Post by derpy on Sept 2, 2012 17:05:27 GMT -5
this was sent to me in the form of a notecard through second life
------
V.1.4
I do not take any responsibility for anyone who uses these methods and informations!
What are IP Spy Tools?
===============
every time you connect to the INTERNET - and SL of course - you are using a unique IP number that identifies you for the time of connection.
systems like (the meanwhile banned and deleted by SL) redzone and similar tools scans your IP address, attaches it to your name and key and sends and records the data files to an external servers database outside of SL's control.
This information are grabbed without your knowledge or consent although the last version of redzone asks for it but if you don't agree you will get banned anyway in the majority of cases. quite the same method is used by some actual tools grabbing your data by f.e. sploder games which requires 'verifications' before joining the 'game'.
(see Terms of Service referring 'wagering' below.)
as this tools are connecting (not only) the name and the IP many other avatars are identified as your 'Alts' only by using the identical IP number, but this is NOT a criterion to identify 'Alts'!
most INTERNET users are using so called dynamic IPs' which means they are using another IP every time they connected to the INTERNET (after detachment before, not if the INTERNET connection was not disconnected before!).
so every SL user connecting to the same IP address as you will identified as your 'Alt?!
didn't we say, every INTERNET user uses a unique IP? lets say, every connection uses it. but there can be more than one user per connection, f.e. apartment-sharing communities, companies, families or have some friends with you everyone playing with his own SL character? this will all identified as Alts.
the longer such tools are online the more user will get scanned and at one point you will get added to the database - and some 'Alts? too.
ok, what are the consequences? every user/owner of that tools will and can use the database so a member of that list that will get banned by the original owner will get banned by all other landowners using that kind of tools.
except the last version of red zone (changed after SL take it down due to TOS violations) all users could see your profile pic, your logins, your 'Alts' etc..... and there are still some other tools offering alt/bot protection using external databases...
meanwhile SL noticed the scope of risks and don't allow offering and use but there are still many of that tools online and some new grows up by some other greedy creatures which would like to participate the big deal...
How fighting back?
=============
1. the most important resistance is to deactivate your SL Viewers Media settings. Some Viewers includes a security patch that informs you about an upcoming INTERNET connection to an external server. dis-affirmation results in prevention by sending your data to the external database.
more secure is to deactivate your media settings. all known ip scanners uses an little trick using the media features of the SL viewers. deactivate is actual an excellent protection. use it as your first and most important resistance.
see the preferences of your viewer and look for ' Audio Video's Setting.
- DEACTIVATE (clean the marker neer to):
- Enable Streaming Music When Available
- Enable Streaming Media When Available
- Automatic play media
- Let scripts control my play button
ACTIVATE (set te marker near to):
- Turn off Media when you change parcels.
2. Under Web.
DEACTIVATE (clean the marker near to): Accept Cookies From Sites.
3. Under Voice Chat:
DEACTIVATE: Enable Voice Chat
(this will prevent IP logging by voice)
although these systems may not detect IPs per voice it's just to be sure.
4. Edit your hosts file:
the hosts file is a little address book used by your pc to get informations about the connections between IP numbers and INTERNET addresses. every INTERNET address, f.e. second life.com is only an translation of an unique IP number for better and more comfortable human use. this enables you to type in this name instead of an cryptic IP number to install a connection to the address. there are some servers that translate your request to connect to f.e. second life.com to the IP number of secondlife.
your hosts file is used for the same purpose but is located on your own pc.
for internal tests there is a combination of IP and addresses allocated to your own pc and thats what we need.
lets switch all addresses of that database servers used be the spy tools to your own pc and they will never get, what they want. The magic combination is 127.0.0.1 as the IP number and local host as address.
windows user find the hosts file usually:
c:\windowssystem32\drivers\etc\
open file hosts, the upper part should look similar to:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
127.0.0.1 localhost
# [redzone]
127.0.0.1 isellsl.ath.cx
127.0.0.1 isellsl.com
127.0.0.1 zfire.isellsl.com
127.0.0.1 girlsofthevip.com
127.0.0.1 hamlinpro.com
127.0.0.1 madscientistsinsecondlife.blogspot.com
127.0.0.1 zidonuke.com
127.0.0.1 tracking.zidonuke.com
127.0.0.1 media.syscast.net
127.0.0.1 www.madsci.com
127.0.0.1 ath.cx
# [cds]
127.0.0.1 syscast.net
127.0.0.1 media.syscast.net
127.0.0.1 apache2-blow.port-au-prince.dreamhost.com
127.0.0.1 girlsofthevip.com
127.0.0.1 gemini-cybernetics.net
127.0.0.1 m.sparkgap.info
# [Voodoo]
127.0.0.1 sl-botprotect.com
127.0.0.1 voodoo-sl.com
127.0.0.1 vudu.sl
and every other known IP Snooper or Addresses you do not want to connect to.
please notice: this examples may not include all actual used addresses. please keep informed by user groups etc.
use TAB key between the 127.0.0.1 and the address for better scheme !
save the hosts file.
if windows don't let you save the hosts file open the editor with option "as administrator" and windows will allow saving.
5. you must NOT visit VERIFY Websides!!!!!!!
see explanations above about basic internet connections using IP's.
visiting 'verify' websites is dangerous because YOU enables a connection between your INTERNET connection IP AND your SL account !
ok, if you do not care about that and are ready to bear all the possible consequences do not hesitate to deliver this informations to ... whoever... but do not be overtaken by finding yourself added to grid wide ban lists as supposed alts.
6. use a special configured web browser
have a look at:
www.torproject.org/download/download-easy.html
you will find an self extracting 7zip file containing an pre configured, ready to use 'browse anonymous' bundle.
download the actual file and save it to your hard drive, use a special folder. extract the 7zip file by double click and you will find a new folder 'Tor Browser'.
we recommend to copy this folder to a clean USB Stick, so you will be able to use this package not only at home but everywhere you intend visit the INTERNET.
start your anonymous browsing by double click ta the file 'Start Tor Browser'. th system will start the proxy vidalia first, connects to the tor network and starts the firefox browser.
if you would be interested in your actual IP and the IP used by the new stick-browser open www.aboutip.de using your standard browser and the again the new stick-browser. you will find two IP numbers showing your actual IP and the IP used by the stick-browser.
ATTENTION: if this two IP numbers are NOT DIFFERENT there is something wrong and you DO NOT BROWSE ANONYMIOUS!!!
7. another data protection tool is the 'stealthy' add on.
see: www.stealthy.co/
for detailed informations.
8. while using proxy protection you must not use other add ons. add ons may used to get informations about yous system and your identity. use a 'clean' browser for 'proxy' surfing!!!
9. last but not least:
there has been added the complete members of a data protection group by the creator of an 'alt/bot protection tool'
trying to get rid of critical sl users. this proves the dubious usability of such tools because all of that members are defamed as alts/bots/griefers now ... may you too???
very often users visiting the sl user groups of such kind of tools complaining their addition to the the ban lists.
bet you will get the advice to visit the website of that 'tool' for deleting yourself from the list?
he, what kind of protection system first adds users to the ban list and then allows that 'griefers/alts/bots' to delete them from the list by them selfs again??? may there are some other reasons to get you on an external website where you bare your actual IP AND your actual SL account??? think about that...
by the way: thinking about someones motivation is a quite good idea! do not press every button. do not give any permission to everyone and everything. be careful and protect your data. this is legitimately and essential. it is YOUR identity and YOU are responsible to protect you and your data. no one else.
10. will this be continued and developed?
oh yes. actual additional informations will be added as soon as available.
only for completion as things are right now to describe actual discussions:
there is indeed another way to react:
the creators and users of that 'tools' are hiding behind external databases and harvests data at external websites because sl do not feel up to protect their users although data grabbed OUTSIDE sl will imported back to sl and used INSIDE the game.
the creators feel safe and untouchable using that off line things - but thats not true. in fact they offer their own data and identities to everyone who knows how to get it - and there are many legal ways to investigate that data. they proclaim the transparent user. ok, same rights for all. if they will increase the pressure lets see what will happen...
thats some expression of opinion heard repeatedly and this may target some weak points of the 'tool' creators indeed.
it is rumored that registration authorities are very sensitive to incomplete or fudged registration informations... and that a lot of websites has been closed for that reasons already... buts see this as a possible perspective right now and only mentioned referring some exotic aspects of actual discussions. we do not support such escalation in any way personally - of course.
gambling/wagering and Linden Labs Terms of Service
====================================
see this to get actual informations about Linden Labs Gambling Policy:
wiki.secondlife.com/wiki/Linden_Lab_Official:Policy_Regarding_Wagering_in_Second_Life
you will find detailed informations and explanations why games of luck are NOT allowed in case the users have TO PAY MONEY BEFORE entering:
-----------------------------------------------------------------
'What does "wagering" mean according to this policy?
The term "wagering" applies to any covered game or activity (i.e. game of chance, sports betting) in which a user contributes Linden dollars (or real-world money or things of value), whether into a pot, at a table game, at a house game, for purchase of a card (such as Bingo), or in any way risks Linden dollars based on whether an event may or may not occur,...'
-----------------------------------------------------------------
ok, the creators and owners of some of that funny 'sploders' mentioned above will argue that they do not take money by the users as
a precondition for joining that 'games'. maybe thats correct but what do they instead of that? many owners only allows users to join the sploders as members of a specific group and - surprise. surprise - joining that group requires cost to join.
to our opinion this is a purpose of evasion to the explicit Terms of Service. We report such constructions usually to awake Linden Labs interest to that tricks.
see this quotation out of the ToS:
-----------------------------------------------------------------
'Is this a blanket ban?
The ban applies to all games of chance, wagering, or sports betting, where Linden dollars or their equivalents are collected and paid out. '
-----------------------------------------------------------------
from our point of view thats exactly what that owner are doing.
ok, thats it for now.
please support this privacy protection informations informations by adding a review to the marketplace and if you want to add details contact us. thank you very much.
additionally go to
jira.secondlife.com/browse/VWR-24746?
and if you would like to do a 'little more':
www.justice.gov/criminal/cybercrime/reporting.htm
the States Attorney Generals office:
www.atg.wa.gov/
www.atg.wa.gov/InternetSafety.aspx
Read more: dreamvalley.freeforums.net/index.cgi?board=general&action=display&thread=2#ixzz25Lv1uTXb
------
V.1.4
I do not take any responsibility for anyone who uses these methods and informations!
What are IP Spy Tools?
===============
every time you connect to the INTERNET - and SL of course - you are using a unique IP number that identifies you for the time of connection.
systems like (the meanwhile banned and deleted by SL) redzone and similar tools scans your IP address, attaches it to your name and key and sends and records the data files to an external servers database outside of SL's control.
This information are grabbed without your knowledge or consent although the last version of redzone asks for it but if you don't agree you will get banned anyway in the majority of cases. quite the same method is used by some actual tools grabbing your data by f.e. sploder games which requires 'verifications' before joining the 'game'.
(see Terms of Service referring 'wagering' below.)
as this tools are connecting (not only) the name and the IP many other avatars are identified as your 'Alts' only by using the identical IP number, but this is NOT a criterion to identify 'Alts'!
most INTERNET users are using so called dynamic IPs' which means they are using another IP every time they connected to the INTERNET (after detachment before, not if the INTERNET connection was not disconnected before!).
so every SL user connecting to the same IP address as you will identified as your 'Alt?!
didn't we say, every INTERNET user uses a unique IP? lets say, every connection uses it. but there can be more than one user per connection, f.e. apartment-sharing communities, companies, families or have some friends with you everyone playing with his own SL character? this will all identified as Alts.
the longer such tools are online the more user will get scanned and at one point you will get added to the database - and some 'Alts? too.
ok, what are the consequences? every user/owner of that tools will and can use the database so a member of that list that will get banned by the original owner will get banned by all other landowners using that kind of tools.
except the last version of red zone (changed after SL take it down due to TOS violations) all users could see your profile pic, your logins, your 'Alts' etc..... and there are still some other tools offering alt/bot protection using external databases...
meanwhile SL noticed the scope of risks and don't allow offering and use but there are still many of that tools online and some new grows up by some other greedy creatures which would like to participate the big deal...
How fighting back?
=============
1. the most important resistance is to deactivate your SL Viewers Media settings. Some Viewers includes a security patch that informs you about an upcoming INTERNET connection to an external server. dis-affirmation results in prevention by sending your data to the external database.
more secure is to deactivate your media settings. all known ip scanners uses an little trick using the media features of the SL viewers. deactivate is actual an excellent protection. use it as your first and most important resistance.
see the preferences of your viewer and look for ' Audio Video's Setting.
- DEACTIVATE (clean the marker neer to):
- Enable Streaming Music When Available
- Enable Streaming Media When Available
- Automatic play media
- Let scripts control my play button
ACTIVATE (set te marker near to):
- Turn off Media when you change parcels.
2. Under Web.
DEACTIVATE (clean the marker near to): Accept Cookies From Sites.
3. Under Voice Chat:
DEACTIVATE: Enable Voice Chat
(this will prevent IP logging by voice)
although these systems may not detect IPs per voice it's just to be sure.
4. Edit your hosts file:
the hosts file is a little address book used by your pc to get informations about the connections between IP numbers and INTERNET addresses. every INTERNET address, f.e. second life.com is only an translation of an unique IP number for better and more comfortable human use. this enables you to type in this name instead of an cryptic IP number to install a connection to the address. there are some servers that translate your request to connect to f.e. second life.com to the IP number of secondlife.
your hosts file is used for the same purpose but is located on your own pc.
for internal tests there is a combination of IP and addresses allocated to your own pc and thats what we need.
lets switch all addresses of that database servers used be the spy tools to your own pc and they will never get, what they want. The magic combination is 127.0.0.1 as the IP number and local host as address.
windows user find the hosts file usually:
c:\windowssystem32\drivers\etc\
open file hosts, the upper part should look similar to:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
127.0.0.1 localhost
# [redzone]
127.0.0.1 isellsl.ath.cx
127.0.0.1 isellsl.com
127.0.0.1 zfire.isellsl.com
127.0.0.1 girlsofthevip.com
127.0.0.1 hamlinpro.com
127.0.0.1 madscientistsinsecondlife.blogspot.com
127.0.0.1 zidonuke.com
127.0.0.1 tracking.zidonuke.com
127.0.0.1 media.syscast.net
127.0.0.1 www.madsci.com
127.0.0.1 ath.cx
# [cds]
127.0.0.1 syscast.net
127.0.0.1 media.syscast.net
127.0.0.1 apache2-blow.port-au-prince.dreamhost.com
127.0.0.1 girlsofthevip.com
127.0.0.1 gemini-cybernetics.net
127.0.0.1 m.sparkgap.info
# [Voodoo]
127.0.0.1 sl-botprotect.com
127.0.0.1 voodoo-sl.com
127.0.0.1 vudu.sl
and every other known IP Snooper or Addresses you do not want to connect to.
please notice: this examples may not include all actual used addresses. please keep informed by user groups etc.
use TAB key between the 127.0.0.1 and the address for better scheme !
save the hosts file.
if windows don't let you save the hosts file open the editor with option "as administrator" and windows will allow saving.
5. you must NOT visit VERIFY Websides!!!!!!!
see explanations above about basic internet connections using IP's.
visiting 'verify' websites is dangerous because YOU enables a connection between your INTERNET connection IP AND your SL account !
ok, if you do not care about that and are ready to bear all the possible consequences do not hesitate to deliver this informations to ... whoever... but do not be overtaken by finding yourself added to grid wide ban lists as supposed alts.
6. use a special configured web browser
have a look at:
www.torproject.org/download/download-easy.html
you will find an self extracting 7zip file containing an pre configured, ready to use 'browse anonymous' bundle.
download the actual file and save it to your hard drive, use a special folder. extract the 7zip file by double click and you will find a new folder 'Tor Browser'.
we recommend to copy this folder to a clean USB Stick, so you will be able to use this package not only at home but everywhere you intend visit the INTERNET.
start your anonymous browsing by double click ta the file 'Start Tor Browser'. th system will start the proxy vidalia first, connects to the tor network and starts the firefox browser.
if you would be interested in your actual IP and the IP used by the new stick-browser open www.aboutip.de using your standard browser and the again the new stick-browser. you will find two IP numbers showing your actual IP and the IP used by the stick-browser.
ATTENTION: if this two IP numbers are NOT DIFFERENT there is something wrong and you DO NOT BROWSE ANONYMIOUS!!!
7. another data protection tool is the 'stealthy' add on.
see: www.stealthy.co/
for detailed informations.
8. while using proxy protection you must not use other add ons. add ons may used to get informations about yous system and your identity. use a 'clean' browser for 'proxy' surfing!!!
9. last but not least:
there has been added the complete members of a data protection group by the creator of an 'alt/bot protection tool'
trying to get rid of critical sl users. this proves the dubious usability of such tools because all of that members are defamed as alts/bots/griefers now ... may you too???
very often users visiting the sl user groups of such kind of tools complaining their addition to the the ban lists.
bet you will get the advice to visit the website of that 'tool' for deleting yourself from the list?
he, what kind of protection system first adds users to the ban list and then allows that 'griefers/alts/bots' to delete them from the list by them selfs again??? may there are some other reasons to get you on an external website where you bare your actual IP AND your actual SL account??? think about that...
by the way: thinking about someones motivation is a quite good idea! do not press every button. do not give any permission to everyone and everything. be careful and protect your data. this is legitimately and essential. it is YOUR identity and YOU are responsible to protect you and your data. no one else.
10. will this be continued and developed?
oh yes. actual additional informations will be added as soon as available.
only for completion as things are right now to describe actual discussions:
there is indeed another way to react:
the creators and users of that 'tools' are hiding behind external databases and harvests data at external websites because sl do not feel up to protect their users although data grabbed OUTSIDE sl will imported back to sl and used INSIDE the game.
the creators feel safe and untouchable using that off line things - but thats not true. in fact they offer their own data and identities to everyone who knows how to get it - and there are many legal ways to investigate that data. they proclaim the transparent user. ok, same rights for all. if they will increase the pressure lets see what will happen...
thats some expression of opinion heard repeatedly and this may target some weak points of the 'tool' creators indeed.
it is rumored that registration authorities are very sensitive to incomplete or fudged registration informations... and that a lot of websites has been closed for that reasons already... buts see this as a possible perspective right now and only mentioned referring some exotic aspects of actual discussions. we do not support such escalation in any way personally - of course.
gambling/wagering and Linden Labs Terms of Service
====================================
see this to get actual informations about Linden Labs Gambling Policy:
wiki.secondlife.com/wiki/Linden_Lab_Official:Policy_Regarding_Wagering_in_Second_Life
you will find detailed informations and explanations why games of luck are NOT allowed in case the users have TO PAY MONEY BEFORE entering:
-----------------------------------------------------------------
'What does "wagering" mean according to this policy?
The term "wagering" applies to any covered game or activity (i.e. game of chance, sports betting) in which a user contributes Linden dollars (or real-world money or things of value), whether into a pot, at a table game, at a house game, for purchase of a card (such as Bingo), or in any way risks Linden dollars based on whether an event may or may not occur,...'
-----------------------------------------------------------------
ok, the creators and owners of some of that funny 'sploders' mentioned above will argue that they do not take money by the users as
a precondition for joining that 'games'. maybe thats correct but what do they instead of that? many owners only allows users to join the sploders as members of a specific group and - surprise. surprise - joining that group requires cost to join.
to our opinion this is a purpose of evasion to the explicit Terms of Service. We report such constructions usually to awake Linden Labs interest to that tricks.
see this quotation out of the ToS:
-----------------------------------------------------------------
'Is this a blanket ban?
The ban applies to all games of chance, wagering, or sports betting, where Linden dollars or their equivalents are collected and paid out. '
-----------------------------------------------------------------
from our point of view thats exactly what that owner are doing.
ok, thats it for now.
please support this privacy protection informations informations by adding a review to the marketplace and if you want to add details contact us. thank you very much.
additionally go to
jira.secondlife.com/browse/VWR-24746?
and if you would like to do a 'little more':
www.justice.gov/criminal/cybercrime/reporting.htm
the States Attorney Generals office:
www.atg.wa.gov/
www.atg.wa.gov/InternetSafety.aspx
Read more: dreamvalley.freeforums.net/index.cgi?board=general&action=display&thread=2#ixzz25Lv1uTXb