaine Dinova: Nothing you do is cost-free. A good tool always has a cost, but the problem isn't the tool.
  • [12:01] Dale Glass: Programming against bots won't work in the long term. If somebody is really determined, they could turn the SL viewer into a bot
  • [12:01] Morgaine Dinova: Yep
  • [12:01] Patnad Babii: so i guess there is no way to stop them really
  • [12:02] Which Linden: You could do a turing test (that's the phrase you were looking for sai?)
  • [12:02] Dahlia Trimble: they probably already have turned the viewer into a bot
  • [12:02] Saijanai Kuhn: well the humanity tests are very flexible. Some would be a lot harder to scam than others
  • [12:02] Skills Hak: well you could ask it questions only a human could answer correctly
  • [12:02] Which Linden: But.... a captcha is a form of turing test....and eventually people invent ways of overcoming them computationally
  • [12:02] Patnad Babii: nah they are cheating tha too
  • [12:02] Saijanai Kuhn: captcha
  • [12:02] Saijanai Kuhn: have multi-part or multi branch/media captcha tests
  • [12:03] Aimee Trescothick: suspects there's a large proportion of SL users that would fail on any question you cared to ask them ;)
  • [12:03] Patnad Babii: we have captcha and they cheat it... we made colorizer and they find the color
  • [12:03] Dahlia Trimble: capcha assumes the person knows how to decifer english text
  • [12:03] Which Linden: Ha ha ha
  • [12:03] Skills Hak: you could put the color in textures
  • [12:03] Skills Hak: instead of prim parameter
  • [12:03] Aimee Trescothick: 30 page exam every time you log in
  • [12:03] Morgaine Dinova: You need to remember something: tests for humanity are exceedingly annoying for humans. They don't annoy bots, So whose side are you on?
  • [12:04] Saijanai Kuhn: II + || = ||||
  • [12:04] Aimee Trescothick: exactly
  • [12:04] Patnad Babii: [3]
  • [12:04] Patnad Babii: just one example ehe
  • [12:04] Patnad Babii: thats one of the bot that they use
  • [12:04] Skills Hak: ah nice one
  • [12:04] Aimee Trescothick: "which of these objects is the odd one out"
  • [12:04] Which Linden: wow, incredible
  • [12:05] Dahlia Trimble: does that work for color blind people?
  • [12:05] Which Linden: Truly a snapshot of a technological arms race in progress
  • [12:05] Skills Hak: so it downloads the texture and find colors in pixels
  • [12:05] Patnad Babii: anyways we're working on a new system.. they should have a hard time
  • [12:05] Saijanai Kuhn: I'm told the most sophistcated ones actually have human monitors that break in at the question point and solve the question then go back to monitoring the rest of the system
  • [12:06] Which Linden: That's the ultimate
  • [12:06] Dahlia Trimble: well capcha seems to be reducing a lot of spam on blogs
  • [12:07] Which Linden: I have to scuttle off to a meeting, but before I go I would like to share some links relating to last week's discussion
  • [12:07] Which Linden: Which was about multicast
  • [12:07] Which Linden: And message queue systems
  • [12:08] Dale Glass: also one thing that could be done is making the bot send the captcha objects to the server, had another bot reproduce them elsewhere, and pay a few L$ to the people who solve them
  • [12:08] Which Linden: First off, wikipedia on multicast: [4]
  • [12:08] Which Linden: Roy Fielding on pubsub and messaging: [5]
  • [12:08] Which Linden: Implementing multicast: [6]
  • [12:09] Which Linden: OK, sorry to just dump those but I know I'll lose them if I don't :-)
  • [12:09] Which Linden: Didn't mean to interrupt the discussion about captchas
  • [12:09] Which Linden: But, I'm off!
  • [12:10] Patnad Babii: have a nice day Which !!
  • [12:10] Which Linden: So, thanks for waiting patiently for me in our time of troubles, we'll see each other next week!
  • [12:10] Skills Hak: ty which
  • [12:10] Morgaine Dinova: See you Which!
  • [12:10] Dahlia Trimble: bye :)
  • [12:10] Skills Hak: bbye
  • [12:10] Aimee Trescothick: bye :)
  • Which Linden