Feature Requests

  • Search existing ideas before submitting
  • Use support.secondlife.com for customer support issues
  • Keep posts on-topic
Thank you for your ideas!
Disclose web activity in objects
( apparently all feature requests are bug reports now >< grrr ) Feature Request premise: It's very simple and easy for objects to track us in-world. It would be useful to have some insight into this so that we can make informed decisions as users. Bit of an example, my understanding of the balance of issues, then proposal: Example: A simple script inside a dress can use existing LSL functions to detect region change, and on each change, send a message to an external server to tell it the UUID of the wearer and the name of the region. Just that simply, that clothing-maker would have a continuously updating database of where an avatar lives, where they spend time, their interests and hobbies (based on social themes of regions), where their friends live, etc. It's a simple example, but scripts can get lots more details as well. Balance: So, we can't get rid of this--it's a fundamental piece of functionality, and staggering volumes of gaming/shopping/breedable content would break if the simple ability for scripts to call to the internet were to suddenly change. And, we can't suddenly disclose the servers being touched either. The scripts ask the Simulator to go touch the website for us, and this effectively masks the ultimate URL. While that prevents us from knowing where our data is going, it also protects our small community's creators from having their servers exposed. Lot of complicated issues there, places where server hosting has to have RL names attached etc--the current setup has its uses. Proposal: A new floating window to replace or supplement the interestingly non-intuitive and wonderfully outdated "About Land > General > Script Info > Avatar" menu. (Is there any wonder that scripts are a mystery to people? Why isn't this under the Avatar menu?) In this new/updated window, we get a kind of aglomerative log about scripts on our avatar: First, while we're updating things, scripts might accurately represent their memory useage (instead of just saying 64 all the time, or being tricked into saying small numbers by in-script methods that balloon memory then shrink it again to hide the impact). Perhaps each time the simulator allocates more memory to a script, it updates the viewer with the new "maximum" memory ever used. But also, scripts should indicate that they have reached a URL. When the simulator fetches an address for the script, that script should have an entry saying, at an absolute minimum, that an internal (SL domains) or external url was fetched for the script. If we're getting ambitious, do it by protocol/method too. Eg: Script Name | Max RAM | Web Activity humbleResizer | 36 Kb | Internal:[], External:[http,mms,GET,POST,Email] Reflection: In this way, no existing functionality is blocked. No creator privacy is exposed. No servers are opened to doxxing. BUT, users are able to make informed choices, and honesty and transparency prevail. Yes, this could cause some scare-mongering. But it could also cause creators to disclose when and why they have scripts that reach outside servers. Either way, users need to learn to examine the risks and make choices with better information. And transparency is the first step in building ~Trust~ (ofc, we also have to like what we see when we look through the walls). At present, we can see bots, complain, get LL to investigate... I acknowledge that opinions vary about trusting how well LL vets bot operators that are handling our data, but the key here is that the discussion does happen, and keeps happening. We can't see scripts phoning home. We can't even start to ask LL to review the private user data collection practices that we don't know about. We can't ask the T&S team to verify a creator's stated policy on where our data goes if we never knew it went anywhere.
18
·

tracked

Load More