Keep your inventory under control (Part 2)

This article was published in Fusion Magazine, April 2014. Click for the magazine!

Greetings everybody! In the previous issue we started deciding on a folder structure to begin sorting our items, and we learned how to open a second inventory window, which makes the process easier. It's safe to assume that after a month, we've advanced some bits in our task of keeping our inventory sorted, by sorting all of our clothes. What would be next?

Next would be making sure that we haven't forgotten any piece of clothing. When inventories have been unchecked for a long time, it's easy to not see items, especially if they're hidden under piles of Sort this later folders (Haven't we all done this?)

How do we make sure that we will be able to find our items, no matter how hidden they are?

By using the search feature of the inventory window.

We can use this feature in two modes: basic and advanced. In basic mode, we simply begin to type the name of the item we're looking for, and as we type, the viewer shows all the items containing that text as a part of the name.

This way, we can start to look for missing accessories, garments, etc. For example, type neck and likely most of your necklaces will show up, type ear and many earrings will show, and so on. Of course, this relies on the creator having given the item a name that makes sense, but this is usually the case. And if you still feel that items are missing somewhere in your inventory, instead you can type a store name, or the abbreviation. Creators often include their store names in the folder name, so this can make it easy to find their items.

As mentioned, there's also an advanced search mode. This consists of using a filter: The search text we type would be restricted to one more criterion. Which criterion? We can restrict by asset, the type of item we're looking for. For example, we may be looking only for notecards. Or we may be looking only for clothing layers and objects. So we would proceed this way, in the official viewer from LL (Firestorm has a Filter option right under the search edit box, other viewers may differ):

Open your inventory window if you haven't already, and click on the gear icon. Then click Show Filters from the menu that pops up. That opens a secondary window with checkboxes for the kind of assets we would like to include in our search. The way to proceed is: First, begin typing your search text, then untick boxes to restrict the kind of asset you're looking for.

This is very handy, because, as we know from the previous issue, we may have two inventory windows showing when sorting our items. So we can indeed have one of the windows where we use the Search tool to find our items, and the other window, where we have focused in our categorized structure, to move the items we find.

Make sure to complete sorting all of your clothes, for in the next issue we'll talk about packing: We don't want our inventories to run wild with hundreds of thousands of items!

Enjoy your SL.

Heartbleed: What's up with that? (by Sei Lisa)

(This post has been written by Sei Lisa, my business partner. I'm reproducing her text with permission. Thank you, Sei!)

"Heartbleed - is it serious? Does it affect me"

Short answer: yes, and most likely, respectively.

Long answer: It has the potential to expose passwords to a possible attacker, meaning that accounts that you have in any affected system can be broken into by using them. Many important sites including Google, Facebook, Tumblr, WordPress, Yahoo, Amazon Web Services, and many others, have been affected and if you had an account with them, your password could have been compromised. All of the companies mentioned have already fixed them, which means that if you change your password now, you will be safe. Many other sites where you may have accounts can have been affected, and it's better if you take action.

"But what is it?"

It's a software bug found in a popular library used for HTTPS and other encrypted kinds of communication through the internet, called OpenSSL. The bug facilitates reading some internal memory that should not be readable by anyone, and that contains sensitive data that you have transmitted to a certain site, especially passwords. The attackers can exploit a problem in a protocol that was incorporated into the library two years ago, called Heartbeat, thus the name Heartbleed.

"Is my Second Life account affected?"

No. Linden Lab has issued an official statement: http://community.secondlife.com/t5/Tools-and-Technology/Account-Safety-and-the-Heartbleed-OpenSSL-Bug/ba-p/2619322

However, if you have used the same password that you use in SL in a vulnerable site, it's recommended that you change your SL password because it might have been exposed through the other site.

"I doubt anyone has specific interest in me. Why should I take any action?"

An attacker might be able to read passwords and other sensitive information from the last person to access a site. Even if it's not targeted at you specifically, it may be targeted at you generically, meaning, someone could be harvesting accounts for a nefarious purpose, and you could be a random victim.

Additionally, malicious sites could have been retrieving information from you in a similar way.

"OK, and how can I protect myself?"

Changing your password to the affected site before giving anyone the opportunity to break into it, is a good first step. If you have used digital certificates with a particular site, then the problem is more serious for you, because the private key may have been compromised. Search for information on Heartbeat and certificates to know more.

Also, the bug is still out there: many sites continue being unpatched; therefore, don't enter any passwords in sites that are still affected by the Heartbleed exploit. Remember that it only affects sites that use the https protocol to enter the password. If the page you're accessing to enter the password begins with https:// then it's a candidate to check.

"And how do I know if a site is affected?"

If you use Chrome or Chromium, you can install an app that checks whether the site you're opening is vulnerable:
https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic

If you use Firefox, there is a similar one: https://addons.mozilla.org/en-US/firefox/addon/heartbleed/ but it is not officially endorsed by Mozilla and it uses an external checking service.

In other cases, there are still some options. You can use this tool to check if a site is vulnerable to this exploit or not: http://filippo.io/Heartbleed/ or this one: http://possible.lv/tools/hb/

If you can run programs written in Python you can also use this tool: http://foxitsecurity.files.wordpress.com/2014/04/fox_heartbleedtest.zip

Profiles: Your mirror

Maybe twice a month or so, I receive a notecard inviting me to an event. Normally I raise my eyebrow, because they're events completely unrelated to any of my activities, so I wonder what made them think that I would be a fit. Anyway, I make sure of reading everything (who knows?), and of course, I also check the profile of the person that sends me the notecard.

Profiles tell you a lot about people. Often you can safely decide that whatever you've read, "I'm this/that" is unlikely to be true (People often show an amazing blindness when it comes to evaluate themselves.) I don't mind at all when I find some personal tabs in merchants' profiles. It's like when you see your coworkers' photographs on their desks: husband, wife, kids and any other people they feel proud of having in their lives. (We could of course get cynical about this. I will not, this time.)

However, when I read a merchant's profile, I'm a little more critical with what I read. I ask myself "would I want to contact this person, if I have a problem?", when it comes to purchasing, and "would I want to be associated with this store/event?" in the case of being invited to events.

I'm not too picky when it comes to my being a customer. When I read a long list of "do not IM me, do not this, please notecards only, etc.", I'm reading their frustration, a frustration I can empathize with. I don't see it, as others do, like they're raising a wall not to talk to me, I don't see that they're pushing me away. I'm only reading they've had a lot of trouble in the past with not too nice customers, and are begging you to please understand they can't be there 24x7 exclusively for you, 5 seconds top right after you IMd them. Use the contact way they've told you to use, like you would do with any RL company. I understand that a long "no" list can throw other people away, and I'm trying to write and rewrite my own profile for that reason, but personally, I choose not to discard a merchant just because they have a long list of "no's". I know they may have very valid reasons for them. (Plus, people sure do try. If you list the ways to contact you and don't use any "no" list, to sound positive and kind, then they contact you in all the ways you have not listed. Ah, you never said not to contact you in all those unlisted ways!)

But, I do pay attention to how the profile is written, whether this is for the things they don't want you to do, or for the things they expect you to do. And I pay attention to any other side note. Yes, I read the second life tab, the first life tab, and all of your picks. I may read even more, if you have it available, like SL feed, blog and whatever else you add in there. I'm that curious.

We finally reach to what I actually wanted to talk about. I've received a notecard inviting me to an event, followed of an IM. I confess, lack of punctuation puts me off. I expect good writing skills from an event organizer. Call me elitist if you will, but I prefer to talk about business with people I can actually understand. Still, I read the notecard. No mention to "no resellers, no BIAB (Business in a box)", no mention to "no copyright infringements". I check the website, nothing about that either. Alarms ring. Well, that would be the very least to mention about an event. Of course where and how it's going to be advertised, etc., but a commitment in all items being legit should be among the first priorities, if not the first one.

Then I finally go back to reading their profile. What do I find? Among other personal stuff, a couple of quite interesting picks. In one of them, this merchant shows... no, brags, about how a badass they are when replying to people that have complained by calling them spammers. I click on the link... pathetic. I don't even remember who the person complaining was, all I know at this point is that I don't want to do business with this event organizer.

The thing goes on. Another pick is about their blog. They mix the personal part of SL with the business part of SL all in the same place, threatening with publishing conversations there if you "piss them off" and going all "nyah nyah, this is an external place to SL, you cannot throw the TOS at me."

I know that if I publish a conversation here, I am not breaking LL's TOS. But still... Really? You're not even going to do the work of at least not telling who the people involved, are? Well, I sure don't want to have trouble with you, and how do I avoid that? Yes, you got it: not being involved with you, nor your event. I wish you the best of luck. This is just not my style. At all.


Whenever I feel I want to write one of these rants, I feel divided. On one side, I want to talk about it, but on the other side, I can't avoid thinking "Why are you writing this? Do you think you are any better than the situation you are picturing here?" I haven't published many, many posts, because of that thought. So I will add, I know that my profile isn't perfect either. I know I make mistakes too. Feel free to point them out. I'm just talking about something that put me off, but if you want to be like this case I've described, go ahead, be yourself. I will likely not work with you, but that is fine, because likely, you wouldn't want me to work with you either.


PS: After reading older entries from this merchant's blog, I found an item using copyrighted material. Well. I'm not the copyright police, so I will only say, that alone is enough for me to silently reject the invite. Thanks but... No, thanks.

Twisted Hunt: The side hunt, explained

When I applied for Twisted Hunt, I requested a sponsor place, if possible. This is not a hunt I participate in because of the possible sales, but because I like it. I'm a fan of the dark side if you will (only imagination-wise). When I requested this sponsor place, I committed to preparing a side hunt. It was fun preparing it, and I hope people had fun too while trying to decipher the clues.

These were the rules included in the notecard that explained how the side hunt worked:

• The twisted statues in the store have the clues
• Each statue asks you a question and gives you several possible options as answers, showing from a menu
• When you choose an option, then the statue gives you a clue
• This clue could be a good clue, or not - Only one answer is the right answer, per statue
• When you obtain the right clue, this clue tells you which statue to ask next
• When you have all the right clues, the answers you gave in the menu, written in order, lead you directly to the gift

Something very important that was highlighted in the notecard is that the order is relevant, so the hunter had to know which was the first statue to begin with!

There was a starting clue, also in the notecard:

«Everything begins at the beginning, and this is no exception. Beginnings at times show you the world upside down and may look like the end. It's all a matter of perspective. However, beginnings always have a distinctive mark. A good explorer will find it.»

and from there, the rest was on them.

In order to prepare this clues game, the first thing I had to do was to decide where to hide the object, and make a point in not moving it during the whole month, because all the clues were written to lead to that point. Once that was decided, then I started writing the questions the statues would make to you, the choices they would offer to you, and the clues you would obtain upon selecting a choice.

Definition: A Twisted statue is a statue textured in the twisted tiles texture (except the hair). There are other statues in the store, so this way, I hoped to make clear which ones were involved in the hunt.

The starting clue referred to the Twisted statue located at the store entrance. All the statues had a script named the same, except that one: that's the distinctive mark the clue was talking about.

From there, you should go to said statue, click, and the statue would say:

«I've always wanted to build a house. If you were to build a house, what would be the most important part to you?»

the choices being:

• Ground Floor
• Blueprint
• Basement
• Roof
• Walls

The right answer here was "Ground Floor", which was kind of obvious in this case. When selecting this one, the statue replied:

«Well founded grounds! And concrete, lots of it, yes? I wonder where I could find some. Would you help me find it?»

The statue was referring to the column group gift, which had a concrete texture applied. The closest statue was the one to ask next. This next statue asked:

«Left is right and right is left. It all depends which side of the mirror you are at. If you were in front of a mirror, which side is left?»

the choices being:

• Right
• Left
• Huh?
• Front
• Back

The right answer here was "Left". Anybody that knows me, knows that I'm left-right challenged, meaning, I have issues with knowing what is left or right. If I'm left to decide left/right, I will decide left because to me, it's a 50% chance (which makes for a lot of fun when I go out and have to ask where a place is). When selecting this answer, the statue replied:

«He is in the left side in the picture. How did you know? Oh wait, I've confused myself again. The picture, you say? I think it's upstairs... but I didn't tell!»

It was referring to an ad of a couples animation, where the guy is showing to the left. The closest statue to it was the one to ask next, and so it would say:

«You can find it every day. It will accompany you in your worst moments. It will make powerful the smaller of the lights.»

the choices being:

• Plugs
• Darkness
• The night
• Friends
• Candles

The right answer here is "Darkness". "The night" happens only some hours a day, while you can find darkness any time of the day. When choosing this answer, the statue said:

«Perhaps she was right. I hear you can find her next to one display, but I don't know which one. Let your instinct be your lead.»

This was referring to a display in the store, showing the promotional picture of the hunt. The closest statue to it was the one to ask next, and then the statue would ask:

«These statues are all a bunch of whiny creatures. But I'm tired of using always the same word to refer to them. Could you please suggest something to me?»

the choices being:

• Complainers
• Dramaqueens
• Weeping
• Crying
• OhWhyMe

The right answer here is "Weeping". Knowing me, one would have chosen "Dramaqueens", or "OhWhyMe" instead. I could not use those ones because they weren't related to the location of the gift, so my clue was instead to know how to decide to discard them, and go for "Weeping", which sounds like something I would say too. How to decide? One can find the criteria in the hidden clues section :-).

So, when choosing "Weeping", the statue said:

«One of them is specially noisy about. I would stuff her into the piano.»

This leads us to the statue that is closest to the only piano in the store, last stop in this clues game, which asks:

«"In the darkest night, I feel you, [BLANK] presence that fills the room, looking at me, waiting for my rest." What do you like best to fill that blank? It's for a survey. All legal, I swear!»

the choices being:

• Angelical
• Light
• Evil
• Ominous
• Satirical

The right answer here is "Ominous". One would have known by discarding all of the other answers, according to the first criterion in the hidden clues section. And so the final answer from the statue is:

«"In me you have found the end of the lead." Meh, that doesn't make sense.»

That is telling you, you've reached to the end, and now it's time to write down, in order, the buttons you clicked when selecting the answer:

Ground Floor, Left, Darkness, Weeping, Ominous.

So the gift was hidden on the ground floor, left side of the store, Darkness section (where everything for Woeful Wednesday is released), between the Weeping streetlight and the Ominous presence couch.

Hidden clues that were noted nowhere

These were a couple of extra clues to help, but learning those clues was part of the fun of the whole game. I wanted them to be the "Easter Egg" that you find in a game and that tells you extra details.

Hidden Clue 1

If any statue was giving you an answer that numbered the statues somehow, that answer should be dismissed. All those answers were false clues.

Hidden Clue 2

The right answers were showing in the menu following a specific order. The order the answers were placed on the menus wasn't a coincidence either. I wondered if anybody would find the code, but nobody did. The way LSL orders the buttons on the menu made it difficult to spot.

Answer #1: Index 0
Answer #2: Index 1
Answer #3: Index 1
Answer #4: Index 2
Answer #5: Index 3

Lists have indexes for their items beginning in 0, so one can see that the right answers were following a Fibonacci sequence.