(06-10-2015 05:19 AM)Bumblebliss Resident Wrote: [ -> ]Can you explain to me what you mean by the browsers of SL media are invitation to that stuff? I don't wanna get a virus!
Tad talked about it some here:
http://kittycats.biz/forum/showthread.php?tid=21846
Basically when you have media turned on, you are allowing things that you interact with within SL to open up and use a scaled down browser that is accessed within your viewer and which doesn't have all the security options of something like Internet Explorer, Chrome or FireFox. I don't know all the details, but my geek girl, who has IT security experience, ran security tests on the current version when the HUD came out and it FAILED ALL of her tests.
If you have media turned on, you could go to a SIM and there could be an object, even a hidden one that you aren't aware of, that could access your computer and attack it via this browser. It could send you a fake log-in page for the KittyCats site or for Second Life to try to get your login info (phishing). It could play something annoying on your screen, or pop up an ad, or just put a tiny box somewhere, whatever... that either when it plays, or when you click it, gives you a virus/malware. These are only a few examples.
There is also a well-known REAL incidence where media was used to locate users by getting their IP address* from where the media was streamed to. The IP addresses were matched to user names by matching the time the media started playing with what time the users TP'ed into the SIM. Anyone who had media turned on was vulnerable. In this case, users accessing SL from the same IP address - which could include anyone you share your internet with, including family or neighbors, but also people who might have hacked in to steal your wifi - or entire groups of people accessing SL through services like AOL - were reported as alts, and blocked from large groups of SIMs simply because they were on a list of users that the SIM owners were paying for:
https://virtualnavigator.wordpress.com/2...ivacy-law/
Some viewers, like Firestorm, allow you to determine what objects within SL can turn on your media, but many viewers don't. Either way, this browser is still much more vulnerable than if you just used your normal browser to look at a website. We all know that any browser isn't completely safe, but consider that if you are using this built browser, you aren't going to get any of the warnings or protection that you have set up in your normal browser for potentially dangerous sites.
FYI - I turned my media on because the laptop that my SL bed rez'es asked permission to show a webpage on it's screen. It was really cool and I clicked and played with it. It actually displays a page from YouTube, but it was so small, it could have easily been a fake page, and I wouldn't have known. I completely turned off media for everything after my girl told me about the issues.
You might also have media enabled for SL TV/video screens, and you have to enable it for the new version 2.0 of the KittyCats HUD to work. That's one of the reasons that some of us refuse to use it. I also greatly prefer the design of the old version anyway, so am happily using the Legacy HUD.
*It is true that anyone who streams MUSIC can find out the IP addresses of all their listeners. Looking mine up (just google "IP Lookup") gives the name of my cable provider, my zip code, my area code, and the approximate longitude and latitude of a small area of my city where I live. They would still need to figure out which IP address belongs to which user, but that is probably pretty easy if I mention what area I'm from. This is still a very good reason to only turn on music at selected venues, and to turn on the music a little while you arrive.