User:Diva Canto/AWG Review

From Second Life Wiki
Jump to navigation Jump to search

Comments by Diva Canto

About me

I was not at the meeting, so I'm surely missing important details. I wasn't quite sure where to add my feedback to this; I'm used to being a reviewer. Feel free to reorganize.

Second Life has the potential to drastically change the rules of the game by changing the browser of choice to the internet -- this new browser is capable of rendering user-generated virtual 3D content, much richer than the Web, and wraps up a bunch of existing interaction forms (IM, chat, e-commerce) in a really interesting way. It's important to understand that the drastic change happens at the user end, not at the server-side: only with wide-scale adoption can the rules of the game be changed. Without wide-scale adoption, this is only yet another interesting virtual world. By "wide-scale adoption" I mean everyone who pulls up a Web browser today would pull up a SL viewer a few years from now. So, even though the envisioned numbers may be the same, my concept of what it takes to get there may not be the same as Linden Lab's.

With this in mind, my comments here are purely technical, and oblivious to any particular business interests by Linden Lab and others. The main principle used, besides scalability, is integration with what already exists. The goal outlined above cannot be done by any single organization in isolation. (A better way of saying this is that this goal *should not* be achieved by any single organization, the danger being that monopolies, even when benefactors, always hurt things in the long run (the reference here is to Google, not LL).)

The proposed architecture by LL is scalable, and looks much better than the current one. However, there are a few terminology problems that may be symptomatic of a certain bias towards short-term business interests, which I sincerely believe will hurt, rather than serve, the vision. My comments start by changing the words, and follow with what goes beneath.

Grid Services (was "Central Services")

A better word for "Central Services" is "Grid Services" (as a parallel, no one would call the DNS a "central service" of the internet, unless, of course, one would have intentions of owning its operation). Among these Grid Services there are

  1. infrastructure ones, without which the grid won't work
  2. utility ones -- grid works, but it's cumbersome or insecure or not that useful

Everything else is commodity -- just make my life easier, will you -- and doesn't require a presence at the grid. This is where most of the creative action will be, and the main reason why anyone would bother to design such a system.


The topology service, which could be called meta-GIS, belongs to the infrastructure. Everything else seems to be utility or commodity.


As the original proposal says, this is the DNS of this grid, so its functionality is foundational. There is a lot of cool commodity UI that can be done, though. In any case, the lessons learned with DNS should not be forgotten. This meta-GIS seems prone to be hierarchical rather than flat. And its internal architecture may have to comply with real-world jurisdictions. So, a region domain host operating off of Portugal may have to comply with the Portuguese law.

Grid Utilities

Domain authentication (was "Identity")

One might imagine anonymous avatars everywhere -- just like on the Web. They'd just have an IP address on top of their heads. These are people who just want to browse and chat. No inventory, no social net, no profile, no IM, no money, nothing. They simply haven't acquired an identity with an "Identity service." Different regions might allow or disallow anonymous avatars. Identity services are, then, services that provide agents with a name and a few other basics things -- these map well into what is called "Agent Domains". The identity of an agent must include the id of the agent domain (Diva Canto @ Linden Lab). So what is there to do at the grid level wrt identity? Certifying the agent domains themselves, not the agents. So for example, facebook might provide an agent domain service using people's existing facebook accounts. Once they log in on facebook's agent domain, they get a certificate that they are who they say they are after facebook's domain is authenticated by the grid-level authentication service. This service doesn't need to verify that there is a John Doe account in facebook, but it needs to verify that the host that is claiming to be facebook really is facebook. So the grid-level service is not identity but domain authentication; could be provided by VeriSign and others like it.

(Note that region domains might want to double check that there is a John Doe in facebook; but that is a region domain <-> agent domain interface, it's not a grid service.)

Financial institutions authorization (Currency)

Buying stuff on-line is definitely a very useful thing about the internet. This L$ idea -- i.e. a common currency -- is a really good idea, I think. There is an opportunity for different players to provide the service of exchanging local real-world currency for L$ and vice-versa. At the grid level, there should be a service that authorizes these financial institutions to operate, so that people don't get trapped in scams. This platform needs to be able to support commerce of real-world goods, not just avatar clothing and the like.


On the Web the only privacy is the one enforced by password protection and firewalls. We all suffer the effects of ill-intentioned large-scale information collection through things like spam. In virtual worlds, the issue of privacy will be several orders of magnitude more serious. It's not just spam -- which will certainly happen if we don't address this at the architecture level. First, most content creators are not computer- or security-savy. Second, due to the nature of the system, lots of people have the idea that their virtual "homes" are "private". In fact, many people have items in their virtual homes that disclose information about their real-world conditions, such as AIDS, disabilities, etc. If things are not regulated, the system can be exploited, driving people away.

Privacy and, more generally, the well-being of subjects, has been a concern by reputable institutions, having started in medical research. These institutions have addressed it with a regulatory body called the Institutional Review Board (IRB). Some version of the IRB should be put in place at the grid level. Essentially, this board would regulate large-scale information collection by 3rd parties to ensure that individual privacy is preserved.

For example, I would hate to see pharmaceutical companies detecting avatars who in real life may suffer from some disease and then target them for advertising. I'm sure there's money in this, but it just seems wrong. Any company/organization/individual that collects information at the grid level and then uses it for some purpose should either go through a process of approval upfront or should be ready to go through it when complains happen. Ultimately, agent domains are responsible for these information collecting agents, and the pressure should be on them -- make sure your agents play ethically or be disconnected.

This IRB-like service can't be completely automated, because it deals with ethics; it must include people.


There is a variety of commodity services. All of these services should be allowed to emerge anytime, anywhere, by anyone. The vast majority of them requires a fair amount of 2D interaction with end users -- forms, text, pictures, etc. Having a bot/object with whom people interact by chatting is really cute, but it gets annoying really fast. The proposed architecture is mute wrt to how to handle programmable 2D UI inside this 3D world (Things like xy-text are unnecessary computationally-intensive hacks). I'd like to see that addressed at the architectural level. It affects mainly the viewer, but also affects the runtime of inworld programming languages. Rather than turning the back on the Web, this grid should incorporate the Web in its foundation.

Let me address search in particular, because it's singled out in the proposed architecture and I happen to know a thing or two about it. (Not sure why the proposed architecture singled it out. It's not clear that search will be the main money-maker here! - it's often the case that what was important in one paradigm is less important in the next.) There are several kinds of search services. There's local search, people search, featured-things search, topic-specific search, lost-and-found, detective work... what one can do with search is completely open ended. At the grid level the only thing I can imagine would be a textual dump of everything that exists on the grid -- independent of any further application semantics -- so that all of these differerent kinds of search services could crawl text/html instead of crawling in 3D mode. I doubt that content hosting services would/could do that -- see comments above about privacy. Some notion of privacy must be honored. The problem is which notion of privacy should be honored, and, most importantly, *who decides it*.

Let me warn against the idea that privacy is a static concept that can be captured with checkboxes. The people who scream over having their objects exposed for purpose X are the same people who beg for those objects to be found for the purpose Y. We can only address this dilemma within each specific service's Gain/Pain ratio, hence my suggestion for technical access to the data, with advisory controls by the end user, and regulated by a IRB-like body.

Main Points

  1. Integration with what already exists: the Web, identity services (accounts), financial institutions, IRBs
  2. Radical openness, loss of control by any single organization: let other players shape this world

I hope this succeeds!