Emerald Viewer Login Screen Sneak DDOS Attack?
by Pixeleen Mistral on 20/08/10 at 12:44 pm
Developers of the Emerald Second Life client appear to have used their viewer to launch a distributed denial of service (DDOS) attack on the website of Hazim Gazov – a prominent critic of Emerald – after Gazov claimed the Emerald client was leaking potentially user-identifying information when rendering Second Life avatars. The DDOS attack took advantage of the large number of Second Life players that currently run the Emerald client, although how much longer Emerald will remain popular is an open question.
Whenever an Emerald user logs into Second Life, they are presented with a login screen from the modularsystems.sl web site at http://www.modularsystems.sl/app/login/. After Mr. Gavov noticed his web site performance had slowed, it came to light the Emerald login screen at modularsystems.sl contained a number of hidden links to images and a dynamically created page on Gazov’s iheartanime.com site. These links can be found in the Google cache for the emerald login URL from August 9th. The same 32 links can be found in the Bing cache from August 17.
Bing.com cache: August 17
Google.com cache: August 9
Gazov told the Herald he saw 16,541,673 page hits referred by the Emerald login pages over three days – or approximately 170,000 logins per day.
This presents a serious problem for Linden Lab, the creators of Second Life.
With an estimated 20 – 30% of Second Life’s players running the Emerald viewer it is an open question whether Linden Lab can control the questionable behavior of the Emerald developers without risk of alienating a significant portion of the declining user population. At the same time, players are unlikely to be pleased their computers were hijacked to DDOS a website without their consent. None of this is good news for Second Life – Linden Lab recently fired 30% of its staff in a round of cost cutting measures.
Emerald spokeswoman Arabella Steadham
While it is difficult to understand how this could have been innocent fun, Emerald spokeswoman Arabella Steadham got in touch with her inner Bagdhad Bob and claimed that secretly hijacking Emerald users’ computer and bandwidth to attack a critic’s web site was simply "shenanigans".
Ironically, some of the hidden iframe referrals in the Emerald client login page were pointed to the images Mr. Gazov used to illustrate the Emerald client’s ability to disclose user-identifying information about Second Life playes running the Emerald client – a revelation that led to the resignation of Emerald developer LordGregGreg last week. In response, Bagdhad Arabella Ms. Steadham announced that recently fired Qarl Linden had joined the Emerald team last Sunday.
The pattern of damaging revelations immediately countered with a cheerful announcement of ex-Linden signups for the Emerald team continued today when Ms. Steadham announced Data Linden was joining the gang.
Meanwhile, former Linden Lab staffer Hamlet Au filed a nearly incoherent report today, after playing off recent Emerald indiscretions last week as "an academic or highly conjectural coding issue".
Apparently the Emerald developers took things a bit more seriously than Hamlet – or perhaps stealth denial of service attacks are just a normal part of the new media landscape. In any case, surprisingly cozy relations between ex-Lab employees and the Emerald viewer developers do not seem likely to reverse the fortunes of struggling metaverse service provider Linden Lab.
II Singh
Aug 23rd, 2010
The fact that they showed no remorse for their actions in the interview and tried to minimize that incident’s importance seems to me to be a clear indication that it is business as usual for whatever these butt-heads want to call themselves.
Another clear indication of the cluelessness of these tards was their keeping of Phox on the team.
Their sincerity is HIGHLY questionable.
The one that cracked me up the most was Arabella’s little emotional scene over how distraught she was over being pilloried by the net community for “her team’s misbehavior”. Okay I could accept that as true but then she climbs back into the saddle after (an emotional moment of her taking her pail and shovel and going home). Wait a minute….. so the experience was traumatic with this heat turned on you from the SL community and you want to go back to work doing the same thing after “quitting”. Something smells bad here and for once it isn’t me.
Emerald Viewer Mutiny – Fractured Crystal Thrown To Sharks | The Alphaville Herald
Aug 23rd, 2010
[...] stared with revelations that the viewer was being used for a distributed denial of service attack on a rival web site – an attack that accounted for approximately 800 gigabytes of traffic on [...]
Bubblesort Triskaidekaphobia
Aug 23rd, 2010
@ Nelson: IDK if the file is actually from FC or not, and I don’t know that any of it is real, but I am looking it over. The file from leaks scanned clean, so I started opening things in wordpad and found all kinds of interesting stuff, like an Anshe Chung prostitution card.
More interesting, though, is a conversation between Fractured Crystal and Angela Talamasca. I think this is right after FC had neil’s blog taken down. FC was complaining about Angela posting criticisms of Emerald’s export features in her blog. You can feel the megalomania building up in this part of the conversation:
[2009/11/10 20:23] Fractured Crystal: afaik we are and have done a hell of a lot more about shit like cryolife and neillife and vlife and insert-name-here-life than anyone else
[2009/11/10 20:23] Fractured Crystal: not LL, not you
[2009/11/10 20:23] Fractured Crystal: so who the hell are you to come in here and say these things
[2009/11/10 20:23] Fractured Crystal: its cruel
[2009/11/10 20:23] Fractured Crystal: do you know what i spend my day doing
[2009/11/10 20:24] Fractured Crystal: every fucking day I come on here and keep this whole thing from falling apart
[2009/11/10 20:24] Fractured Crystal: you treat us like criminals when we have done and will continue to do more than you ever will
[2009/11/10 20:24] Fractured Crystal: its not right
About that blog post Fractured wrote titled “absolute power corrupts absolutely”… I’m starting to think he actually believed that he had absolute power. Not just over Emerald, but over SecondLife.
If this notecard is true (I don’t know if it is or not), the entire Emerald dev team seems damaged in one way or another. Fractured seems like some megalomaniac, Arabella looks like she has aggression issues and Jessica might be depressed… or maybe she’s fine, IDK… anybody in her situation might break down like that.
Nelson Jenkins
Aug 23rd, 2010
@ Bubblesort Triskaidekaphobia
Looks like it. I’ve been going through snapshots and notecards and whatnot, and if this isn’t FC’s inventory, whoever it is had a real big interest in him.
Teenage Kicks « Second Life Shrink
Aug 23rd, 2010
[...] into a lather of righteous indignation over some utterly trivial “outrage”. I know that clandestinely co-opting your customers into a DDOS attack against a rival developer, or secretly building a vast database of your users’ IP addresses, is thoroughly [...]
“La guerra dei viewer” Emerald rimosso dall’elenco dei viewer accettati « VIRTUAL WORLDS MAGAZINE
Aug 23rd, 2010
[...] per fare un attacco informatico ad un sito web concorrente (meglio spiegato da Tateru qui) e ancora qui . La cosa grave di questa attività è che non è solo contro i TOS della Linden, ma anche [...]
Mystic
Aug 24th, 2010
ok, I can see dealing with the programmer that did the coding. I can also see fining the emerald development company. but banning it?, I think they should give the choice to the developer. either deal with the little runt that created that code in the program or LL will and if LL has to then obviously the development team does not have the moral standard to continue and another should take its place. but most people switched to emerald when they went to viewer 2, which in my opinion is the dumbest move LL could have made. it makes no sence, I mean come on I have to find the AV that is screaming in my ear and then go through and try and get to the volume menu of that particular av, no the old way was much better, viewer 2 is a prime example of LL fixing something till it is broken. yes if emerald did something wrong then it falls back on the development team, but it should fall back farther than that. so a message to LL quit wasting our screen space with useless shit that blocks huds and all kinds of stuff and give users the choice, use the old style UI or the new one. its not that damn hard. give us the features that emerald does and I am sure people will flock back to your viewer, but so far all of the 3rd party viewers I have seen are blacklisted. you have to learn that any tool or feature has no morality. instead its moral purpose is determined by the person using it. just like the scaple, very good when used by skilled hands to save your life. but give it to a thug and the same knife is very bad
you can not protect people from other people. ok I am done with my rant…
Kiddoh
Aug 24th, 2010
Oioi~ I may have to agree with some of these people. It would be rather hypocritical for me to try and have everyone involved with Emerald banned. Sure, some people may have been in on it, but the punishment should only go to the person who made the gun and pulled the trigger.
Sure, Emerald caused the entire WU group to get banned including a lot of innocent people, but we shouldn’t be stooping to the same level as people who we would classify as criminals.
We’ve been saying over and over that Emerald needs transparency. Well, so do we. We should all be setting good examples, not just the people on the other end of the stick.
Nelson Jenkins
Aug 24th, 2010
@ Kiddoh
Enough.
With.
WU.
It’s.
Over.
Patasha
Aug 24th, 2010
Philip just posted on the official blog, Naming Emerald and saying without qualificatin it as a Denial of Service attack. He also “invites” Emerald users to change to a different viewer as LL decides the fate of Emerald.
http://blogs.secondlife.com/community/features/blog/2010/08/24/malicious-viewers-and-our-third-party-viewer-policy
PIX!!!! we need a reporter on the scene!
Aulderbane
Aug 24th, 2010
So the Emerald viewer got banned from logging in? I can totally understand that. Hell, everyone I knew was bailing from it in the first place when they heard what was involved. Imprudence, Kirstens, and even LGG’s new Emergence viewer is an option if you don’t want to deal with 2.0
Nelson Jenkins
Aug 24th, 2010
@ Aulderbane
No, but Philip just officially announced that it might be if Arabella doesn’t stop lying and fucking her customers over.
Aulderbane
Aug 24th, 2010
I admire Philip’s patience in this situation. I hope he saw the show from Sunday night, somehow.
Patasha
Aug 24th, 2010
@Nelson -
I publicly apologize to you. Even though I didn’t say anything negative, I have to admit that I was having doubts about the validity of your sources. I know stand ready to admit.. You sir are truly awesomely FIC!!! (*giggles*) Thanks for the updates over the weekend.
General Drama
Aug 24th, 2010
Great to see Philip showing some leadership on this. Now it is time for Philip to publicly acknowledge Woodbury was banned and sims seized on fraudulent reasons and to make restitution.
had enough
Aug 24th, 2010
What does this all mean?
“We have removed Emerald from the list of third-party viewers, and are now in touch with the Emerald team to discuss what can happen next. We did this to do our best to protect the safety and security of Second Life users. We will not tolerate a viewer that includes malicious code, nor will we tolerate development teams with a history of violating users’ trust or disrupting their lives.”
Nice start, now do something about it. I can see the emerald people lied about the emerald team removing the emerald viewer from the TPV list. What else have they lied about?
“We take privacy, safety, and security very seriously, and we will act to the best of our abilities to protect it. We have not yet disabled logins via the Emerald viewer, but will do so if we feel the software and the team behind it is not able to meet the standards we’ve set.”
Oh really? then why is cds and redzone allowed on the grid? Or for that matter, why is emerald still allowed to log in?
“We will not tolerate a viewer that includes malicious code, nor will we tolerate development teams with a history of violating users’ trust or disrupting their lives.”
Ok again why are you allowing a viewer whose “development teams with a history of violating users’ trust or disrupting their lives” to still log into SL?
” If you have been using the Emerald viewer, for now we would encourage you to consider either one of the Linden Lab viewers, or an alternative third-party viewer.” Finally Phillip Linden said something that made sense.
The fact that they are still allowing the emerald viewer to log in, even after Linden Labs acknowledging there was a DDOS attack using code placed in the viewer, stinks of lip service and that the Lindens are just going about the motions of pretending to care.
If the Lindens were going to ban this, they would have already.
Put some actions behind your words if you want to show how much you care.
Aulderbane
Aug 24th, 2010
Considering the raw numbers of Emerald users, sending out what I see as a ‘GTFO Emerald’ notice is a good first step before banning the viewer. If emerald -really- want to do something else malicious in the small window of time they have to be used, it’ll just seal their coffin.
This just gives everyone a chance to get off, and onto another viewer of their choice. I would not have been surprised if it -were- to be banned first thing Monday, but I c an see why it hasn’t as well.
Kiddoh
Aug 24th, 2010
@Nelson: Learn to read, dumb-ass.
Nelson Jenkins
Aug 24th, 2010
@ Kiddoh
I did, way back in kindergarten. Want to point out where Philip said Emerald WON’T be banned?
Kiddoh
Aug 24th, 2010
@Nelson:
You should go back to Kindergarten! 8D
My post was directed at all the bloodthirsty hounds jumping to conclusions and painting everyone with one gigantic brush and the hypocrisy of people demanding transparency from Emerald and not providing the same in return for Emerald which may have people who could very well be innocent.
I know very well that WU is NOT coming back to SL. Even if they gave us back all our sims and unbanned us, the most we would do is drop our lawsuit. We have other fish to fry.
And it’s great that Emerald is getting what it deserves, but let’s not get ahead of ourselves.
Serendipity Seraph
Aug 25th, 2010
So bottom line is that whoever maliciously used http in this way is to blame? Rather a heavy handed response to band an entire viewer for this.
And there was that hysteria about IP address associated with SL creds being collected. May I point out that your IP addr is part of fundamental low level net messaging undergirding everything on the net? Many apps on the net automatically log IPs or use them to know who the likely user is and we think nothing of it. Going from IP to actual iRL person is hard unless traffic associated with that iRL name is found and exploited to gain that or a public DNS record (static IP holders only) has it or an ISP colludes with a 3rd party (that would truly be a VERY BIG DEAL).
So yeah, putting extra links that banged on some site in the sign on was wrong. But it shouldn’t be hard for the Emerald folks to track who did that and take appropriate action against that person. T
john doe
Aug 25th, 2010
If they can do thiis what else will they do?I say ban them 4 good…
Philip Linden warns users off Emerald « Starflower Bracken's Blog
Aug 25th, 2010
[...] Bracken I had no idea that the Emerald developers had been crazy enough to get involved in an illegal Distributed Denial of Service (DDOS) attack on a rival website, hijacking innocent users. Even though it apparently failed to [...]
Josh Susanto
Aug 25th, 2010
Let me tell you the almost inevitable ending to this little drama, which is Aaron-Spelling-level predictable, IMHO…
One way or another, Emerald will eventually be added back to the list of Linden-approved third-party viewers, but the ability to temporarily load texture data for free will be GONE.
You know why… am I right?
Nelson Jenkins
Aug 25th, 2010
@ Josh Susanto
nope.avi
Alex
Aug 26th, 2010
Ever occur to anyone that the so-called “ex” Lindens were placed on the team by LL as moles? Perhaps LL grew sick of the drama and thought it might be best to reign in the Emerald staff a bit so “made available” two Lindens who’s creds and experience would be a real feather in Emerald’s cap.
Yeah, conspiracy paranoia but certainly possible. Especially since all this crap became public and the shakeup happened after Q. Linden joined them and progressed even faster after D. Linden came aboard.
Today, Emerald totally knuckled under to LL and allowed them to call the shots on developement BUT said they couldn’t tell us what changes LL asked for. Transparent, huh? So much for honesty from Emerald and LL.
http://blog.modularsystems.sl/2010/08/25/ll-requirements-for-emerald/
LordGregGreg Back took a lot of heat for calling Emerald down and quitting the team. But since every damned thing he talked about (and a few things he didn’t) came out in the wash as true, think it might be best if Emerald team invited him back. At least we’d know one of the team has integrity
But what with Emerald crawling in bed with LL, I wouldn’t blame him if he point-blank refused.
BTW if you have not tried LGG’s EMERGENCE viewer, you might give it a peek. Could be handy to have online as a alternative to Emerald and Imprudence..
LRU
Aug 26th, 2010
emerald is not useful. it’s got features that are about as useful as twitter. the people running it aren’t the greatest either.
Yet another Emerald blog post | sweet f.a.
Aug 26th, 2010
[...] code in the Emerald log-in Screen to launch a denial of service attack on another’s website. The Alphaville Herald covers the [...]
IMMMBACK
Aug 27th, 2010
I never see less than 50% of emerald users
Is LL scared?
Nelson Jenkins
Aug 27th, 2010
@ IMMMBACK
http://www.youtube.com/watch?v=gvdf5n-zI14&feature=fvw
Kabalyero Kidd
Aug 28th, 2010
Downloaded, installed and ran Emergence Viewer as well. It’s pretty quick in loading images/textures in-world.
Yep
Aug 28th, 2010
“I never see less than 50% of emerald users
Is LL scared?”
Stupid is more like it. See Phillip Lindens little post about how they care about security and will not tolerate a malicious viewer was nothing but a talking doll. You pull his string and he says some recorded message over and over again.
If he really cared about security and all the other empty cares and concerns his talking doll talked about, emerald would have been blocked from logging in the first time they pulled their stupid stunt.
Since you do not find out most malcious attacks until after they happened, I wonder what their next little stunt is going to be?
Hack into peoples stored passwords on their computer and drain bank accounts or what ever.
Pulls Phillip Lindens string again to hear him talk. ” yep, same empty words”
had enough
Aug 28th, 2010
Are you kidding? The fur fags are up to their little games again.
http://emeraldviewer.net/forum/index.php?topic=4199.0
Here they are asking people to reinstall the file Linden labs told them to remove. So instead of it being their viewer that is bad, they can say people just added this bad emdku and that they did not include this in their viewer.
How is that for shifting the blame onto the user now?
“You can get a new emdku from:
http://emeraldviewer.net/box/EMEXT_WIN.exe
or
http://emeraldviewer.net/box/EMEXT_WIN_OLD.7z
Both files are the same, one is a self extracting archive, just point it at your Emerald installation.”
Ban this Client and tack their worthless fur fag hides to the wall. The Emerald Dev. will never learn.
Korpov
Aug 28th, 2010
“Phox
Re: EMKDU vs LLKDU – HELP?
« Reply #8 on: August 26, 2010, 09:00:00 pm »
They told us emkdu.dll violates the GPL licensing on the viewer and therefore we cannot distribute it with the viewer.
Since an end user cannot violate the GPL in our name, offering it as a standalone download could not possibly be in violation of any license.
To be honest, Linden Lab is just trying to kill Emerald right now.”
Inb4LLbansEmerald
Jayd3n
Aug 28th, 2010
Grid Update.
I have been watching Emerald over the last week since this has happend, and I could not agree more than they are up to no good. They simply removed the EMKDU, so they can play like they obey all Linden Lab rules, however they are offering it a seperate download. I also could not agree more that Emerald Furries are FurFags, while I have a lot of furry friends, and I really do love them, they are kind sweet little furries compared to the rude ones I have met from Emerald, who are nothing more in my view than the Antichrist at decieve people.
Also the Emerald Point simulator is now near Insilico, I wonder why?
It is also said that Skills Hak was made part of the Emerald Team, so that he could put in the Emerald Viewer, a String/Code which sends data out to a server which relays to his CDS ban relay system, and can detect those who are using the Real Emerald viewer, and those who are using the open sourced Emerald Viewer, and that is illegal if the source code does not contain those. I heard that this stuff was being put only in Emeralds release download to the public. (If anyone knows how to verify if this is true, please do so, and expose Emerald more.)
OFF Topc.
Meanwhile the copybot region known as Jungles OF Schendi is now gone from the map, moved,renamed,or deleted, due to their negative reputation because of Smiggles copybot groups and all her friends who moved to a region cluster calld Port Cos, where they will continue to sneak UUID/Keys off of peoples skins, and use them for themselves and their sisters, They have tons of allies/groups helping them, and lying for them, and I have no idea why Linden Lab has done nothing. As for the Region where this all first began called Talbot Isle, I am not sure if the content theft still goes on there, but it is said to because anyone who is checking for stolen content there including myself who had my avatar copy off of me on that region in the past, and once on my own region, they ban us all, and give a bullshit story.
Nelson Jenkins
Aug 28th, 2010
For archival purposes:
http://emeraldscandal.wordpress.com/2010/08/28/phox-instructs-user-to-re-install-emkdu-dll/
A screencap of the full conversation (sans unrelated posts) is also included, since the original topic will probably just disappear within a few days.
TOBSDA
Aug 29th, 2010
http://www.youtube.com/watch?v=5wqsL91Hnf0
LRU
Aug 29th, 2010
hax can’t be trusted
Aulderbane
Aug 29th, 2010
I think it’s pretty safe to say -nobody- in the current Emerald organization can be trusted. They’re trying to fly through all the loopholes they can find to keep themselves from being banned. If someone is doing that, there’s no doubt in my mind they’re not to be trusted. Unfortunately, lack of quick action has led to this.
Nelson Jenkins
Aug 29th, 2010
@ TOBSDA (well, actually, to anyone who doesn’t want to watch the whole hour of footage he just posted)
Here’s a summary, taken from http://emeraldscandal.wordpress.com/2010/08/28/after-hours-emerald-qa-videos/
The basics: most of the developers are now focusing on a v2 derivative (… hooray?), LGG is slightly apologetic, and Arabella happened to be AFK for most of the session, which wasn’t a bad thing because some serious Arabella-bashing went on. Jessica hosted most of the interview.
Some fun facts:
* Jessica claims that the emkdu.dll fiasco was being resolved internally, even though it wasn’t for 6 months. There were a few tough comments that this should have been made public, which were mostly ignored.
* Jessica continues to blame LGG for Emerald’s recent downfall – not the actions of the malicious devs. When told how it wasn’t LGG’s fault, she responded with “fair enough” and changed the subject.
* LGG confirms that anyone can add malicious code into the binaries, despite the use of MD5 checksums (as they could just post the MD5 checksum from the binary itself). Jessica confirms that either she or Arabella will create the checksums.
* Emerald will continue to use OTR (even though for most users it causes nothing but problems).
* Emerald will continue to provide functionality for using xxkdu.dll, however, it won’t be including it in the installer. (Why this functionality will remain in Emerald is anyone’s guess.)
* Jessica states: “As far as malicious code, I don’t know of any malicious code that Phox has done in Emerald specifically… the datamining stuff was not part of Emerald… the DDoS wasn’t even part of code, per se, it was done on an HTML page.”
* A humorous Emerald fanboy pointed out that “every company” performs datamining, even Linden Lab – except he pointed out that the license agreement forces you to give them permission to mine data. (Note: Emerald doesn’t tell you that they mine data, nor do they require you to give them permission to do so.) “It’s not like this was a big major scandal.” The same user goes on to ridicule himself even further by claiming the FBI would be taking down Emerald if they were looking to find real life identities (they were, but the FBI was generally disinterested as they, unfortunately, have more pressing matters), laughingly stating “I work in the security field, I know what I’m talkin’ about when it comes to private protection and people getting arrested for computer crimes,” drowning out the person who had the floor asking a question. Apparently, he confuses “somewhat justifiable datamining for company use” with “malicious exploitative datamining for private use”.
* Jessica confuses Google Analytics (geolocation, IP address, etc. that can be blocked through NoScript) with datamining using a QuickTime exploit through Second Life (that generally can’t be blocked).
* Jessica also agrees that open-source viewers with public code shouldn’t be sold for profit. (Logic!)
* One commentator wishes for people to use the Emerald source code to create “copybot” viewers to legitimately download items for archival and modification purposes (i.e. downloading a skin, touching it up, and re-uploading). Two problems with this: first, such viewers already exist, and second, they are much, much more often used as illegitimate copybot viewers. However, he does point out that switching to the LGPL license will make this more common and may be a problem. (The self-proclaimed “security expert” also manages to bring in a teen grid argument, pointing out that over 80% of items on the teen grid are copybotted, derailing the conversation into a copybot argument.)
* Jessica claims that Linden Lab was working on a server-side algorithm to detect copybotting (i.e. prim creation timeframe flags, massive asset pulls, etc.), however, after the big layoff, the project apparently stalled. A commentator agrees with a bit more detail.
* One commentator explains an asset theft exploit called “object injection”, basically tricking the sim into thinking the object is owned by you, which has not been patched yet. Some other commentators talk of “toasty” exploits, involving copybotting vendors instead of vendor contents, which were quickly patched. (At this point, the Q&A has disintegrated into an unmoderated conversation about copybotting. Within a few minutes, everyone gives their last goodbyes and goes to have dinner.)
General Drama
Aug 29th, 2010
Nice report Nelson. Really folks, who is still deluded into thinking the Emerald team isn’t still up to no damn good?
Kiddoh
Aug 29th, 2010
Oioi~ Emerald, emerald… It really dumbfounds me, this logic of theirs. :<
Dave Bell
Aug 29th, 2010
There’s a new Emerald Beta out, but there was a flame war going on in group IM about how it apparently still installed emkdu.dll, this time with Jessica blaming Windows for recovering it from a Temp folder.
Ouch! If that’s true, there’s no guarantee that it isn’t a hacked version of the Kakadu library. Was there some deliberately sneaky code in the installer that left this Temp folder intact when Emerald was uninstalled, with lurking “bad” code.
In any case, this is why it is a dreadful idea for Emerald to look for an “emkdu.dll”. If it can use “llkdu.dll”, fair enough. If the code is looking for a wildcarded filename, “??kdu.dll”, or there’s a list with “emkdu,dll” still in it, they’re asking for trouble. (No, I don;t know how to write an “aakdu.dll” which opens JPEG files with the colurs changed to a photographic negative.)
I found the Temp/emerald/ folder in my system. Why did a SecondLife.exe get left in it? This little business is beginning to look as straight as a three-dollar bill.
Nelson Jenkins
Aug 29th, 2010
@ Dave Bell
Technically it’s possible that it was an oversight, but if it was, it’s still something that you would expect only from a complete amateur, not from the professionals the Emerald team wants us to think they are. That’s like if a Windows update simply used old files on the basis that they were already in the system32 folder, so why bother checking them?
And yes, it would be a VERY interesting concept if someone ripped the xxkdu.dll and wrote up some sort of drive-by-download hooked into the Emerald login page, which would turn every single Emerald client into a total mess. (I wouldn’t go with negative though… maybe replace everything with child porn or something? Not that I have any.) (Yes, that is a joke, albeit a bad one.)
The fact remains, they’re leaving the xxkdu.dll functionality in the viewer, so obviously they’re just tempting people to download emkdu.dll and install it manually, because they think it somehow doesn’t violate the terms LL set forth, as Phox did:
http://emeraldscandal.wordpress.com/2010/08/28/phox-instructs-user-to-re-install-emkdu-dll/
Dave Bell
Aug 29th, 2010
I don’t think I want to use web-on-a-prim.
Judge Joker
Aug 29th, 2010
@Dave Bell
“I don’t think I want to use web-on-a-prim”
If people are still under the impression Emerald is a singular furrie issue, The technical term would be “fap-on-a-prim”.
SL recap of August 2010 « Daniel Voyager's Blog
Aug 30th, 2010
[...] Emerald Viewer DDOS Attack – 20th August [...]
Emerald Gang Implodes – Viewer Ban Hammer Next? | The Alphaville Herald
Sep 1st, 2010
[...] Emerald gang has been plagued by accusations they were responsible for a DDoS attack on a critic’s web site, revelations of leaking user-identifiable information, high profile [...]
geniusthemaster
Sep 21st, 2010
well ive ive given some insight to the situation here we go again. this sort was a 4chan coo co-op with pn.org( or whats left of them after we fragged the living daylights out of there servers… etc
and those lindens you see before you, are mostly anarchists, and a very large percent of slackers. the remainder are just secretely pn.org spies so as to leak data to the masses. flapping lips sinks titanic ships? we all know it was lindens fault in the first place for not treating as it truly should be at first, a game, a new toy to be played with. when u wrile hackers and anarchists up over nothing and impose laws with weak security. thats asking for it. end of line.