John Hurliman

Since January I’ve been working on a final research paper for my undergraduate degree in economics, and it is available to download now. The paper explores property valuation in virtual worlds, and specifically focuses on land prices in Second Life. To collect the data I wrote a libsecondlife bot that periodically logs in, takes a sampling of the land for sale, and compares it against the previous snapshots to detect ownership changes and check if a sale took place. A hedonic regression is constructed to try and make sense of land valuation and a few interesting things were discovered, but nothing an experienced realtor in Second Life wouldn’t already have discovered through experience. In my opinion the most important thing discovered through the research is that the limitations of searching for land in Second life introduced a selectivity bias in the collected data, and does not deliver complete information on the market to land buyers. Maybe one of the third party new search technologies can address these limitations.

Abstract

This paper explores the fast growing market of property in online virtual worlds by researching land prices in the online world of Second Life. As computing power and access to broadband Internet increases, immersive three dimensional worlds are increasing in popularity. In Second Life, a currency system with a floating exchange rate to the US dollar is in place and user-created synthetic goods are bought and sold. The only constrained resource is virtual real estate, and the more you own the larger and more complex structures you can build. A strong correlation between property size and price can be clearly established, but is this the only determinant of cost? A closer look at the parcels being purchased shows that size may not be the only consideration. Some residents may prefer a tropical beachfront location over snowy cliffs, or a more heavily trafficked area as a location for a new business. A background on the methods used to collect research data from Second Life is presented, and a basic hedonic pricing model for property in Second Life is constructed.

Virtual Appraisals: A Hedonic Pricing Model of Property in Second Life
Research paper + Excel data, source code, and MySQL schema

The Barracuda Web Filter is used by many college campuses and businesses to protect users from spyware, viruses, objectionable content and unauthorized software. There are several port/ip blocking options and packet filters specially tailored for popular applications, along with an extensive web filter. The web filter preys upon unencrypted HTTP headers for banned URLs, mime-types, and file extensions. In the case of the Washington State University setup the application/x-bittorrent mime-type is blocked, which as I mentioned in a previous post blocks access to lots of Internet content such as NASA torrent files, art, software and operating system such as Linux, movies and television, and more available from various legal torrent trackers. Strict policies can also interfere with game update clients such as the World of Warcraft updater, although Student Computing Services tells me an exception has been made so the WoW updater functions. This doesn’t address other game updaters such as the installer/updater found in Gunz.

The packet filtering options in the Barracuda Web Filter are ineffective against encrypted Bittorrent traffic, so forcing encryption on all inbound and outbound connections with a client such as uTorrent or Azureus will ensure the actual download completes safely. Now the only problem is getting the actual .torrent file off the net. If you can get the file through an alternative means such as IRC, FTP, or IM/e-mail from a friend that will work fine, but often times this isn’t feasible. There are many different ways of grabbing the files off the web with various requirements and ease of use for each option. The first option works if you have access to a remote server running SSH, VNC or an equivalent and a web or file server. SSH in to the server and wget the torrent file, making it accessible to download from a web interface that doesn’t send the application/x-bittorrent mime type, or an FTP or alternative server. Requires technical knowledge, access to a remote server, and is very tedious and therefore the least favorable option. The next option requires a remote web server as well, and involves a simple PHP script that passes a remote file through and rewrites the mime-type to avoid the filter.

header("Content-type: application/x-notbittorrent");
readfile( $_GET['url'] );
?>

If you uploaded that script as index.php to http://www.a.com/torrents/ you could fetch a remote torrent file with http://www.a.com/torrents/?url=http://www.b.com/ubuntu.torrent (or whatever torrent file you were seeking). Aside from requiring a server with PHP and url readfile support, the resulting download will have a random name that needs to be renamed to a .torrent file to be recognized by some Bittorrent clients. This also requires technical knowledge and is not the most favorable option by far.

The final option presented here (but not the final option by a long shot) is to use an anonymizing network to fetch the torrent files. The Tor network is a collection of servers scattered across the globe that route traffic over an encrypted, anonymous mesh network to protect Internet privacy. To get up and running quickly you will need Tor, Privoxy (a proxy to connect applications to the Tor network), and the Tor Button for Firefox (a convenience shortcut). Linux and OSX users can grab Tor and Privoxy easily enough, for Windows users there is a Tor+Privocy+Vidalia (a frontend) bundle available at http://tor.eff.org/download.html.en. Install, right-click the Tor icon in the system tray and click Start, and finally download the Tor Button for Firefox which adds a small button in the bottom-right corner of Firefox to quickly enable and disable routing web traffic over Tor. Make sure to enable it before downloading a torrent or visiting any objectionable content, and disable it to increase speed for work or research related browsing. This is considered the best option since it doesn’t require access to an external server, can be installed and running in less than 10 minutes with a moderate level of technical knowledge, and is a generic solution to protect all web traffic. Other applications can even be configured to use Tor, although it’s not recommended to run P2P or bandwidth intensive applications over it. The bandwidth for the network is donated by volunteers and as bandwidth caps are hit on the servers they will temporarily shut down, slowing down the network in general. For example my server has a 700MB daily quota for the Tor service, once that limit is hit it will shut down and wake up the next day. If you make use of the Tor software and find it useful, consider becoming a member of the EFF or making a donation to the Tor project.

It was brought to my attention that the information in this post was putting the Washington State University Information Technology department at an increased risk for malware and viruses. It was my original hope that users tech savvy enough to install this fix would not be contributing to network stability issues, and my only goal was to allow residents Internet access. The defect has already been discovered by another independent team and registered in the NIST National Vulnerability Database, and Cisco Systems has clarified that the design flaw is not a security exploit because it does not bypass authentication in any way.