Recently there has ben lots of discussion and drama about a tool called CopyBot. One discussion with Robin Linden can be read here, there were some articles in the Second Life Herald, Eric Rice commented on the RIAA-style rage and even Reuters reported on the case here and here. Additionally there are two posts by Linden Lab on the topic, one is by Robin Linden and the other one by Cory Linden where he states again that the use of CopyBot is a violation of the Terms of Service and will be handled accordingly.
The effect in-world also has been quite huge. I received several votings on proposing to ban either CopyBot or libsecondlife, many shops have closed in protest and at least two demonstrations e.g. in front of a CopyBot reseller have been happening.
Now what is this all about? Let me try to clarify some things first.
How the system works
Second Life consists of clients and servers. On the server side there are first of all the servers which serve the sims (for each sim one server basically) and then there are some additional ones in the backend which handle e.g. login or provide the complete set of objects in existence (the asset server) which you can e.g. access via your inventory. Now in order to display objects and textures on your computer screen these need to be copied from the server to the client. In my understanding this will be a direct connection between the sim server on which you are and your client while the sim server talks to the asset server if it needs additional objects or textures.
The important point to note here is that all the objects (in the form of prim data) and textures (as bitmaps) will be transferred to your client which constructs the image from it by sending that data in a processed form to your graphics card (e.g. prim data will be converted into actual 3d objects constructed from points and vertices).
As this description implies it is always possible to copy this data. And it happened already as with the GL intercept program or similar tools (only for textures though).
Now what about CopyBot?
CopyBot is just one application which can do this task of copying objects. It is a result of the people who are doing research on the libsecondlife project which aims at documenting the Second Life protocol. A protocol can be seen as a sort of language in which the client and server talk to each other. So in fact it is the deciphering of that data stream I talked about earlier.
Additionally this project is an open source project which means that the code is freely available and can be modified and used by anybody as long as they do their work in terms of the license attached (some open source licenses, as for instance the GNU public license, need changes to be made public again so that everybody can profit from this derivative work again. It also seems to me one of the few (if any more) true collaborative open source projects in the realm of Second Life (but then again Second Life also makes it hard to truely collaboratively work on a project in-world).
CopyBot now started (in my understanding) as debugging tool for libsecondlife. And apparently the existence of a program to copy objects is not necessarily a bad thing. Imagine you created something and want to get a copy of this on your hard drive. There is no way to do that right now but work based on the CopyBot source could possibly provide such a service.
Of course there are also bad uses of such a program such as copying copyrighted material which in fact is the fear of many content creators these days.
But there is not much Linden Lab can do about it and this is what people need to understand. The data needs to be transferred somehow to your client and on this way it can always be copied. One solution might be to add encryption to the protocol. This might help but with Linden Lab’s plans of opensourcing the client it wouldn’t make much sense as they would provide the source code for decryption later on as well. Beside it might be cracked at some point and then LL would need to implement another mechanism which would be cracked again and so on. Actually I think they are changing those things on a regular basis already but people keep adjusting.
Is Open Source bad?
Before I come to the content creators let me first talk about Open Source a bit. For those who are not familiar with programming let me quickly explain that the source code of a program is the human readable form of it. Programmers write source code which in turn will be converted to a machine readable format. This format is very minimal and is not easily to convert back to the original form (and hard to understand for humans in this form). This machine readable format will then be given to the world (e.g. as the Second Life client). What libsecondlife does is not converting the machine readable format back to a human readable one based on the client program but instead they monitor the network traffic and try to guess what it means. So their goal is mainly to create completely new clients (or even servers) which then can be made truly open source.
Now on the forums there have been some commentators who argued that Open Source is a bad idea. Their reason for this opinion is that with open source code people can more easily spot problems in the source code which might be exploited. This discussion is actually not new as many companies a while back have argued the same way when they were confronted with Linux and tried to fight it (because it could possibly steal market share from them). That bugs and exploits can more easily be spotted in open source code is in fact true but then on the other hand these exploits will still exist if the source code is closed. Hackers could silently go and exploit these without anybody knowing about them. Now with Open Source many more eyes will check the source code. Some will be those of the bad guys but many more will be those of the good guys who go ahead and fix those bugs. They also release the product more often and patches are faster available than with traditional closed source programming thus making the system more secure in the end. For Second Life it usually means that Linden Lab has more pressure to fix them quickly (and LL does not have record of otherwise fixing things quickly as some have noted).
In the case of Second Life the subject is not the client source code but the underlying protocol. As I cannot imagine something completely bugfree and unexploitable the protocol probably will always be. And bugs have been spotted in the protocol already and Linden Lab went to fix them. This would eventually not have happened without libsecondlife and thus Second Life would be more vulnerable.
In this case things are different though. Data needs to be passed to the client and apparently disabling this feature would shut down Second Life. But they took at least some actions in announcing the timestamping of content and introducing Creative Commons licenses.
A license is the list of rules what you are allowed to do with content. This is not the same as the permission set available in Second Life. In fact the existing permission system is a bit weak when it comes to express my true intent about what I want to allow to be done with my creations. For instance I cannot set the permissions to “Allow this object to be copied and transferred for free but do not allow to sell it” or “Allow it to be copied and transferred and even changed but only with putting my name as original creator on it”. There are more such examples as you can imagine.
This is where Creative Commons Licenses come into play. These allow content creators to specify rules in more detail. For a complete description of them have a look at their homepage. Of course not all these restrictions can be modeled by permissions and thus it depends on the owner of the object to pay attention to them. But this is the same as in Real Life as e.g. I cannot protect a photo I put on the web. But I can attach a license to it stating what is allowed and what is not. I then have to make myself sure that I eventually sue people who are not playing by the rules. The same basically to Second Life. Technology is not always the solution and in fact we have more a cultural problem in front of us.
But there is DRM!
DRM stand for Digital Rights Management and is mainly known for it’s use in the field of audio and video files on the web. If you buy a song from iTunes then there is automatically DRM attached to restrict copying. It defines that you are only allowed to copy this song to 5 different devices to play and thus aims to prevent copying on file sharing sites.
Now this might sound like a good idea for Second Life!
DRM is a pain in the ass if you e.g. try to copy your purchased MP3 from an iPod to another MP3 player (like the Zune). It does not play. In fact the Zune does need a different form of DRM which is not compatible to the iTunes one. So to be on the legal side you’d need to purchase this song again from the Zune store. Now imagine your iPod is broken and you got a Zune and you have 1000 songs purchased. You cannot listen to them anymore unless you break the copy protection. This is quite easily possible as every protection will be circumvented by hackers at some point but it’s not legal. Also look at the 5 devices limit. You maybe have an iPod, a laptop and your desktop computer, this makes 3 devices. Now you get another iPod and eventually a new laptop because the old one was broken. Makes 5. Now you are out of luck. It’s very unlikely that you will be able to listen to your purchased music in some years in a legal way.
So this is why I don’t buy DRM’d music. And the same would apply to any form of Second Life DRM. Even right now it’s annoying that I cannot copy all the clothes I purchased for personal use (as for making a new outfit) as they are set to no-copy. People want freedom and IMHO stuff would sell better the more freedom they have.
DRM means trusting nobody and it mostly affects your customer but not the ones who copy your stuff. They have a DRM-free version. Go to a filesharing site and you won’t see any DRM. And all the music is available nevertheless. Thus IMHO it does not make sense to start racing against hackers as the only one suffering would be your customers.
But what to do?
You as content creator are not only the sum of all your content you created. There is more to it. You have a brand which is (hopefully) recognizable, you do customer support (I hope), you are creative and come up with new ideas all the time (I bet). All this cannot be copied. And everybody who once started a business knows how hard it is to sell stuff if nobody knows you. The same is true for people copying other people’s stuff. Additionally they need to fear being sued (this maybe should done more often) or being banned. They also would be foolish to announce their service more openly. Thus IMHO content creators are pretty much protected by their brand.
The main thing to note here is that you need to be aware of this issue. Discussing it publicly it better than hiding it under the carpet while the bad guys can keep on copying. Being aware also means to find ways around that e.g. by providing additional services or maybe teaming up with a scripter to provide additional features.
There’s also the fact that many people hide behind their anonymity in Second Life. This is esp. true for all the trolls who are commenting on forums and blogs (IMHO these are the ones who truly act inresponsible in heating up such discussions instead of explaining things properly). It is also true for those who copy other people’s content. And it is true for those who are selling CopyBot (or did), such as Prim Revolution who is according to his interview on Reuters has been in Second Life for quite a while but created this account just to sell CopyBot. We should mark him as coward.
This in reverse means though that it might be a good idea to leave RL anonymity and provide more info about you. I never really understood why people tend to have separate lives in SL and RL (except maybe they are cheating on their beloved ones) but this is just me :-). But giving more info about yourself definitely helps gaining creditability which those copying guys never will have.
If we come back to CopyBot itself it’s also obvious that it is not the perfect solution for copying content. It won’t copy scripts and even objects without scripts are only poorly copied. No scripts also means no bling, no AO etc. Also read this post about what it is exactly able to do or not.
I understand the worries of the content creators esp. when they make a living out of it. But I’d also first wait to see how much copying really will be done. Additionally there needs to be some social and eventually legal pressure on them to stop such practices.
What I would not like is the banning of Open Source projects such as libsecondlife. Those projects help to push the platform to a new future and eventually could even replace the existing Second Life platform with all the stuff you possibly want in it. This is admittedly not very likely but if it helps to spot security holes or even enable me to save my content externally or provide similar servies then this is a good thing. And helping the platform in general is most likely also the reason why Linden Lab is embracing it.
Also note that copying always was possible and always will be. It’s the same as in RL and the same methods for fighting this apply (branding and legal action).
So please calm down, open your shops again (before other people will step into your spots and make use of that opportunity), do cool stuff and help to keep Second Life as open as possible (in fact it is not very open but that’s a different topic ;-) ).