Disclaimer: This post is strictly the thoughts of a single OpenSim developer and may not represent the opinion of the other developers (although I suspect most will agree.).

Huh?

This one seems to be coming up regularly, so I thought it would be best to set the record straight here. OpenSim is not a virtual world. It’s a piece of software, which if configured in a specific way allows you to run a virtual world. Consider it another way – the Apache Webserver is not a website, but ~50% of the websites online are running Apache.

Now, there are virtual worlds using OpenSim as their underlying software – quite a few these days actually, for example OSGrid, OpenLifeGrid, TribalNet, etc all use OpenSim as the underlying software – but they arent part of a OpenSim virtual world.

Why does this matter?

Well, when it comes to discussing things such as Economies – we cant say there is or should be an economy in OpenSim, for the same reasons we can’t say there is an economy in the Apache Webserver – the sentence simply does not make sense. Now sure, sites like PayPal and eBay and others may use the Apache web server to run some kind of economic and financial transactions, that’s something they have built on the top.

Just as the Apache web server group doesn’t support PayPal transactions – the OpenSim group doesnt handle monetary or inventory or any other kinds of transactions for people using OpenSim, that’s up to the operators themselves to decide on how to handle.

We provide all the programming hooks nessecary to run an economy, but at the end of the day, people will still need to build an additional layer of infrastructure over the top to handle it properly. People operating grids will need to contract Credit Card Gateways and handle the payments themselves, we cannot do that for them, for one we’d be taking a risk and responsibility for something we dont operate.

Setting the record straight on content

So… should all content running on an OpenSim-powered server be free/oss then?

Nope - despite comments made by a certain individual, that’s not the case at all.

Infact we’ve never ever said anything to this effect. The environment we build by default (and that’s the components we ship to do things like a Second Life™ environment), we’ll try our best to respect permissions infrastructure as best we can – but there are limits to what we can practically do, we cannot alter the fundamental laws of mathematics and computer science (see my previous post for more on this) for example.

What we are doing however is looking at ways to make practical solutions to these problems easier to use for a content creator, and more legally applicable. Unfortunately “Mod/Copy/Trans” does not a legal contract make – what we’d like to be able to do is show those, and then automatically generate a contract you can use that backs those up legally. A primitive structure for how to store licensing information was fleshed out on the OpenSim Wiki, you can read the proposal I made (fairly old, from January I think).

Applications vs Platforms

The final point I would like to make is – just like the Apache Webserver can be used for evil (hosting less than reputable content), there’s people using OpenSim for less than savory purposes too – there’s also a lot more people using it for interesting, productive and educative purposes.

So far, I guesstimate there has been somewhere between 20,000 and 50,000 installs of OpenSim – there is a lot of users toying with this software, and the number grows as we get more feature complete and easier to use.

None of these projects listed below connect to each other, or form a “OpenSim World” – each is unique and seperate. Joining the worlds together is a project of the Architecture Working Group (something I will address no doubts later), but each is interesting nonetheless.

osgrid.org – A free grid running OpenSim software that anyone can connect their own regions to free of charge, the grid is run by a committee of system administrators who keep the central servers operating. It’s sponsored by DeepThink, the Electric Sheep and others who all pay to keep those servers running for the public.

TribalNet – A free, closed-source use of OpenSim which makes it easier for end users to host their own OpenSim systems with a helpful setup installer and some very shiny features. Worth at least checking out. It’s commercial and sponsored by TribalMedia (one of the other developers of OpenSim)

SimGis – A university[?] use of OpenSim to visualise geographic data availible from the USGS. This is one of the more ‘out there’ uses of OpenSim but shows a practical application for a virtual world for business and education use.

Shengri La – OpenSim being used by a fashion designer to quickly prototype and present their models to suppliers without having to go through many design proofs (a costly and time consuming process). It’s also one of the most stress testing applications of OpenSim. It’s being developed in partnership with IBM (yet another OpenSim contributor)

Greenbush Labs – Using Open inside of K-12 education as a way of visualising and rapid prototyping (it’s also being used as a safe version of Second Life that can be run entirely without connecting to the outside internet)

OpenLifeGrid – One of the uses of OpenSim to emulate a Second-Life environment, this will be one of the most likely candidates to implement and use things such as an economy model. OpenLifeGrid is a commercial venture (and the operators have been known to sponsor a few fixes to OpenSim itself), if you want a perfect SL clone, these guys are the most in line with that ‘use case’.

In Summary

OpenSim can be used to launch applications (like Web Applications – say Virtual Applications?) that can look like SL, or they can be completely different. The motives of the people running OpenSim are going to determine what features it supports and implements.

By default, we’ve committed ourselves to trying to add hooks (and therefor support) for everything the client is capable of handling, we should be approaching 90-95% of those hooks being completed at this stage, but default implementations may be lacking. Our goal is to produce something modular so you can swap pieces on each hook with other matching pieces, so you could potentially have a PayPal™ economy module and a Linden Dollar one, and swap the two depending on your needs.

Every component of OpenSim is being built this way, so that people with varying needs can adapt the software to what they need (such as say, routing Instant Messenger and Friends Lists through the Jabber protocol).

There’s a very fundamental problem facing many content creators in Virtual Worlds these days (such as Second Life™, IMVU™ and others), and that is the problem of Piracy – where one unscrupulous individual takes content from a designer or developer, and then attempts to resell it as their own.

It’s a problem – no-one can deny that, but the solution to the problem is not ‘deep’ DRM. There are a few reasons for this, especially when it comes to content (scripts and backend programming are another matter entirely and something I will get to in a moment)

Three reasons why this wont work for visual content

First, the obvious one – content must be displayed on the users screen. This means it must be presented to the video card in an unencrypted form. I’ve heard a few silly ideas to prevent this one, such as encrypting the texture and using a shader to decrypt it on the video card (just run the shader in a virtual machine).

At a very fundamental level, the laws of mathematics do not allow you to say “This number cannot be copied.”, computers which are based on very high level mathematics are still subject to these immutable laws. There’s a parallel law here which states that you can always modify something – sure you can make it a house of cards that breaks if you make a change, but someone can always employ superglue to prevent that.

It’s technical, but it’s worth reading the examination of the Skype binary (PDF) done by a security analysis team, the Skype developers know their stuff, exactly how to use cryptography properly, how to try prevent debuggers from being run, etc. Every single one of their protections has been examined and detailed specifically in that document – no matter how clever you think you are, there are cleverer people out there and not all of them have good motivations.

Second reason why this wont work – You hand the legitimate user both the content and the key to decrypt it to display it – there’s no way to avoid this without disallowing the user to view the item (which defeats the purpose of content). There’s nothing stopping them from making a copy of both parts, and once the schema is broken, there’s no going back – it’s out there. You cant revise the encryption scheme after it’s been broken, your content is now available unencrypted.

This has been a big problem with things like DVD encryption, because to release a new encryption scheme you need to get every user to update, and titles released under the old scheme are still broken. DRM used in popular products tends to have a life somewhere between a week and three months – assuming point #1 doesn’t hold, this still means you have to assume all your content more than at most 3 months old is piratable – how many content producers produce enough content every month to make their old lines completely redundant from a sales perspective?

Third reason – DRM tends to annoy customers. Consider the possibility where you want to teleport your avatar around a hypothetical super-grid the size of the internet. You enter a sim which hasnt been authorised (and I’d say in the long term, most will fall into this class – similar to only how a small % of sites have SSL certificates), and bam, your avatar vanishes.

Well, what can you do? Not much – but you arent likely to buy avatars from this user again that’s for certain. There is likely going to be a commercial incentive towards content which after you buy is free to do what you want with. (With copyright law enforcing violators and pirates).

So – how the hell do you protect your revenue/sales in an environment where anything goes?

This question is the real question that should be asked, the answer hasnt yet been determined (market forces will likely be the ones to figure out which models work, and which dont)

• Custom Content – in a world where everything is mass produced and cloned, unique content that has been hand crafted for what you want is a drawcard. It’s unique, it’s yours, it’s $50.00/hour design fees.
• Keep on keeping on – The current model is unlikely to collapse, brands seem to matter and people like being able to say they have legitimate content. Systems will likely appear that allow you to verify whether someone has paid for a piece of content or not. Piracy goes on in virtual worlds today, but sellers seem to keep making sales (I’d like to know more from specific sellers how their sales have gone when a piece of content has been pirated significantly).
• Mark your intent - Tying in with the above point is the idea that you can mark your intent – this is ’shallow’ DRM – it’s nothing that cannot be removed, but it does signify what the creator wanted you to do with this content and has licensed you to do. If someone violates these terms, you can deal with them the same way copyright infringement is handled in the real world, courts. For all the complaints that go on about the DMCA, the act does provide a relatively sane way to deal with IP infringement from a content creator perspective (however beware, filing a false DMCA claim IS perjury).

So what about scripts?

Well, if your script is going to be transmitted from host to host – you have the same problems that commercial web scripts have – and all of the above applies. With sufficient bandwidth and processor time however, it is possible to run scripts on your servers for other peoples (the “hosted” model). OpenSim supports this hosted model via the ScriptEngine that can be run as a grid server – hopefully these kinds of things will become easier to setup and maintain, and perhaps a giant such as Akamai will take to the role for other people.

OK, so saying I’d put this site back online by December 2003 was a little optimisitic I admit. Admittedly I have been sidetracked in the time since, ending up with several jobs simultaneously that keep me somewhat busy.

The reason I’m setting this up is mostly so I can post thoughts, arguments and comments on things – mostly around the OpenSim project at the moment. I know I do have an account on the opensim wordpress site, but splitting this off distances me from any official opinions the group has, and gives me freedom to post my exact thoughts on things.