Hugsies Blog!

August 21, 2010

Emerald Gate, and Imprudence viewer

Filed under: Uncategorized — Tags: , , , , , , , , — Hugsie @ 10:14 pm

I’m sure you’re all aware as to what happened. A member of the Emerald team modified the log-in screen to, in effect, cause a DDoS (Distributed Denial of Service) attack a website that apparently blogs critiques Emerald viewer. Jezzuz, should I worry? Anyway, the individual who had no accomplices that anyone out side of Modular systems is aware of (or has admitted to), was kicked off the Emerald team.

Oddly, two former Lindens joined the team. However these former Lindens are still jobless, no one who works on Emerald actually gets paid, do they?  I mean does Modular Systems do anything else but work on Viewers?  Even the person who DID DDoS attack said he dosen’t get paid.

Now there’s word that Linden Labs will drop Emerald from their “approved” Third Party Viewers Directory (TPV). However there’s two problems with that.  LL’s policy on TPV states:

(2. d. iii) You must not launch Denial of Service (“DoS”) attacks, engage in griefing, or distribute other functionality that Linden Lab considers harmful or disruptive to Second Life or the Second Life community.

This DDoS attack was NOT against Linden Labs, nor the Second Life grid it self, or any particular user. Unless the claim can be made that the victim’s website is apart of the “second life community,” then it this might hold up. However Modular Systems claims the website that was attacked is a blog owned by a creator of a malicious viewer, not just a critique of the Emerald viewer, which even I am one.

Secondly and most importantly the Third Party Viewer Directory is bullshit. They do not enforce this policy what-so-ever. You can use any client software viewer you want on Second Life. It’s just how LL washes their hands of the responsibility if a 3rd party viewer does something naughty. If they REALLY could enforce this policy, then copybot viewers would have been banned YEARS AGO.

Now the reasons I’m dumping emerald, isn’t just because of Emerald-gate, but the smoke they kept blowing up our asses for the past month on their blog.  Since build 2439 was out, the blog stated they would have a new release candidate (RC) in about 2-3 days.  Weeks later nothing! Then they pulled 2439 off their blog and was no longer available due to “security issues.”  My guess is this was the build was causing the DDoS attacks. Which doesn’t make much sense since this build was out more than a week before August 9th; the date when the DDoS attacks apparently started.

The thing that really bugs the hell out of me is what the Emerald team said after the shit already hit the fan.  They tried to pass it off as an apology. Saying this was not a DDoS attack is a FLAT OUT FUCKING LIE. They used ME, and thousands of other users as a BOT NET to connect to a remote website EN MASS to attempt to overload a web server.  That’s the CLASSIC definition of a DDoS attack even if the attack wasn’t successful at taking the website offline. How DARE they low-ball this scandal with a post calling it a prank?  Pranks are usually funny and are usually NOTICEABLE by everyone involved, otherwise who’d laugh?  But we were in the total dark about this so-called “prank”.  Besides breaking federal LAWS and possibly incriminating ME, and thousands of other unknowing participants can get us *all* into trouble IS NOT FUNNY!

FUCK YOU Modular Systems!

Now with that off my back….

Imprudence is a lot like Emerald, it has a lot of the same functions and whatnots.  One thing so like is that the “radar” is apart of the minimap, as a colapsable little list, with the same functions as Emeralds Radar, but there is a lot less information on this radar list (ages, actions, viewer, etc)

Also the built-in AO in Imprudence has an option where you can put the AO on/off button in the lower bar, next to the local chat dialog.  nifty.

The one thing Imprudence lacks that Emerald has is a HUGE preferences page setting for really advanced options to tweak everything.  Like you’re able to mute the spam that the radar sends out, but on Imprudence there seems to be no way to do this.

I also noticed that Imprudence uses a different font for all text.  It seems to be using Veranda, which is fine, but why not have an option here i can use whatever font I have?

I don’t like how the profile dialog looks in Imprudence. I’ll probably get used to it, but Emerald had the function to “full size” the images on profiles so you can see them in their full resolution.

I also miss the spell check Emerald has. Double Click teleports, and a few other things I’m a little to tired to remember right now.  It’s well past midnight, and I should sleep.

Advertisements

15 Comments »

  1. I read (2. d. iii) slightly differently. I read it as:
    * You must not launch Denial of Service (“DoS”) attacks.
    * You must not engage in griefing
    * You must not distribute other functionality that Linden Lab considers harmful or disruptive to Second Life
    * You must not distribute other functionality that Linden Lab considers harmful or disruptive to the Second Life community.

    That’s the way I read it given the punctuation.

    Comment by Tateru Nino — August 22, 2010 @ 2:56 am

    • Nope, it all written as a single sentience, so it’s all in the same context of protecting LL, not the entire internet as whole. What I find what’s said in (2. d. iii) is simply a technicality in verbiage that clearly is worded to protect it self (LL); not some guys blog page that LL has nothing to do with. UNLESS this guy’s blog can be some how considered apart of the “second Life Community” otherwise it dosen’t apply.

      I’m not trying to sympathize with what Modular systems has done. Common sense dictates they did violate this policy LL has put in place for TPVs. But Lawyers are paid to pick apart documents like this and find loopholes and technicalities, and i find this one to be a big technicality, which I think LL should revise in light of recent events.

      Comment by hugsalot — August 22, 2010 @ 6:59 am

      • I guess LL disagrees with your reading of the TPVP: http://blogs.secondlife.com/community/features/blog/2010/08/24/malicious-viewers-and-our-third-party-viewer-policy

        Comment by V — August 24, 2010 @ 9:36 am

      • Oh as if LL was ever in agreement with the majority of it’s user base. Come on we all knew this was going to happen when we saw Emerald dropped from the TPVD 2 days ago. I got the email today from Phillip Linden, with an idle threat to disable Emerald logins. Thing is this “issue” was resolved long before any of us got wind as to what happened. All we saw were members leaving the Emerald team, ex-Lindens joining, and promises of new betas for the past month.

        Phillip also stated “all third-party viewers are held to the same standard, and must comply with the third-party viewer policy.” Which is completely bullshit. There are many many viewers I can download that aren’t on their TPD list, and i can still use it on Second Life. But i wouldn’t really WANT to.

        Comment by hugsalot — August 24, 2010 @ 11:04 am

  2. I’ve also made the switch to Imprudence in the wake of this mess. The only thing I think I’ll miss from Emerald is the ability to switch voice channels at the chat bar, as I use a “microphone” at inworld events that converts everything on channel 1 to shout, and that function keeps me from having to type “/1 Blah blah blah” every time.

    Aside from that, I’m very happy with my Imprudence test run, and the icon makes me smile a little every time I look at it.

    And Modular Systems’ weak-tea apology was the last straw. I’ve already given them the benefit of the doubt for previous alleged shenanigans, and now I’m all out.

    Comment by Abel Undercity — August 22, 2010 @ 4:12 am

  3. Even the person who DID DDoS attack said he dosen’t get paid.

    Not true, actually – he makes a not insignificant amount of money off the google ads on modularsystems.sl, which he keeps to himself.

    The Modular Systems claim about the maliciousness of the target website is accurate, though of dubious relevance – I imagine it was targeted more for pointing out problems with Emerald than for running a malicious viewer (Onyx is malicious too, after all – and the person responsible has been repeatedly permanently banned from Second Life, as have several other emerald devs).

    To be moderately impolite and copy/paste a large chunk off a mailing list:

    Soft Linden
    Am I right that the target server belongs to the guy who:

    1) Was interviewed in a previous blog write-up about the IP & username database and geolocation tool that he sought to show was built up for Emerald Point visitors, Insilico visitors, and people creating accounts via the Modular Systems website?

    2) Demonstrated that Emerald wasn’t removing usernames from paths before embedding them in textures even after the team’s first attempted fix?

    I know we already talked to the team and set some conditions after the first one. The second one’s been explained as a mistake that Modular Systems would be willing to publicly acknowledge and correct – the potential for collecting usernames would have to be in the viewer’s privacy policy otherwise, and it isn’t to date. But that one of these incidents was history and the second was supposed to be a mistake made the hidden request activity all the more confusing.

    Comment by Katharine Berry — August 22, 2010 @ 5:00 am

  4. What is left of the Emerald team cannot be trusted. There is no longer a white hat checking everything. http://lordgreggreg.wordpress.com/2010/08/14/emerald-reassessment/

    Comment by Mimika Oh — August 22, 2010 @ 6:43 am

    • What about the two ex-Linden employees who are now apart of the Emerald Team? I mean honestly not one person would have the time to check every line of code before it’s sent off into to the wild for “malicious content” keep in mind this was done my ONE PERSON who WAS on the Emerald team. I don’t blame the whole team this and they took the responsibilty by dumping the guy who did this.

      However I do blame the entire Emerald team for flat out lying this was not a DDoS attack, and trying to give a half-assed apology, with out actually STATING an apology and calling it a prank. Fess up to what happened, stop trying to spin doctor it, it’s not like they hadn’t been up to other “shenanigans” in the past.

      Comment by hugsalot — August 22, 2010 @ 7:11 am

      • Care to point at Fractured Crystal’s resignation? Given he owns the project, it feels unlikely he left.

        Comment by Katharine Berry — August 22, 2010 @ 7:12 am

      • Indeed, there’s no sign that there’s any action taken at all.

        Comment by Tateru Nino — August 22, 2010 @ 7:16 am

      • Well, apparently he resigned, and then deleted his resignation (google cache link), and at some point the person he transferred control to (because having PR run the project is a good idea?) also resigned.

        Comment by Katharine Berry — August 22, 2010 @ 7:23 am

      • damn so who’s left at Modular systems? Qarl and Data Linden?

        Comment by hugsalot — August 22, 2010 @ 7:43 am

      • Discrete, Skills, Phox, Jessica, Qarl, Data (presumably), lots of support people, and at least fifteen devs who never do anything.

        I know a number of others have resigned quietly before this event, and I wouldn’t be surprised if more have since.

        Also, the original post is back up on the MS blog.

        Comment by Katharine Berry — August 22, 2010 @ 7:46 am

      • Good to see you at the event today Kitty! 🙂

        Comment by hugsalot — August 22, 2010 @ 12:36 pm

  5. […] this is really what Second Life blogging is all about – the chance to work oneself up into a lather of righteous indignation over some utterly trivial “outrage”. I know that clandestinely co-opting your customers […]

    Pingback by Teenage Kicks « Second Life Shrink — August 23, 2010 @ 12:05 am


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: