Cool VL Viewer forum

View unanswered posts | View active topics It is currently 2024-03-19 10:36:45



Reply to topic  [ 11 posts ]  Go to page 1, 2  Next
Feature Request: Media Filter 
Author Message

Joined: 2009-03-24 02:45:49
Posts: 12
Reply with quote
Sione Lomu has published a patch -- https://bitbucket.org/Sione/snowglobe-1.5-media-filter -- that warns you when Parcel Media wants to load an url, tells you what it is, and asks what to do about it; it also allows you to maintain blacklists and whitelists. It was made as a solution to the problem of in-world spyware directing your parcel media to sites that grab your ISP and purport to identify your alts.

I wonder if you would consider adopting this in the Cool VL Viewer.


2011-02-23 16:01:29
Profile

Joined: 2009-03-17 18:42:51
Posts: 5523
Reply with quote
Interesting...

After a quick look, I'm however not sure it does block detections (the check is made on media play, not on media start...). I'll evaluate this patch and probably rewrite it partially if I decide to adopt it.


2011-02-23 19:13:02
Profile WWW

Joined: 2009-03-17 18:42:51
Posts: 5523
Reply with quote
Media filtering has been implemented in today's release (Cool VL Viewer v1.25.0.23).

The original code was however heavily modified. Here are the features and the differences with the original patch:

  • You can filter individual scripted objects with built-in HTTP servers (in-world servers) without banning the whole sim domain (which the original code would do).
  • The Allow/Deny functions are valid across the whole session of the viewer (so that you are never presented multiple times with the same permission menu for scripted objects which make multiple media play requests, or should you exit and reenter the same parcel several times in a session), but should you deny a media or audio stream, you still have a chance to allow it again by manually playing it (by pressing the play button, which pops up again the filter menu).
  • The viewer presents you only with one permission menu for each media (used to present several for the same media with scripted objects "hammering" your Av with media play requests: this would be the case with some "security" systems, and could be used by griefers against the original implementation of the patch as a DoS attack).
  • Media/audio stream playing is disabled on login till the blacklist/whitelist is fully loaded (prevents having a permissions menu popping up again for a media that you already black or white-listed in the parcel you log in).
  • Only the domain name (and, for in-world servers which domain is the sim server one, the full path of the scripted object) is presented to you in the menu, since presenting the full URL won't bring a single reliable clue as to whether the server will log your IP or not (logging IPs can be done even with a simple index.html page), and it would reveal the full path to services the parcel owner might have legit reasons (and the genuine right) to hide from the visitors (although parcel audio stream URLs and parcel media URLs could always be seen in the About Land floater after you enable "View Admin Options" in the viewer, this is not the case for scripted objects and some people could complain that such a feature would disclose their "secret" or "exclusive" media URL).
  • Notifications are done via (non-modal) dialogs and notify tips instead of via chat (which would be spammy and ruin the RP of eager roleplayers like me).
  • You cannot edit the blacklist/whitelist (perhaps in a future version), but I added a way to clear it entirely ("Reset filters" button in the "Preferences" menus, "Cool features" tab, "Miscellaneous" sub-tab; note that since the black/white-list is a per-account setting, you can only clear it once logged in).
  • A couple of bugs (among which a potential crash bug, should the audio engine stay uninitialized on your system) have been fixed.

Note however that it is hard to do the right guess as to whether or not your IP will be logged and associated with your avatar name: you are usually safe to allow large service providers domains (for example, YouTube), but be aware that some services (Google search, for example) use URL redirectors that a hacker could use to redirect the exposed media URL in an inconspicuous way. The safest way to preserve your anonymity is still to keep media and audio streams off by default at all time and only enable them punctually, in places you trust. This is personally what I always did and will keep doing.


2011-02-25 10:14:54
Profile WWW

Joined: 2009-03-24 02:45:49
Posts: 12
Reply with quote
Thank you so much for your prompt attention to this, Henri!


2011-02-25 13:36:09
Profile

Joined: 2011-02-12 04:08:52
Posts: 46
Reply with quote
Much appreciated!


2011-02-25 16:36:52
Profile

Joined: 2010-09-30 17:54:18
Posts: 29
Reply with quote
Thank you very much for this great feature.
It's such an improvement to privacy and usability at the same time.


2011-02-26 22:52:12
Profile

Joined: 2009-03-17 18:42:51
Posts: 5523
Reply with quote
In today's release (Cool VL Viewer v1.25.0.24), the Media Filter feature got a (potentially exploitable) bug fixed. Users of the Cool VL Viewer v1.25.0.23 should upgrade. There is no known current exploit, but should one arise, it could possibly defeat the filtering by triggering a race condition that could lead you to allow/whitelist a wrong domain (no problem for already blacklisted/denied domains).

This new version also got a full floater implemented to allow editing the filters. See the screen-shots here. To toggle the Media Filter floater, use the "Edit" -> "Media Filter" menu item. The media filtering feature is now also still not (*) active by default (can be toggled on/off from the Preferences floater, "Cool features" tab, "Miscellaneous" sub-tab).

Finally, I also added a warning to the Allow/Deny/Whitelis/Blacklist dialog whenever the requested URL contains parameters (example: http: //somehaker.com/index.php?av=Henri+Beauchamp). Such parameters (av name, id, or encoded name/id, or even a simple number) entitle a hacker to easily correlate the name of your Av with your IP.

Note that the blacklist/whitelist file had its format changed, and was therefore renamed (from medialists.xml to media_filter.xml, to be found in your user logs/per-account-settings folder), so if you used v1.25.0.23 you will have to rebuild the list using the shiny new floater.


(*) EDIT: due to my own stupidity (reverting to a previous version of the patch while I was working on it, and forgetting to reinstate the flag default value change that I did want to keep in the new reworked patch), media filtering is still off by default (this will be fixed in the next version).


2011-03-02 23:45:28
Profile WWW

Joined: 2009-03-17 18:42:51
Posts: 5523
Reply with quote
In today's release (Cool VL Viewer v1.25.0.25), a crash bug (introduced in v1.25.0.24) was fixed, and the code improved to cope with with URLs containing username and password info. Also, Media Filtering is now actually on by default (see above).

Users of the Cool VL Viewer v1.25.0.23 or v1.25.0.24 should upgrade


2011-03-06 14:38:22
Profile WWW

Joined: 2009-03-17 18:42:51
Posts: 5523
Reply with quote
New in today's release (v1.25.0.26):

  • The domains are now also matched and listed against their IP (for example, if you blacklist somedomain.net, then its IP will also get blacklisted and any media will get its IP resolved to match it against already blacklisted IPs, meaning that a domain name change for the same IP will not allow to fool the media filter any more).
  • "Show IPs" button and "Add/remove matching IP" check box added to the media filter floater: the button allows to resolve and show all IPs for the listed domains (this is an on-demand action, since it temporarily (for a few seconds) "freezes" the viewer, because of the required blocking DNS lookups); the checkbox allows to automatically add or remove any matching IP when adding or removing domains.
  • The full URL is shown in the permission dialog, since LL decided that media and audio URLs are not to be hidden any more to users (server side code for hiding them was already removed, and Snowstorm viewer has already been modified to remove the corresponding (now useless) Hide URL check boxes in the About Land floater).


2011-03-13 12:36:50
Profile WWW

Joined: 2009-03-18 09:32:02
Posts: 246
Reply with quote
Henri Beauchamp wrote:
New in today's release (v1.25.0.26):
The domains are now also matched and listed against their IP (for example, if you blacklist somedomain.net, then its IP will also get blacklisted and any media will get its IP resolved to match it against already blacklisted IPs, meaning that a domain name change for the same IP will not allow to fool the media filter any more).



I hope this behaviour is optional. Otherwise it would kill pretty much ANY stream that is not served by a dedicated server, just because of "one bad egg" served from that host.


2011-03-14 14:08:45
Profile YIM WWW
Display posts from previous:  Sort by  
Reply to topic   [ 11 posts ]  Go to page 1, 2  Next

Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.