Linden Lab Plans Fixes After Grey Goo Fence Fails
by Pixeleen Mistral on 21/09/06 at 1:09 pm
Stronger defenses and object blacklists coming soon
by Pixeleen Mistral, Herald National Affairs desk
“Work I already did will be locked and loaded for emergency deploy,” said Linden Lab code cowboy Andrew Linden yesterday. I was talking to Andrew after a pair of grid attacks hit Second Life Monday, resulting in complete SL grid shutdowns and cleanups, and had asked if any fence repairs were underway at Linden Lab. The new security measures “might be rolled out in the next day or two. Meanwhile we’re scrambling to get some more fixes into the next deploy package. I expect myself and one of the other developers to be able to get some more work merged before then. Emergency measures are sometimes taken, however we prefer to postpone updates until Wednesday.”
The attacks came on the heels of sudden and still unexplained grid outage Friday, which was of similar duration as the two acknowledged attacks. All of this suggests that there may have been an ongoing and concerted effort by someone to interrupt the Second Life user experience. [You don't say -- Ed.]
The weapon of choice for citizen-created content with grid-wide takedown intent is the self-replicating object script. These scripts cause objects to go forth and multiply in such an enthusiastic fashion that SL spends nearly all its efforts on the “go forth and multiply” work, leaving little time for ordinary avatars’ running, dance animations, flirting, role-playing, buying, and selling. While some might argue that the social interactions can always wait for another time, those trying to run a business in SL have to make their nut by covering at least their land tier payments, and any sort of downtime is a serious problem. For groups that want to use SL as a platform to support events or external marketing activities, reliability is also a central concern, but how this factors into the Lab’s development priorities has always been an open question.
Self replicating objects — also known as grey goo — have been a problem bedeviling the metaverse on a repeated basis since October 2005, and by May of this year, the Lindens had created a sort of grey goo fence to limit the spread of these sorts of attacks. While some suggested last April that charging for object creation might be a way to limit grey goo attacks, an aversion to another prim tax revolt seems to be an issue for Linden Lab. The grey goo fence is a sort of compromise between unfettered prim rezzing, and a pay-as-you-go restriction on prim creation.
In spite of the existence of the grey goo fence, reports earlier this summer suggested that there were still ways to crash the grid, and reliable sources informed the Herald weeks ago that the goo fence has a number of vulnerabilities known to at least some LL staffers. However, setting priorities in the face of unruly residents and the apparent need to continually add new features to the SL platform is certainly a vexing challenge. Hopeful avatar puppeteers will be unhappy to hear that the latest emergency will result in the delay of the at least one new feature. Andrew told me, “I had to drop my scheduled work on avatar puppeteering to focus on the latest emergency. That, and a few of my side projects will probably slide down the schedule to some later date since I had to temporarily abandon them to address more pressing matters.”
The Lindens are not placing all their faith in the fence, since work is also underway on a sort of object blacklist that will allow those operating the grid to more quickly remove objectionable items from the SL world, which will shorten the time it takes to recover from grid attacks. Andrew Linden said he and three other developers are currently working on “improvements to our blacklist system, which is what we use to clean up the messes once they have been contained and identified. The blacklist is basically a list of rules describing content that we want deleted, and it is distributed to all of the simulators running the grid.”
At least for now, the Lindens seem to be taking the grey goo issue more seriously by devoting four of their 28 developers to emergency fixes. The relative merits of grid stability vs. new platform features are likely to be the subject of vigorous resident discourse in venues outside the Linden’s control since the forums and official blog continue under a sort of anti-negativity lockdown as explained by Philip Linden in this week’s town hall meeting. We will all have to wait and see what the cumulative effect of resident account database disclosures, software update woes, and grid crashes is on SL’s appeal to both in-world business, and RL business, but as suggested by Tony Walsh, there are fundamental issues that need to be addressed soon. Let us hope that Linden Lab can get off the fence and makes the right choices in prioritizing its efforts.
3pointD.com
Sep 21st, 2006
Second Life Security Fixes Locked and Loaded
Second Life resident Pixeleen Mistral, the latest star correpondent to grace the pages of the Second Life Herald, has a great interview in the Herald today with Linden Lab code jock Andrew Linden, in which he talks about new security measures being …
bitacle.org
Sep 22nd, 2006
Bitacle Blog Search Archive – Linden Lab Plans Fixes After Grey Goo Fence Fails
[...]
Stronger defenses and object blacklists coming soon
by Pixeleen Mistral, Herald National Affairs desk
“Work I already did will be locked and loaded for emergency deploy,” said Linden Lab code cowboy Andrew Linden yesterday. [...]
Torley
Sep 22nd, 2006
Ooooh Pixeleen, I’m glad Andrew gave me you were interviewing him–and here it shows up!
One thing though, we don’t have “sort of anti-negativity lockdown”, neither on the forums nor blog. Anti-abuse, towards Lindens and Residents? Yes. One valuable thing is all the harsh-but-well-meaning criticism we’ve been getting, and in particular recently, I’ve made sure that gets heard on the blog.
There are a lot of really brilliant people out there who want the best for us but are frustrated seeing us slip, it’s like watching a growing baby repeatedly smash their head into the floor. Very painful to see someone or something you care about go through redundant agony, *especially* in light of all the turbulent, horrible experiences lately.
More insights re: priorities in this forum post by Kelly Linden:
http://forums.secondlife.com/showthread.php?p=1292330#post1292330
PlayNoEvil Game Security, Game Cheating, Gold Farming and RMT News & Analysis
Oct 3rd, 2006
Yet another Denial of Service Attack on Second Life
Second Life continues to suffer from serious denial of service attacks. There was another one yesterday (Monday), according to Tony Walsh at Clickable Culture. This comes in spite of Linden Lab’s claim to focus on improving security.
Game developers ne
Virtual Worldwide Crash Takes Down Second Life | The Alphaville Herald
Apr 29th, 2010
[...] an over-eager system administrator jump the gun – or is this a case of emergent player behavior? For a problem of this magnitude let us hope for some sort of public explanation once the Lab puts [...]