Emerald Developers Publish Naughty SL Client Catalog

by Alphaville Herald on 05/03/10 at 7:24 am

Onyx project goes public with copybot client reviews

by Pixeleen Mistral, National Affairs desk


The Emerald developers have gone public with Onyx – a previously secret project to catalog and potentially fix exploits in various unofficial Second Life viewers.

In a blog post at the ModularSystems web site, Mr. Fractured Crystal states  "These
viewers generally remain private, closely guarded and shared either with
close friends or for a significant fee, the reason being that exploits
are quickly identified and neutralized when released in a public manner.
result of this is that nobody can be sure of the capabilities of these
viewers, information posted on blogs and forums is woefully inaccurate
at the best of times, and even more often misinformation spread by those
who want the public to remain in the dark."


Will naming and shaming rouge viewers developers cut down on content theft and sim crashes in Second Life – or will Onyx act as a consumer guide to unofficial viewers with certain capabilities that Linden Lab does not sanction? Expect to see some controversy over what is likely to become a counterpoint to Linden Lab's official third party viewer list.

26 Responses to “Emerald Developers Publish Naughty SL Client Catalog”

  1. User

    Mar 5th, 2010

    LOL…They went *pubic* with Onyx

  2. Kae

    Mar 5th, 2010

    This Onyx project is such a joke.

    It’s interesting that the two most-used, and most-hated viewers of the Emerald team (the NeilLife-based viewers) are ones said to IM username/pw combinations to accounts, though this is just conjecture and Neil doesn’t even have stable accounts in SL. There is also the smear campaign being run against NeilLife that has been touted by these same people at http://neillife.com/.

    Note also that the malicious viewers developed by Emerald devs, such as CryoLife, vLife, and PhoxSL are all written off as being “obsolete,” and this Onyx project doesn’t “name and shame” its own staff by the cop-out of saying “well, they aren’t ACTIVELY” developing them. They also don’t release the information on the private viewers that came after those so-called obsolete viewers such as Cryo’s Sapphire viewer.

    Gee, it’s almost like with the release of Skills Hak’s Gemini CDS, that there’s a motive behind trying to smear these alternative viewers– oh except the ones run by Emerald Devs, because they aren’t under “active development” right now. This will fool them.

  3. Kinoko

    Mar 5th, 2010

    I like Closed source clients like Chocolate Life, and SecondLife professional Edition Personally more, because they give so many more features than Emerald does, and That is why I no longer use emerald. Back when SLPE became open sourced I was really angry, and still am because someone betray us users of it, I know it was not me,And since everyone knows Ill talk about it.

    SLPE has a better radar than emerald does, Allows instant look at of people playing sounds, or griefing Region wide, EVen across multiple regions, Which makes it better than Emerald. SLPE also has asset ID Window, Which allows you to open any sound, or preview any sounds griefers maybe using on your estates, again making it better than emerald.

    As far as asset viewing Technology I LOVE IT!!! I dont Steal with it, never have, But I absolutely Love SLPE, and closed source viewers for reasons they have SO Much more than emerald will, because they put everyone on a leash and say It can be used to grief, We dont give you it. Totally Dumb in my opinion, So I will continue to support closed source viewers, and their creators Fully Under the Freedom OF Information Act. Its not their fault peopel choose to steal with them, and We all Deserve the right to use whatever we want as long as it does not harm another resident in secondlife in any way.

    This is why I like Closed Source Viewers, Yes People IF Open sourced will illegally use them to commit theft, and that is why they dont open source them, unlike other people who Think its funny to do, they are suppose to be kept private for a reason.

  4. Alyx Stoklitsky

    Mar 5th, 2010


  5. Nelson Jenkins

    Mar 5th, 2010

    That was a stupid move. A phonebook for 1337 haxx0r third-party viewers? Good work. I can see the hordes running off to Google now.

  6. Patasha Marikh

    Mar 5th, 2010

    Well all in all, I don’t like any 3rd party viewer that depends on open jpg libraries, whether ubercool ha>

  7. Otto

    Mar 5th, 2010

    What does the Freedom of Information Act have to do with it? The FOIA details the rights of U.S. citizens to access documents under control of the federal government of the United States with certain specified exceptions. It doesn’t even apply to individual state or local governments. I don’t think Second Life or Second Life based viewers are covered.

    As far as the right to use whatever software you want, yes you can, but LL has the right to limit what can be used to access their servers. Their ability to limit the viewers that can access SL seems to be limited and the wisdom of limiting access to certain viewers is a whole other question.

  8. NebulaCS

    Mar 5th, 2010

    I think the list is A – ok all if not most of these clients are dead and um the emerald team saying all the shit they made is defunct is true. so yeah they are hippocrits but most of the lolzy shit in viewers came from emerald team they can take it away. back when i made my viewer i ripped most of the spam and object stealing functions from vlife, kore, riv and a couple others.

  9. oh murr

    Mar 5th, 2010


  10. General Drama

    Mar 6th, 2010


    Posted by: oh murr

    More properly described as privately distributed. You need to pay attention to what particular open source license original code is released under. For instance, an MIT license is distinct from a GNU license and has different provisions for your ability to keep your own code private and closed.

  11. Thomas Shikami

    Mar 6th, 2010

    It’s odd though. Faron Karu and me have stable accounts in SL. This should give to think why there’s something fishy about the list.

    On the other hand, those who know about what happened between the Emerald team and me can see, why I am listed. Any attempts to show I am not involved in fLife are ignored.

    Also it’s sad that people like Darling Brody jump on the libel train and ban everyone they can see on the list.

    Thank you very much onyx team for your retaliation and ruining my virtual identity.

    You can read my statements at http://drop.io/onyx_ts

  12. Alyx Stoklitsky

    Mar 6th, 2010

    Also I must say it’s a pretty rockin’ business model for the emerald devs to write a bunch of copybot clients, abandon their development and go legit, and then charge $3 a month for a system to detect people using their old clients and clients based on their code.

    Even better than Sion’s model!

  13. Tuomy Boa

    Mar 7th, 2010

    Kind of ironic thinking that LordGregGreg (One of head developers of emerald) is personally responsible for inventing many of the griefer tools used today

  14. vince braver

    Mar 7th, 2010

    Everyone in SL is a griefer behind closed doors.

  15. Baloo Uriza

    Mar 8th, 2010

    @Kinoko: Given that the SL viewer’s code is GPL to begin with, unless SLPE and other closed source viewers were written from the ground up with 100% original code, then technically, those “closed source” viewers are, in fact, pirating open source software (and thus defrauding you by selling you a stolen product).

  16. Thomas Shikami

    Mar 8th, 2010

    @Tuomy Boa: The main heads behind onyx are Lonely Bluebird and Fractured Crystal.
    If you want to know about LordGregGreg’s affiliation with that project, ask himself.

    Alyx Stoklitsky: CDS is scripted and programmed by Skills. She doesn’t let anyone see that code. Additional people that I know who handle appeals and have access to the internal CDS IRC are Ash Qin and Lonely Bluebird. They also have limited query permissions against the database.

  17. Dean

    Mar 8th, 2010

    How does this shame the content thieves? Isn’t this likely to have the opposite effect and make these people legendary for their badass hacking skills?

    I mean think about it. . . In a game like this, what’s the difference between a wanted poster and a rogue’s gallery?

  18. Admiral Awsome Face

    Mar 8th, 2010

    Funny they don’t put the one actively maintained griefer client on there (onxy) that they still develop and have made. Nice new name spoof phox the little <3 thing is lolzy.

  19. K.T.D.

    Mar 12th, 2010

    “… but LL has the right to limit what can be used to access their servers. …”

    Yes they do. They also have the right to access data about your PC that identifies it.

    I’ll even agree that people also have a right to limit what can be used to access their land. BUT…

    Skills is NOT a Linden Lab employee, right? Here’s my question:

    Skills will not, of course, say exactly WHAT data is being collected or how. If someone had used a client on the CDS “bad list” ***in the past***, even for testing purposes or just out of simple curiousity, then what is it that gives her CDS and it’s users the right to rifle through our PCs using whatever methods she found that are able to detect it without first employing a system of asking for consent to be scanned before entering the area?

    The TOS allows Linden Lab to collect data on our hardware and PCs. We consent to this when we sign up and log in. I do not recall that consent extending to any third parties. Because of this lack of user consent the system may run afoul of privacy laws in some countries, and Skills refuses to disclose how it works. Therefore we have no way of knowing other then simply placing our faith in the one and only person allowed to look at it’s internals?

    Now, if the system were only able to detect current use of an undesirable client on an active avatar, but not past use when an avatar encounters it in the official Linden viewer I would feel more secure about this system being used. When you get into detecting past use, especially when a “clean” avatar is logged into Second Life from a computer that a “bad” client was used on with a different account, this means one of a few possible things to me:

    1. The system is using some method of looking at cache data, or other files stored on a user’s system without consent. This violates privacy laws in some countries, and thus is in violation of the TOS.
    2. The system’s developer has something to do with the clients it is meant to detect, especially the ones that send out information about it’s use, and is using information obtained from these clients to identify not only the currently logged in avatar but all others using the PC. Again, these programs are sending data to a third party without disclosure and are in violation of the law in at least a few countries.

    In the case of #1: Nice tricks, but you’re breaking the TOS and the law. The system needs to be modified so that consent to search is given.

    In the case of #2: Fraud is being committed as well as violating the laws of several countries SL is available in.

    LL needs to step up and demand that those who employ CDS on their land disclose their usage of CDS in the beginning of their search descriptions so that SL users can make an informed decision about whether they wish to allow the Gemini CDS to be looking at their data before teleporting in AND require that the CDS display a dialog to accept the scan before initiating it, teleporting the resident back where they came from if they decline.

    Alternatively, Skills could always prove that the CDS is not up to no good by opening up the code and allowing it to be freely inspected. Oh wait, that might cut into the profits that paranoid fashionistas are dumping into renewing their subscriptions.

    As usual, SL Fashionistas and snotty builders that think everyone wants to steal their statues drag a world of bullshit onto the grid in their anti-copybot hysteria. If we applied their logic to real life, well…

    Anyone with a car capable of driving above the posted speed limit on the highway is guilty of speeding, and thus should be subject to revocation of their license imposed upon being located in the presence of said motor vehicle regardless of ownership, because they might break a window and steal it.

    Smells like the same bullshit that drives sales of the CDS to me.

  20. lol

    Mar 13th, 2010

    the only reason the emerald devs released this info was because of their carelessness

    somehow the INF team who have been cracking all these private viewers like neillife private and HXO have gotten hold of the source code for the onyx viewer


  21. concerned

    Mar 13th, 2010

    This alone shows how messedup LL is these days

  22. [...] with broad based appeal, others cater to the desire copy copy without permission – and so the copybot client wars rage [...]

  23. Erpep

    Apr 4th, 2010

    Fortunately these Stupid US laws don’t arrive to my country. Oh! sorry I can do as I please with SL clients.
    So if LL can rob the rights and REAL MONEY of people inside SL, then talk of a real DELICT, therefore we can pay with the same coin to LL, outside US of course, In my country these kind of facts which LL continuously is doing, here means a beautiful JAIL to Mr. Linden, because here the people still have Rights, and we’re protected of THIEVES.
    Linden you don’t worry, you can’t imagine how many people just in my country is using Neil’s, HXO’s clients or something else, please create new things in SL if not we can’t copy, hahaha.
    K.T.D. – HAHAHAHAHA you must learn a lot of things yet, poor child!
    Wake up stupids, each of things designed in SL becomes LL property, therefore only them, only LL will get real money.
    *Sorry my poor English

  24. K.T.D.

    Apr 4th, 2010

    Poor is an understatement… There is no “Mr. Linden”… What drugs are you on?! I’ve seen freak bitches on E make more sense. Damn. XD


    May 6th, 2010

    Yo, I wrote the book on griffin…

    I am an ex linden employee…They hired four people just to keep me from the game. I use my own client i made called SLSOLDIER in which i leave in all 123 selective “enhancements” to the game so you can decide which exploit you want to be famous for before that avatar is banned! Also my client can change the incoming amount of lindens as you receive them, i.e. from 10L to 1000L with a click. There are many moar tricks in the client which will continue to make Lindens, Mark-Tori-Thom-Lisa and Ben all shit their pants for years to come!

    I think all of us should go take a giant virtual poop on the linden land as often as we can….see my blog for insights and details.

    FUK EM


  26. JuanFra

    May 11th, 2010

    (En otro foro anglófono me han borrado el mensaje sin explicación alguna. La única norma que rompe mi mensaje es decir la verdad –que debe de ser considerado algo muy grave y peligroso, por lo visto–. Esto me ha decidido a informar de su existencia a varios medios, así como a publicarlo en otros medios de Internet por si acaso, para que todo el mundo conozca esta realidad cuanto antes. Además, lo amplío más cada vez que me sea borrado, pero siempre en el siguiente foro.)

    Hay una explicacion muchísimo mas sencilla sobre cómo funciona el CDS. Si aplicamos la navaja de Occam seguro que muchos estarán de acuerdo en que es la más probable:

    La mayoría de los visores con funciones ilegales han sido hechos por el mismo equipo de hackers aparentando ser distintas personas (incluso peleadas entre ellas, para dar más veracidad al engaño). Estos hackers venden sus visores ilegales trucados y con dichos visores, además de sacar el dinero a la gente en la venta, sin que ellos lo sepan les toman sus datos de nombre de avatar y password al conectarse (es extremadamente fácil de hacer y todos recordarán la cantidad de comentarios que se han leído en los foros acerca de que al conectarse siempre fallaban la primera vez con cada avatar nuevo, misteriosamente) :) Estos datos van directamente a la base de datos que hoy se usa en el Gemini CDS, junto con el nombre del visor utilizado y alguna que otra información más.

    Después este mismo equipo finge haber inventado un gran sistema de detección de visores ilegales (como el CDS) y cobra dinero también por utilizarlo, así como cobra dinero por quitar de esa base de datos los nombres de quienes lo paguen (sin hacerlo público, claro). Por cierto, en esa base de datos hay mucha gente que jamás ha usado un visor ilegal, pero que ha sido incluída ahí por Skills Hak para perjudicarlos por ser competidores peligrosos o gente de la que se quería vengar; como no tiene que demostrar nada puede hacerlo cuando le venga en gana. Es decir, es todo un negocio pensado así ya de antemano desde el principio. Un negocio que LL debería abortar ahora mismo si es que no tiene nada que ver con dicho negocio.

    De ese modo es fácil comprender por qué y cómo los nombres están en esa base de datos y por qué puede saberse de antemano cuáles son todos los alters utilizados por la misma persona y por qué esa persona queda baneada automáticamente a través de cualquiera de sus nombres de avatar, aunque ya no utilice nunca más alguno de los visores ilegales por los cuales averiguaron sus datos.

    Los expertos en estos temas aquí sabrán que lo que he dicho es muchísimo más fácil y simple de hacer que cualquier sistema de diálogo HTTP interno mediante scripts hacia el parcel multimedia :)

    Por cierto, he podido comprobar que una de las cosas para las que sí que funciona realmente el CDS es para enmascarar cualquier labor de copia ilegal que Skills Hak quiera realizar con su script en el terreno de quien lo instale (y tambien con bots no necesariamente en el mismo terreno) :) El aparato permite copiar libremente al disco duro de Skills Hak y sus secuaces (Ash Qin, LukaStar Mattercaster, Cinndreia Messmer, GEMINIbot Inventor, Lonely Bluebird, Fractured Crystal) todo lo que se halle en el terreno que lo tenga instalado, constantemente. Incluso cualquier cosa que se ponga después. Además, también permite que algunos visores ilegales fabricados por ella puedan conectarse a ese terreno sin ser detectados ni por LL. ¡Menudo negocio han hecho los dueños de tiendas dejándose engañar por hackers! :-D DD Les está bien empleado por creer ciegamente en algo que jamás les han mostrado ni demostrado y que encima perjudica a sus clientes actuales y a todos sus clientes potenciales.

Leave a Reply