by Pixeleen Mistral on 21/09/06 at 1:09 pm
Stronger defenses and object blacklists coming soon
by Pixeleen Mistral, Herald National Affairs desk
“Work I already did will be locked and loaded for emergency deploy,” said Linden Lab code cowboy Andrew Linden yesterday. I was talking to Andrew after a pair of grid attacks hit Second Life Monday, resulting in complete SL grid shutdowns and cleanups, and had asked if any fence repairs were underway at Linden Lab. The new security measures “might be rolled out in the next day or two. Meanwhile we’re scrambling to get some more fixes into the next deploy package. I expect myself and one of the other developers to be able to get some more work merged before then. Emergency measures are sometimes taken, however we prefer to postpone updates until Wednesday.”
The attacks came on the heels of sudden and still unexplained grid outage Friday, which was of similar duration as the two acknowledged attacks. All of this suggests that there may have been an ongoing and concerted effort by someone to interrupt the Second Life user experience. [You don't say -- Ed.]
The weapon of choice for citizen-created content with grid-wide takedown intent is the self-replicating object script. These scripts cause objects to go forth and multiply in such an enthusiastic fashion that SL spends nearly all its efforts on the “go forth and multiply” work, leaving little time for ordinary avatars’ running, dance animations, flirting, role-playing, buying, and selling. While some might argue that the social interactions can always wait for another time, those trying to run a business in SL have to make their nut by covering at least their land tier payments, and any sort of downtime is a serious problem. For groups that want to use SL as a platform to support events or external marketing activities, reliability is also a central concern, but how this factors into the Lab’s development priorities has always been an open question.
Self replicating objects — also known as grey goo — have been a problem bedeviling the metaverse on a repeated basis since October 2005, and by May of this year, the Lindens had created a sort of grey goo fence to limit the spread of these sorts of attacks. While some suggested last April that charging for object creation might be a way to limit grey goo attacks, an aversion to another prim tax revolt seems to be an issue for Linden Lab. The grey goo fence is a sort of compromise between unfettered prim rezzing, and a pay-as-you-go restriction on prim creation.
In spite of the existence of the grey goo fence, reports earlier this summer suggested that there were still ways to crash the grid, and reliable sources informed the Herald weeks ago that the goo fence has a number of vulnerabilities known to at least some LL staffers. However, setting priorities in the face of unruly residents and the apparent need to continually add new features to the SL platform is certainly a vexing challenge. Hopeful avatar puppeteers will be unhappy to hear that the latest emergency will result in the delay of the at least one new feature. Andrew told me, “I had to drop my scheduled work on avatar puppeteering to focus on the latest emergency. That, and a few of my side projects will probably slide down the schedule to some later date since I had to temporarily abandon them to address more pressing matters.”
The Lindens are not placing all their faith in the fence, since work is also underway on a sort of object blacklist that will allow those operating the grid to more quickly remove objectionable items from the SL world, which will shorten the time it takes to recover from grid attacks. Andrew Linden said he and three other developers are currently working on “improvements to our blacklist system, which is what we use to clean up the messes once they have been contained and identified. The blacklist is basically a list of rules describing content that we want deleted, and it is distributed to all of the simulators running the grid.”
At least for now, the Lindens seem to be taking the grey goo issue more seriously by devoting four of their 28 developers to emergency fixes. The relative merits of grid stability vs. new platform features are likely to be the subject of vigorous resident discourse in venues outside the Linden’s control since the forums and official blog continue under a sort of anti-negativity lockdown as explained by Philip Linden in this week’s town hall meeting. We will all have to wait and see what the cumulative effect of resident account database disclosures, software update woes, and grid crashes is on SL’s appeal to both in-world business, and RL business, but as suggested by Tony Walsh, there are fundamental issues that need to be addressed soon. Let us hope that Linden Lab can get off the fence and makes the right choices in prioritizing its efforts.