XstreetSL has announced they will be using login information from Second Life. I think this is great. I never got an account set up proper at Xstreet. I’ve tried to set one up, but it kept saying my email address was already being used, yet my login info didn’t work. Asking for a password reset dosen’t work since since it asks for your login name, and not your e-mail address. So hopefully when this goes into effect, I won’t need to worry about this anymore.
Now there are some obvious concerns about this, mainly security. If XstreetSL was still a separate entity; then yes I would be quite alarmed that all of a sudden my account information on Second Life would be magically migrated over to some 3rd party web site. But remember kids, Linden Labs acquired XstreetSL not to long ago, so this isn’t a big deal, so our private information is still being kept by a single entity. I would only question is to exactly how they are doing this, since I don’t believe the two sites are even remotely compatible. They won’t be changing how SL works, so they will have to change how XstreetSL works. It’s not likely they manually copy and convert login info from the 6million+ users accounts that already exist, as well as the thouands of new ones that are created every day. So the paranoia about this I think isn’t neccessary.
Also this is a step forward in integrating all the services that Linden Labs has, with out requiring separate login accounts for SL it self, it’s web page, JIRA, SL Blog, and now XStreet. I’m also going to assume that XStreet will eventually lose their name, and just be integrated as appart of Second Life, using the built-in web browser in the viewer; a lot like how shopping is done at There.com.
There are other high risk security issues that Second life still needs to address:
No secure trading function
SL has no way of guaranteeing that when you buy or trade something, you’ll actually get something in return. Short of using scripted vendos, if you’re dealing with another user directly, you’re giving your complete trust that the other person wont just skip out on you after you paid to buy someting from them. Though the direct pay function still needs to exist, otherwise you couldn’t pay into vendos, or give others gifts. There.com has had a secure trading function for many years, where you’ll see all the details of the item(s) you’re giving, as well as receving, with TWO confirmations before the exchange takes place. SL has yet to have anything like this, so users have to file fraud abuse reports to LL if a deal goes bad. If LL implemented this, it will cut down a lot of their abuse reports of fraud and less work load for Linden employees who can spend time fixing something else.
This is a stupid thing to have. If a user can’t remember thier password then they are SOL. Functions like these just makes user lazy-minded anyway. I’ve hand many occrances where I’ll meet someone new, have a good time chatting with them. Then the next day I see them again and they are like a completely diffrent person. Often abusive, insulting, or just plain stupid. This is because it WAS A diffrent person. This user kept “remember password” and so thier roommate, BF/GF/Spouse, sibling logged in as them. Linden Labs is always talking about password security, how it’s a violation of TOS to give your password to anyone else, and you should change it on a regular bassis. Yet they have this “remember password” function that opens up a whole new avenew of insecurity; it ought to be removed completely, or at least tucked away deep inside prefrences, and set OFF by defualt.
Those are the top two things that have bugged me for years.. i know there’s more but nothing i can recall right now. I’ll add more to this list later.