Snowglobe FAQ

From Second Life Wiki
Jump to: navigation, search

This FAQ is for the Viewer open source project, Snowglobe; also see the Extended FAQ.

The basics

Linden Lab has made the Second Life Viewer source code available as open source, enabling developers to download the Second Life Viewer source code and make modifications and additions to the code.

What do you mean "open source"?

Computer software is often produced by writing the software in a human-readable format (the "source code"), and then translating ("compiling") it into a format that is more efficient for computers and easier for end-users to work with (the "executable"). The executable is not designed to be edited, so it's very difficult to modify. When a company produces proprietary software, they typically only give users of the software the executable (not the source code), and prohibit modification or even detailed inspection of that executable.

In simple terms, "open source" means making the source code available for copying, and explicitly allowing users to modify their copy, and share their modified version with their friends, their customers, or the rest of the world. The most widely accepted definition of "open source" is the "Open Source Definition" published by the Open Source Initiative, though many prefer the term "Free Software", defined by the Free Software Foundation's "Free Software Definition". The Second Life viewer code qualifies as both "open source" and "free software".

I just like to shop and chat with friends in Second Life. I don't get this techy stuff, how will "open source" benefit my experience?

This is a fundamental improvement in the way that the Second Life Grid's infrastructure gets built, which improves the experience for all users of the Second Life Grid. In the short term, this will provide a richer communication channel between the community and the engineers that build it. This gives the community greater insight necessary to make more informed suggestions about how to improve the Second Life Grid, and gives the engineers another valuable channel to get feedback and oversight. It allows Linden Lab to more easily extend our quality assurance process outside the walls of our (real world) building. As the architecture improves, standards evolve that lead to the creation of an ecosystem of tools and other software products that make Second Life a much more compelling experience. With more tools available, content creators get a greater and faster ability to create more compelling objects, more interesting buildings and in-world architecture, and more quirky and unique fashion items. Eventually, development of the viewer itself becomes more distributed, as individuals and companies become more familiar with the codebase and figure out how to leverage their access to the code, and those of us at Linden Lab figure out how to more deeply involve the community in our development process.

In short, this helps casual users by making the Second Life Grid a more robust and attractive environment for everyone. If all you want to do is hang out with your friends, this will help in attracting more of your friends. If all you want to do is shop, this will foster greater creativity, which means there will be more interesting and valuable things to shop for.

Security

Won't this lead to serious security issues? What are you doing to counter that?

Security was obviously a major factor to consider when preparing to open source the Second Life viewer. We've spent significant time preparing and testing to ensure the stability and continued robustness of the client software.

This move will eventually increase the security of the Second Life Grid since there are now more people looking at the code, highlighting potential exploits and providing bug fixes and updates. There will always those who wish to crack any type of software for malicious purposes. Opening the source code doesn't change our exposure to that, since these crackers retroengineer proprietary code anyway. In fact, it takes some of the sport out of doing just that.

We can't foresee every possible way that some people might be able to create an abusive viewer, but we've done a thorough audit and taken other precautions to ensure that the new availability of source code will be an unambiguously positive experience. More on this in later questions...

It's also worth reiterating that any code written by the community which is integrated into the official Second Life client, available only from Linden Lab, will be fully vetted by our QA team.

Won't this cause more problems in-world?

The Second Life Grid is a chaotic, vibrant environment. People are free to create what they want. That's what makes it so engaging and interesting. Sadly, some people choose to create scripts which impact the enjoyment of the Second Life Grid for others. That's against the community culture of Second Life. We've seen a few recent examples of what we call 'griefing', with the Grey Goo attacks. These caused short interruptions to the service while we restarted the Second Life Grid. We're putting in place measures to prevent a recurrence of those attacks.

Open sourcing our client is unrelated to these types of attacks which use the scripting language allowing objects to be animated within the Second Life Grid. By far, the greatest uses of those scripts only serve to enhance the experience for all residents. We give people the ability to create powerful scripts, and with that comes a certain responsibility to use that power wisely. Sadly, some people abuse it, but we want to cater for the majority, so those abilities will remain in place. Meanwhile, we're countering certain self-replicating scripts, which are clearly part of a griefing attack.

We believe that open sourcing the viewer will accelerate the development of new features, the resolution of bugs, and enhance the security for all residents so the sooner it's available, the better.

How can you prevent malicious programmers from finding flaws in the code to exploit security problems?

You might as well ask how you stop someone breaking into your home. You want to make it difficult to do (by adding locks on the doors), make it transparent when it does (by adding an alarm), and ensure a prompt response (so the alarm alerts the police). The idea is to disincentivize that behavior. We're doing the same on the Second Life Grid, which as you might imagine has security, constant monitoring, and a 24 hour response team. But, ultimately, if someone is determined to break in, has access to the right resources and skills, and enough time - they may well succeed. To that extent, the Second Life Grid is as much at risk as any other online business.

There is a risk that publishing will make it slightly easier for malicious programmers to find security vulnerabilities in the Second Life viewer. However, withholding source code access doesn't seem to be much of a deterrent to criminals hoping to exploit problems in the viewer. Our old approach of "security through obscurity", by withholding source code and prohibiting reverse compilation of the viewer ensured that only those people who don't respect rules would inspect the viewer's security. Our new approach of publishing the source code creates a much larger group of people inspecting the inner workings of our viewer. Since that group has our explicit blessing, this group is likely to be (in aggregate) a much more law-abiding group, and more inclined to discreetly report problems to us. For a more thorough discussion of this subject, see: "The secrets of open source security." by Chad Perrin at TechRepublic .

However, we're not solely relying on our switch to a more robust development model to ensure greater security for the Second Life viewer. We've spent months performing a security audit of our design and our source code to reduce the risk that the increased attention we'll be receiving as we release this won't result in a spate of vulnerability discoveries.

As far as the nuisance-value of attacks like Grey Goo, we're already seeing a social response which deters individual residents from creating malicious content that impacts others. Ultimately, any sustainable community relies on social norms, with the threat of disdain and ostracism, to encourage individuals to act responsibly. We're proud that the Second Life community has historically risen to the challenge of dealing with disruptive individuals without overweening regulation, and we plan to continue to apply a light touch, fostering more sophisticated community norms rather than instituting heavy-handed crackdowns.

Wait, doesn't that mean anyone will be able to change anything in the code? How are you going to keep people from inserting malicious code and exploits into SL? Anyone will be able to create a new viewer for their own personal use, or share that modified viewer with others. Anyone will be able to submit code to Linden Lab, which we will consider including in the Second Life viewer that most people download from secondlife.com. However, we will carefully review any submission, and ensure that it is safe and stable code that will be of broad benefit to all before we accept it into the mainstream version of the Second Life viewer.

For most residents, the experience of getting the viewer will be the same as before, with the only change being that some well-tested new features developed outside of Linden Lab (but reviewed and approved by Linden Lab) will occasionally find their way into the viewer.

Won't someone be able to create a hacked up viewer that steals all of my Linden (L$)? No. The important logic for transfering L$ between accounts happens on our servers, not in the viewer. The simulator code on our servers doesn't assume that the viewer is "trusted" code in any way, in the same way that web servers (should) never assume that a particular "trusted" web browser is being used.

Will someone use a hacked client to copy all my content without my permission? In some cases (e.g. textures), it will be possible for someone to create a client that doesn't respect the "do not copy" flag, since anything that can be viewed on the viewer can be copied. Some content doesn't need to get sent to the viewer, such as scripts, or items in your inventory, and these types of items will not be copyable.

Please see the next section, For Content Creators, for more information about how Linden Lab is working to protect content on the Second Life Grid.

Won't someone be able to create a hacked up viewer that ignores my parcel/estate permissions? No, these permissions are managed on the Second Life Grid servers, not in the viewer.

Will someone be able to use a hacked client to steal my SL identity? No. As long as you continue to download your viewer from secondlife.com, there's no new security risk that having an open source viewer introduces for your online identity. The security of your identity is tied to your ability to keep others from gaining access to your password, and thus to your account. We will still require a password on our servers to gain access to your account, so nothing about an open source viewer will change that.

What does a "security audit" consist of?

We've spent months with Linden Lab engineers dedicated to reviewing the design decisions over the years, finding and fixing flaws that they find. We've had developers pore over the results of security flaw detection tools, meticulously sorting out false positives from potential issues, and placing additional safeguards in those areas.

However, we consider this an ongoing project that will probably never be done as long as we're adding new features and capabilities to the Second Life Grid. We encourage further scrutiny, and encourage responsible flaw discovery and reporting.

For content creators

Does open source mean I'll have to give my in-world creations away for free? How does this affect my Second Life intellectual property rights?

No. This in no way changes the status of your in-world creations. If you previously charged for your in-world creations, you can still charge for your creations without changing anything or taking any measures. This only affects source code created by Linden Lab. You will retain whatever intellectual property rights you previously had.

Doesn't source code availability make copyright enforcement more difficult?

Viewer source code availability may make it marginally easier for copyright infringement of creative works on the Second Life Grid. However, source code availability enables many possible innovations, the vast majority of which will be viewed as overwhelmingly positive developments by virtually everyone on the Second Life Grid.

Copyright infringement is a problem for content creators, but there are many ways to respond. Inexperienced content creators often respond by attempting to implement ineffective copy protection mechanisms that rarely hinder infringement, and often hinder lawful use of their creations. More sophisticated content creators respond by figuring out how to deepen the relationship with customers and create such value around their brands that customers will want to pay to ensure they get the "genuine article". We hope, over time, that the Second Life community will become more sophisticated in dealing with the same issues that content creators in the real world have been dealing with for quite some time.

How can you protect users from copyright infringement?

We do not intend to become the law enforcement of Second Life. We think it's important for the economy and the community that we intervene rarely and with a light touch. So for instance, you will not see Linden Lab getting involved to adjudicate specific disputes between residents. We will of course help all residents uphold their legal rights and do what we can to advise them of their legal requirements. This extends to copyright. For example, we will be making metadata which timestamps the first creation of content in-world in order to help residents protect their creations.

Ultimately, like any business, be it in-world or other, it's up to the owners and management of that operation to safeguard and protect their creations and interests. We believe the Second Life Grid has a balanced and fair framework within which to do it, backed by national laws with which is complies. In the short term, we're also able to use our Terms of Service to prohibit certain behavior.

We are fortunate that many of the consumers of original content on the Second Life Grid are also creators of their own content. Hence the community has a foundation of respect for the works and creations of others. Ultimately, we see this social underpinning as the best protection for Intellectual Property. There are laws such as the DMCA which can be applied to Second Life creations, and in some instances that may be the only course of resolution, but we feel the most effective and immediate way is through the community itself. We believe that vigilant community members will shun plagiarism, and evolve increasingly effective social norms to encourage creativity through enlightened self-interest (the desire to benefit from further creativity).

What's 'texture theft' and why is this an issue? How are you preventing this? 'Texture theft' refers to the copying of material designs used for objects on the Second Life Grid. While these can be copyright protected just like any other Second Life Grid content, the fact they are downloaded into the client makes them easier to copy. Just in the same way as it is easy to copy images in a web browser or to photocopy pages in a book.

Here again, the legal protection comes for residents via the DMCA, but we are looking at adding features which clearly mark the original creator of a piece of content which would prevent, or discourage resale by someone who had copied that texture and was passing it off as their own.

Licensing and business questions

What source code will you be releasing, and how will it be licensed?

The Second Life Grid consists of two major components: the viewer, which is the software that residents install on their computers to access Second Life, and the server infrastructure, which is the collection of software components running at Linden Lab's datacenters.

The Viewer source code is available under the GNU Lesser General Public License (LGPL), as well as under separate licenses for entities that wish to reserve the ability to create proprietary extensions for the Viewer. Due to third party licensing restrictions, some proprietary components are still necessary for an optimal experience.

Why did you choose the LGPL instead of other licenses?

We feel that the LGPL is the best license for ensuring that members of the community share changes with one another (and with us).

What source code won't you be releasing?

We don't (yet) plan to release the code that runs our simulators or other server code ("the Grid"). We're keeping an open mind about the possibility of opening more of the Second Life Grid; the level of success we have with open sourcing our viewer will direct the speed and extent of further moves in this arena.

There are limited portions of viewer code we've licensed from third parties that also will not be released. We believe we can eliminate proprietary dependencies in the viewer code, either through relicensing or replacement, and are working toward that end.

Why are you releasing the source code for the Second Life viewer?

An open source approach has always been part of Linden Lab's long-term strategy, having always operated as an open community. This initiative will allow deeper industry and community collaboration, advise the development of market-driven standards, and may one day spur the development of the viewer to accelerate beyond the resources and direction of Linden Lab. The potential of Second Life is vast and the way in which residents wish to use it varies enormously. This provides immense opportunities for residents, many of whom are adept developers and many of who have built profitable businesses around the Second Life Grid.

In the short term, we look at this as a way of improving the processes we use to build Second Life, creating greater transparency, and giving the community the means to participate in and improve the way we create software. In the long haul, we hope this move will accelerate innovation on the Second Life Grid, enabling anyone to enhance the viewer in all sorts of ways.

Lots of companies open source software components. What makes this different or in any way notable? This is the first time a market leading company has made its sole product available to the open source community. We believe it is unprecedented and pretty audacious, but believe we're making the right decision. While Linden Lab will continue to be the sole source of the official client, this initiative provides tremendous opportunity for experimentation and innovation that have always been the hallmarks of the Second Life Grid.

How will this affect Linden Lab's long-term business plan?

Linden Lab is a pioneer and a leader in its field. Going open source might be seen by some as an audacious and unusual move for a company in such a position, but is indicative of the company's approach and ethos. Without abandoning its real estate-based revenue structure, Linden Lab believes the move will only further increase adoption and integration. Again, this is a move to help standardize the development platform that Linden Lab has established, not an abandonment of its business practice to date.

What does this mean for the long-term future of the Second Life Grid?

We hope that the viewer will become something of a standard for 3D virtual worlds. We're the leading virtual world with the most sophisticated viewer and we think that's a good basis to become the standard for new worlds and for those considering developing their own viewers.

Feature development

How is it decided what features get added to the Second Life viewer and which don't? Do Residents get to play a role in this?

Residents will play an increasing role in the shaping and prioritization of new features. Linden Lab will continue to be the arbiters of which features will be included in the Second Life viewer as downloaded from secondlife.com. However, we'll have new tools and provide assistance to help residents collaborate on more well-formed proposals that are more likely to be implemented by Linden Lab and others. Additionally, we hope to see alternate clients, so that much in the same way that people can choose their web browser today, they will also be able to choose from an array of virtual reality browsers to connect to the Second Life Grid.

If I disagree with another user's feature (that he/she programmed) which I want removed, is there a process for me disputing that? Can I have an anti-Feature Voting Tool proposal? Users won't be able to arbitrarily add new features to Linden Lab's version of the Second Life viewer, so it won't be possible for a malicious programmer to alter your version of the viewer. If you continue to download your viewer from secondlife.com, you still will be getting a viewer that Linden Lab has carefully reviewed all changes to. If you choose to get a viewer from elsewhere on the Internet, you should only get it from some other source that you trust. We envision that other people will create compelling new viewers that have new features (or, perhaps, don't have unwanted features), and it will be up to you to evaluate those other viewers on their merits, including your trust.

Will contributing lots of quality development work mean I'm more likely to be hired if I apply for a job at Linden Lab?

Yes, that's one of the best ways to get noticed if simply submitting a resume isn't enough. We receive a lot of resumes, so standing out in the crowd can be tough. Visible participation in the community is a great way to get noticed and prove your ability as a developer.