Its not mine, adult body "fluids" service - more like its not secure!

bubblesort · Sep 13, 2021

Fionalein said:
Apparently they did a major update since last thread activity... it could be new HUDs

Do both accounts use the same HUD?

On another note: How is this thing even legal by GDPR standards?

I'm kinda new to serious web scripting, and I'm American, so I never really put that much thought into the GDPR until recently, but I thought the GDPR was for web pages. I mean, I'm not saying it's ok to track people in SL like this, but does the GDPR really appy to SL stuff? Isn't our agreement with LL to let them track us enough to satisfy the GDPR? If not, how deep does the GDPR go? They can't possibly be requiring that every service that could possibly fingerprint you get specific permission. If that was the case, if you wanted to read one New York Times article, it would take an hour to agree to all the trackers and frameworks and maybe even the weird microservices stuff like left-padding. Maybe that's not a bad idea, IDK. I'm not taking a moral stance here. I honestly don't know how the GDPR works.

Fionalein · Sep 13, 2021

bubblesort said:
I'm kinda new to serious web scripting, and I'm American, so I never really put that much thought into the GDPR until recently, but I thought the GDPR was for web pages. I mean, I'm not saying it's ok to track people in SL like this, but does the GDPR really appy to SL stuff? Isn't our agreement with LL to let them track us enough to satisfy the GDPR? If not, how deep does the GDPR go? They can't possibly be requiring that every service that could possibly fingerprint you get specific permission. If that was the case, if you wanted to read one New York Times article, it would take an hour to agree to all the trackers and frameworks and maybe even the weird microservices stuff like left-padding. Maybe that's not a bad idea, IDK. I'm not taking a moral stance here. I honestly don't know how the GDPR works.

Online data not webpages, webpages is just the usual case.

Noodles · Sep 15, 2021

Noodles said:
I have not updated either that I remember, which means they likely use different HUDs as one has owned it for a few years and the other has owned it for a few months.

Funny enough, the older account/HUD is the one that works.

No idea on GDPR. I would say the "stats" page is generic enough, but it does include "donors". If it were just generic stats, then I would assume use is acceptance of stat collection.

Ok, quick follow up.

Both were likely working, both are on the same.version 3.5 for the system, 1.0 I believe for the HUD.

After a bit of testing, I found that the one that was not working, wasn't working because it had never been "used".

It could not find any stats, because there were none to find.

nebula · Sep 22, 2021

You can still exploit it, but I have no interest in doing so or offering to fix it as I am more interested in reporting actual bugs to SEC jira for sl. They could fix their system but they have not. My friend recently made a box that makes everyone with its not mine in a sim get covered in "the stuff" whenever they click it. It is pretty funny.

Free · Sep 22, 2021

Can we just get multi-factor auth placed on this thread, because I need to complain about not being able to regain access to it.

Noodles · Sep 22, 2021

nebula said:
You can still exploit it, but I have no interest in doing so or offering to fix it as I am more interested in reporting actual bugs to SEC jira for sl. They could fix their system but they have not. My friend recently made a box that makes everyone with its not mine in a sim get covered in "the stuff" whenever they click it. It is pretty funny.

Phhht, package that up in the right package and there would probably be a market for a Spunker Soaker bomb.

Fionalein · Sep 23, 2021

Noodles said:
Phhht, package that up in the right package and there would probably be a market for a Spunker Soaker bomb.

I personally wouldn't dare selling a product that abuses a 3rd party code vulnerability - in some countries that might be on the borderline to illegality.

Noodles · Sep 23, 2021

Fionalein said:
I personally wouldn't dare selling a product that abuses a 3rd party code vulnerability - in some countries that might be on the borderline to illegality.

Does it though?

That all seems to be documented in the official API.

Fionalein · Sep 23, 2021

Noodles said:
Does it though?

That all seems to be documented in the official API.

Which only selected creators can buy... might be legaly tricky if you reverse enigineered API access instead of purchasing it.

Noodles · Sep 23, 2021

Fionalein said:
Which only selected creators can buy... might be legaly tricky if you reverse enigineered API access instead of purchasing it.

I was thinking it was available to anyone since it's on their website. Maybe there is a different more complex API.

Search

Search

Its not mine, adult body "fluids" service - more like its not secure!

bubblesort

Well-known member

Fionalein

an old grumpy cat

Noodles

The sequel will probably be better.

nebula

NOPE

Free

censored

Noodles

The sequel will probably be better.

Fionalein

an old grumpy cat

Noodles

The sequel will probably be better.

Fionalein

an old grumpy cat

Noodles

The sequel will probably be better.

Its not mine, adult body "fluids" service - more like its not secure!

Well-known member

an old grumpy cat

The sequel will probably be better.

NOPE

*censored*

The sequel will probably be better.

an old grumpy cat

The sequel will probably be better.

an old grumpy cat

The sequel will probably be better.

censored