It has been a while since a post has been made here, but in the world of 140 character messages, I guess it is time for a post.
A lot has happened in the virtual world space since the last post, but the most significant is the apparent slow demise of Linden Labs and Second Life. Mark Kingdon is gone. Philip Rosedale was back for a while, and is now gone again. Now Linden Labs is without a leader again. But this is not about Linden Labs and their decline for a variety of reasons. It is about the very positive end result: the proliferation of virtual world grids running OpenSim (hopefully the next 3D Apache).
OpenSim has come a long way since I first started working on it when it was version 0.4.something. Since then hundreds of grids have been set up along with hundreds of regions on a variety of platforms (ours). And yes, some of the version upgrades did not go well, and we lost a bunch of items. What a ride it has been, but a very worthwhile one. It has come a long way. OpenSim is very functional, but it still has a long way to go. It is still ALPHA software! In spite of its alpha nature, it has become production software with many public grids springing up weekly. A major shift in architecture transpired from version 0.6.9 to version 0.7.x. The structure of the database has changed. Hypergrid went to version 1.5. Those on 0.6.9 (or before) are on Hypergrid 1.0. Hypergrid is a critical link that will make virtual worlds connected (like Hyperlink did for the current Internet). Hypergrid 1.0 and 1.5 are incompatible. But, many are hesitant or stuck or don't have the resources to convert large grids to 0.7.x. Some have even modified the OpenSim code and created their own version making it even more difficult to convert without full (and extensive) testing.
The list goes on, what this is all about is security. In particular, security of your content (there are many other security holes and vulnerabilities which will not be mentioned here). It is publicly broadcast that Hypergrid is, well, lacking in security. Basically, your Inventory is at risk, or basically, your content in your Hypergrid region is at risk. In presentation after presentation, we demonstrate how easy it is to take content at will. We present so often, that we have an entire region named "Steal Island" to demonstrate some of the security issues. No, we have no use for the stuff. No use at all!! It is to prove a point: In order for OpenSim to become more widely adopted, Content / IP needs to be protected (like any other medium). As virtual worlds shift from a very crude building tool, to the support of meshes, more professionally designed content will be generated. It needs to be protected. One can already see the dramatic repetition of items as one traverses from grid to grid, and from region to region. Security is certainly a code issue, but it is also an education process (not just a training process).
Let's dive a little deeper into some of the items that need to be fixed. There are more, but they will not be addressed here. The OpenSim Core development team has done a superb job to get this far, and they deserve a big round of applause for being committed to a vision shared by many. Now it is time to go a step further especially with the "questionable status" of Linden Labs and Second Life. OpenSim is moving to the forefront in usage, and will certainly become a more serious solution in the virtual world space. As this happens not only should functionality be considered, but security should be considered as well (maybe a priority). Let's not panic here, Microsoft Windows 7 and Internet Explorer are riddled with vulnerabilities (and it has been a long time in production). The vulnerabilities are expected. They just need to be fixed.
The Problem with OAR Archives
OARs are region archives. By issuing the "save oar" command, an entire region can be backed up intact, and reloaded in the current grid, or in any other grid....anywhere. This is a wonderful and needed feature. It can be a savior to hundreds of hours of work. We have used it hundreds of times. BUT, BUT, it is insecure, and offers no protection for your content. Why? Well, once the OAR is loaded, say on a new grid, all the original creators, and owners are obliterated from the content as it is placed on a region. Right...gone! The new owner/creator becomes the Estate / Region owner. Many talk about passing OARs around like candy. Great! Not! This is one reason, we still strongly suggest that folks host themselves to protect their content from unauthorized use (or certainly proceed with increased scrutiny when selecting a hosting provider). Again, OpenSim is still ALPHA Software and really not fully production ready. Even on your own private and closed grid, you may have a bunch of designers working on a project. You take an OAR to load it on another grid (or just for a mere restore). Poof! All creator / owner credit is gone with the new Estate / Region owner being the new Owner and Creator of the content. From a building logistics point of view, this becomes a pain (due to permissions which should be implemented in your .ini file). From a personal standpoint, this can be disappointing. In our situation, we all have our own backup grids. We all get the OARs. We all have equal ownership in all of the content. How about you? Want to spend weeks doing a build, and give someone an OAR? If yes, then consider it Open Source. If you have someone host, make sure you have full access to all of your content through OARs or IARs; but remember, your hosting administrators also have access to this content as well.
The Problem with IARs
The inventory archive feature is a wonderful and much needed feature. But many of the issues mentioned with OARs are inherent to IARs. I will not dive deeply into this except explain one problem: When the Inventory is restored, it is right there in your inventory as expected. It looks just dandy. You click on the properties while in inventory, and it looks just fine. BUT, BUT when you drop the item, something happens. Look at the Creator. Well, in many cases, and I do not know why, the Creator is shown as: (Loading...). Wonderful! Ok, so you add a root prim to it, and you are back as creator and owner (yeah right, regardless of who originally made it). But the biggest pain is all the new viewers. Everyone is trying to appease Linden Labs in the viewer implementations. Therefore, there are checks when doing an export. It checks for full permission, ownership, and yes, that you are the creator (new). Well how many of you have avatars named: (Loading...)? I say none. I say you can't export. (Well, yes you can, but you can figure out that one on your own). I strongly suggest that everyone has ALL original content on disk, and maybe, unless you know what you are doing, skip having a "packrat" inventory and securely store everything (or as much as possible) on your computer's disk drive. If you are a creator of viewers, spend less time worrying about making Linden Labs happy. Divert some focus to making a feature rich OpenSim viewer that is functional, easy to use, and of course, innovative in nature even if it is not supported by Linden Labs). This brings me to the next and last item:
The Problem with Viewers
Well as you all may know, there are a number of viewers. These viewers hit the spotlight for a period of time, and then wane into the background (Meerkat, Hippo, Emerald). New viewers come along while others disappear. It is expected that more new viewers are coming, and others will still go. And yes, they all serve to emulate Second Life viewers, and appease Linden Labs (who's sustainability is in question). It is time to make new viewers while still maintaining (in the short run) the satisfaction of Linden Labs. The export / import functionality is critical. This becomes more evident as you really need to protect your "stuff" whether it be in Second Life or in any OpenSim environment. It is yours! You worked hard for it. You can still take your stuff out in Second Life (but getting tricky), and should do so. Similarly, you need to be able to secure your content in OpenSim (and retain ownership and the ability to securely backup content external to OpenSim). AND, it should not be easy for others to have access to what is not rightfully theirs. How many of you looked at the code of the viewer you are using? Hmm, I do not see that many hands raised. It is Open Source. Anyone can have access to the code. You trust it? I will not comment on the code, but you really need to know what you are using, and be very aware of where you get it from. For example, one can take one of the programs that checks Creator / Owner / Permissions prior to exporting. Comment out the lines. Add "return true;". Compile and run. Guess what..right...you can export anything you want from anywhere you want. (NO! WE DO OT HAVE THE TIME OR ENRGY TO MODIFY VIEWER CODE). As more and more viewers come about, be careful!
I conclude with: Buyer Beware. As educators shift from Second Life to OpenSim (they should quickly), it is strongly recommended that you just host yourself and protect both your students and your content. I know, you need to be "connected". Of course, but you do not need to have all your builds and classes in the same place as where you are connected. Just create an account where you want to be "connected" (SL, OpenSim, other), and, well, be connected. Your students (within age) can do this as well to achieve the breadth of the virtual world experience.
For the time being, HOST Yourself or risk losing the rights to your content! It is not that difficult to do. Most of your needs can be satisfied with a standalone implementation using mysql. It can be loaded anywhere. Our favorite simple configuration for educators is: Windows 7 running vmware with an Ubuntu Virtual Machine running OpenSim with 10 - 15 regions. This is a great solution for a secure and portable classroom (or demonstration). And, and if you want...you can put it on the Internet for public access, or just keep it on your NAT IP address and use locally. How long does it take to install and configure? An hour tops! And, you do not need a real beefy laptop (but not a cheap one that you waited on line to get from Best Buy from 3 A.M. for $349). Yeah, this sounds techy, but it is not that bad. Plenty of assistance is available. Of course, for more serious implementations, a beefier server may be required. It should cost less than $2,000. I do suggest virtualization (VMAWARE / HyperV), but some will argue.
The security of Intellectual Property is critical! OpenSim will not move forward to full widespread adoption until IP is protected. If you insist on hosting, remember, there are no deals at $9.99 / mo for a region. And, there are no deals at $75 to $150 (or more) a month either. Users come and go, and so will service providers. We have no recommendations since for the usage of most folks in virtual world, one can get many more regions for free hosting on their own. The server cost is minimal. Probably the biggest obstacle you will face is your IT security folks. But, they sometimes also make it difficult to use a viewer to obtain external access to virtual worlds. As the Internet continues to rapidly proliferate, we still need to protect ourselves from "the boogeyman" who lurks in cyberspace (I guess).
