by Pixeleen Mistral on 20/08/10 at 12:44 pm
Developers of the Emerald Second Life client appear to have used their viewer to launch a distributed denial of service (DDOS) attack on the website of Hazim Gazov – a prominent critic of Emerald – after Gazov claimed the Emerald client was leaking potentially user-identifying information when rendering Second Life avatars. The DDOS attack took advantage of the large number of Second Life players that currently run the Emerald client, although how much longer Emerald will remain popular is an open question.
Whenever an Emerald user logs into Second Life, they are presented with a login screen from the modularsystems.sl web site at http://www.modularsystems.sl/app/login/. After Mr. Gavov noticed his web site performance had slowed, it came to light the Emerald login screen at modularsystems.sl contained a number of hidden links to images and a dynamically created page on Gazov’s iheartanime.com site. These links can be found in the Google cache for the emerald login URL from August 9th. The same 32 links can be found in the Bing cache from August 17.
Bing.com cache: August 17
Gazov told the Herald he saw 16,541,673 page hits referred by the Emerald login pages over three days – or approximately 170,000 logins per day.
This presents a serious problem for Linden Lab, the creators of Second Life.
With an estimated 20 – 30% of Second Life’s players running the Emerald viewer it is an open question whether Linden Lab can control the questionable behavior of the Emerald developers without risk of alienating a significant portion of the declining user population. At the same time, players are unlikely to be pleased their computers were hijacked to DDOS a website without their consent. None of this is good news for Second Life – Linden Lab recently fired 30% of its staff in a round of cost cutting measures.
While it is difficult to understand how this could have been innocent fun, Emerald spokeswoman Arabella Steadham got in touch with her inner Bagdhad Bob and claimed that secretly hijacking Emerald users’ computer and bandwidth to attack a critic’s web site was simply "shenanigans".
Ironically, some of the hidden iframe referrals in the Emerald client login page were pointed to the images Mr. Gazov used to illustrate the Emerald client’s ability to disclose user-identifying information about Second Life playes running the Emerald client – a revelation that led to the resignation of Emerald developer LordGregGreg last week. In response,
Bagdhad Arabella Ms. Steadham announced that recently fired Qarl Linden had joined the Emerald team last Sunday.
The pattern of damaging revelations immediately countered with a cheerful announcement of ex-Linden signups for the Emerald team continued today when Ms. Steadham announced Data Linden was joining the gang.
Apparently the Emerald developers took things a bit more seriously than Hamlet – or perhaps stealth denial of service attacks are just a normal part of the new media landscape. In any case, surprisingly cozy relations between ex-Lab employees and the Emerald viewer developers do not seem likely to reverse the fortunes of struggling metaverse service provider Linden Lab.