zFire Xue Interview: RedZone is not Spyware
by Pixeleen Mistral on 04/03/11 at 3:26 am
RedZone protects users from 77283 people they have banned plus their alts
The zF RedZone security scanner scandal continues to churn, creating what seems to be a nearly unstoppable epic thread in the SL Universe forums which has grown to over 320 pages (8100 posts) as of this writing. At the heart of the controversy is zFire Xue – the creator of RedZone.
Mr. Xue was gracious enough to consent to an e-mail interview with the Herald. In the interview zFire Xue discussed the variability of Linden Lab’s ToS conditions, his dealings with Patsey and Soft Linden, and his plans for the future.
zFire Xue’s Second Life storefront
Pixeleen Mistral: I understand that Linden Lab has removed your zf RedZone from in-world and also removed this product from the Marketplace. Will you be able to meet Linden Lab’s conditions for reinstating this product?
zFire Xue: Yes Patsey Linden has removed the zF RedZone from the Market 2 times, and from inworld 1 or 2 times. zF RedZone has been removed from the Marketplace a total of 4 times, recently one of those was even by myself. It is back in world, and I am debating on posting to the market, as an issue of paying Linden Labs any fees related to zF RedZone for their assistance.
I have always met Linden Lab’s conditions for keeping zF RedZone llLegal(‘If I may add a joke here’);
Pixeleen Mistral: Has Linden Lab changed the conditions under which you are able to sell the RedZone product? How long have you been negotiating with the Lab on this issue?
zFire Xue: Yes Linden Labs has changed a few conditions. Soft Linden has been in contact with me since 2-9-11. We have spoken about the political issues of zF RedZone and how people interpret policy. Soft Linden came up with the idea of a Consent based system. Of course I was not keen on the idea of limiting information in this way, but a type of "background check" system could still work, just not so well for helping stop contest cheaters in clubs.
Eventually it was "Oh, hey, we removed X, Y, and zF RedZone from the marketplace, you may relist it but you have to add a consent system for displaying alt names, and include an Opt-Out system by Friday." (paraphrased) and "we will be ******** the Second Life Community Standards to prohibit disclosure of Residents’ alternate account names without their consent." (I added a few **** and the word "to" so it protects the grammer of the unnamed Linden and isn’t "disclosing a conversation log". )
So I did that, which upset thousands of people. Not my idea at all.
Then some days later Patsy Linden said displaying alt names at all was forbidden, even with consent.
So all alt name display functions where removed.
Then zF RedZone was delisted by the Lindens because of the Consent system the lindens thought of.
Now using a Consent system is forbidden.
I went off on them for that. It was their idea in the first place, I even asked them to look it over, and further explain the finer points of their requirements. No response. Days later Consent is forbidden.
So I just removed all that, and let everyone know I never offered Alt name displays even if that is one of the functions I included, and enjoyed. I posted a notice here: http://isellsl.ath.cx/madsci/forum/viewtopic.php?f=8&t=561
Explaining just as before http://isellsl.ath.cx/madsci/forum/viewtopic.php?f=8&t=490 That zF RedZone changed yet again to adapt to the ever changing SecondLife™ Terms of Service, but all functions continue to operate as normal, but without displaying alt names. In short it still bans alts of people you do not want, does everything the advertisement says, and a bit more.
Pixeleen Mistral: If you and Linden Lab cannot come to an agreement soon, so you plan to move to an outside-of-SL approach for RedZone using paypal and user-installable scripts?
zFire Xue: I had publicly said that I could move RedZone outside of Second Life if Linden Labs wishes it to leave Second Life. To go to a stand alone website, Open-Space, and others, to a paypal paid membership system that hosts no objects in any world. The problem with that is then it becomes nothing but an alt display gadget, and my existing users would not be safe from 77283 people they have banned plus their alts. (Those are private individual bans not grid bans by the way. ) Many of my own users have asked me to go off world with it, etc. Linden Labs knows that if alts cannot be displayed even with consent by RedZone, many many others will take it’s place and do so.
Thanks to the hospitality of the Lindens I am willing to sit back and let that happen. So Linden Labs can hear from thousands of other complaints, but about someone else for a change. This is me allowing a bigger fire to burn elsewhere so the angry mob can go deal with that and I can get back to my own updates in security.
Pixeleen Mistral: Do you have any concerns about the RedZone database being compromised with suspect data if you moved to a user-installable script business model?
zFire Xue: Yes there is an issue with a user installable script business model, which would prevent entirely full perm scripts from being available. They would have to be no mod to protect the methods that ensure the data packet is in sync with valid data sent from the unit itself. It is possible to transmit no mod scripts, or even objects for that matter, but for now that isn’t necessary.
Pixeleen Mistral: Is there anything you would like to tell the Herald readers?
zFire Xue: I would like to thank all of your readers, I would like to invite them to read and understand what zF RedZone is and is not.
As most people know Linden Labs is very slow to deal with Abuse Reports or DMCAs for the few they deal with at all.
The only viewer Linden Labs has blocked is Emerald, which still logs in to SL in some cases.
If you have a griefer or copybot threat zF RedZone is more effective at catching and banning copybot viewers, griefers, stalkers, and the alts they use than Linden Labs itself. Without it, try banning someone, and they will be back with an alternate account.
The bad guys do have new copybot viewers every so often, or other methods to steal, but zF RedZone catches these viewers in time, and the alts of these people, unlike Linden Labs which only sometimes bans or suspends individual accounts, but never stopped a single copybot viewer from logging into the grid.
zF RedZone is not spyware, it does not install anything or record anything that is not public information.
It does use intelligence to calculate things for security purposes. There are no script functions for keylogging or voice media controls as the other side of the debate will have you believe.
Please visit http://isellsl.ath.cx/rzfaq.php for answers to more questions.
Best Regards,
zFire Xue =)
lolol
Mar 5th, 2011
LMAO RZ Nerfed worthless junk at this time
GothGirl
Mar 5th, 2011
Red Zone, and similar systems are still violating users privacy and rights in SL. If a person doesn’t want someone on their virtual lands there is a Ban list to place their name on it for a reason, but beyond that using a tool to Harvest IP addresses, and link it to known suspected alternate accounts, and or alt mertics system he uses is wrong.
What if I for example used the same IP as another previous copybot who got banned from Second Life or like a public proxy. Zfire says his system works by detecting what simulators people visit and such not just IP so what if a large number of people including yourself visit a simulator almost at the same time together as a group or friends, does it detect by this, what if it flagged everyone?
Or maybe he is using a chat device to illegally monitor chat of people in Local Chat, and match it with the persons account then flag them I have no Idea, Point is his system has too many unanswered questions, and if people want to use Red Zone, or a Similar System, they should be Required to post a warning notice to all people who enter the simulator or land and give them a chance to decline and leave.
The reason they don’t is because they know many people wouth Opt-Out, and the content developers would loose a lot of money.
everyone stfu already
Mar 5th, 2011
…..::::facepalm::::
Obvious Schism
Mar 6th, 2011
@ Bubblesort
“Why do people keep saying redzone is dead? It’s working perfectly. I have no problems with it at all. The web page is loading faster lately, so it’s actually working better now.”
I would imagine that’s because less and less people are using it, so there are consequently fewer demands on the previously overtaxed server.
Anyhow, these got misssed off of the bottom of my list:
12. Stalkers
13. Sock Puppets
14. Servers
General Drama
Mar 6th, 2011
So, is Phantom Zone also being banned?
heaven
Mar 6th, 2011
the ez is just a lotvif bs. because of it I can not go places with my friends. why you ask? well me, my husband, my daughter, my two sons we are all banned from places where we would hang out together as a FAMILY, WE did alot of shopping and clubbing together. now we just sit at home or go to places WE don’t like. thank you RZ fir ruining my sl and my families sl. see it how well it works at identifying alts and copybots, and the cheaters.
hobo kelly
Mar 6th, 2011
I think someone took a broom handle and pushed Phantom Zone back in…
Millennium Sands
Mar 6th, 2011
Well, I added a little line to my profile:
“I mute all users of RedZone and similar devices.”
It’s meant as a signal to shop- and clubowners, telling: “Snoop on me, and you’ll loose me!” It’s up to them what they make of it.
In my opinion, people who are affraid of their guests/customers should consider to give up their businesses.
Today I discovered some shops that featured signs with the writing:
“This shop is spyware-free.”
Looks like a couple of shop owners heard the voice.
I think it might also be a good idea to force places who still use devices like RedZone to put up signs that tell visitors what is used there. It should be an obligation to disclosure, added to the TOS.
Oh noes
Mar 7th, 2011
Red zone isn’t spyware.
Poop doesn’t stink.
General Drama
Mar 7th, 2011
Oh Noes,
Exactly. It really doesn’t matter if its asking permission or not, is telling other people or not who alts are, with or without permission. It is the banning of people based on arbitrary factors over which they now have no appeal from that is a blatant slap against the very concept of having community standards because it is a mechanism that is intended to destroy community with the same sort of flawed gestapo secret police tactics that the now-dead Governance Team brought so much discredit and bad PR onto LL with.
General Drama
Mar 7th, 2011
Phantom Zone is not dead, btw, though I hear it does not do alt detection.
Danziel
Mar 8th, 2011
“and my existing users would not be safe from 77283 people they have banned plus their alts.”
I can only look at that number: 77283
PLUS their alts.
I do not want to be protected from 77283 people.
I want to meet them in SL and I want them to be my customers.
Can someone really believe that this big number deserves to be excluded from shopping and moving in SL?
PLUS their alts.
Then he claims, that were individual bans …. so he trusts that all bans of redzone users were wise decisions aiming at the real bad guys of SL?
According to my experience with mobbing, stalking, cheating and drama in SL, the bigger part of the 77283 people are the side that should NOT be in the list.
Could be a new way to grief and stalk: become a redzone customer and report good people to the system.
The creator will still proudly announce big numbers of people to be protected from and he will be proud of the “intelligence” the system works with.
This is not a question of safetey, wisdom or intelligence, someone who buys a system that protects him from 77283 residents PLUS their alts, is just addicted to the power that a big ban lists suggests for them.
Senban Babii
Mar 8th, 2011
@Danziel
“I do not want to be protected from 77283 people.
I want to meet them in SL and I want them to be my customers.”
Well the way things are going, SL will soon be a barren wasteland with just a handful of paranoid content creators huddled on a single sim as the darkness encroaches. Everyone else will have either been banned for being a potential criminal or been driven away by the very content creators who treat every potential customer as a potential criminal.
Everyone always talks about how content creators have rights and need protecting. Well customers have rights and need protecting too.
But oh look, Linden Lab recently settled the court case with Stroker Serpentine and yet again the talk is all about greater protection for content creators.
http://nwn.blogs.com/nwn/2011/02/stroker-second-life-content-lawsuit-settled.html#more
I’d been kind of hoping there’d be an article in the Herald about this important issue but still.
SL is massively biased towards the content creators and everyone else is just a cash cow whose rights and privacy don’t matter.
To quote my favorite movie star.
“A strange game. The only winning move is not to play.”
Emperor Norton hears a who?
Mar 8th, 2011
So the Herald is forced to bottom feed for drama off of SL Universe now.
Ewanme
Mar 8th, 2011
How will I know if I is bein RedZoned , honey ???
Will i feel a gentle buzzin or somethin ??
E x
Oh noes
Mar 9th, 2011
Leave the satire to Pappy.
Johanna Renfold
Mar 9th, 2011
I disagree with people like Gothgirl who choose to place their own “users privacy and rights” before everybody and everything else.
My partner and I run an urban RP SIM which includes a basic prison/jail RP. From time to time we have cheaters and trouble makers who, after being ejected, use alts to return and continue some mischief.
We have no issues whatsoever with alts or bots and feel that both are good features of SL but they are also easily misused in a gold-rush town like SL, which has no effective sheriff. If we know it’s just the same “person” returning we would not waste our time trying to RP and engage with them.
We pay L$22,000/week to provide a SIM for our own pleasure and that of others and I do wonder why Gothgirl feels that her rights (where ever they come from?) as an individual should be paramount?
If alts are only used for the genuine desire of being able to express ones self in various forms why is it so important that nobody must know who they are and concealing them has become a life and death struggle between redzone, greezone and whoever else?
Maybe the use of alts should become a region setting like “damage enabled” and visitors could then choose if they wish to enter and play the game?.
karen
Mar 10th, 2011
OK a few clarifications. Zfire has “stated” that there are over 22K rz sims in Sl. Call BS on that one. and with more people removing it every day, less and less as time goes by. And BTW Z, a small parcel is NOT considered a SIM, and a DEMO bought does NOT equal a “sale”
Also he KEEPS INSISTING that Ll has only ever blocked emerald. FALSE! they have blocked MANY copyviewers out there including neilife and cryolife> Z get your damned facts straight BEFORE pursuing your agenda, which only serves to HURT your OWN customers when you say stupid shit like you will give out the list to anyone who wants to pay you on paypal for it etc. get over yourself already> RZ was breaking the rules, and you tried your damnedest to get around them and it didn’t WORK!
deadzone
Mar 10th, 2011
Let me say there’s a few things in SL that LL has left terribly lacking, one is security tools for land owners. RZ provided that, i do not agree that making public knowledge of alt names was necessary, nor do i think the way the info was gathered 100% fool proof, but if anyone has ever gotten on the bad side of a griefer, you KNOW how important it is not only to ban that individual, but have an option to ban its alts as well. LL has the power and the information to be 100% accurate in alt identification, these tools could be provided to the land owner that is paying tier and has the right to protect his or her financial investment. This by no means implies that an estate or land owner could have rights to a grid wide ban, but then nor did RZ. As long as the sim owner has this massive problem, there will always be a market for this sort of system.
Nelson Jenkins
Mar 10th, 2011
@ Johanna Renfold
I, nor anyone else, have any problem with private sim owners wanting to ban who they like (even if they do so based on an arbitrary list of so-called troublemakers backed by someone who sells “how to beat the dealer” DVDs) but I do have a problem with using spyware to farcically pinpoint troublemakers without consent.
My point here is that it’s absolutely fine if you want to use RedZone, but I do not wish to be profiled and datamined. Hence, if RedZone is “optional” and you choose to ban those that have parcel media off (or otherwise block the media stream hijacking), you will lose my patronage and your traffic count will undoubtedly go down. That is your decision. Can’t I have a decision to make as well?
Now, I do sympathize with you. I am the co-owner of two roleplay sims, and roleplay sims are notorious for griefers. But to lie back on such scams as RedZone and CDS is far worse than actively investigating your visitors. I assure you, it is fully legal to profile stalk and try to determine if a 0-day with “ballsasstits Resident” as their name is an alt of a griefer, and I can also assure you that RedZone will be quite useless in this if they decide to spoof their IP. If you’ve got an admin watching the telehub and someone comes in like that, who would you rather rely on, them or a useless, nerfed, self-help placebo of a security system?
EvilJezzy
Mar 10th, 2011
Actually this was all just for the lulz, cds and redzone fail for most viewers in the last year. I had lots of fun torturing you zfire aka spitfire clary lol, I thought i was done but now we are hungry again =).
By the way I love you
spamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspamspam
Nelson Jenkins
Mar 10th, 2011
@ deadzone
LL is testing hardware ban functionality behind-the-scenes that integrates with the regular kick/ban/etc. tools. Not that it matters, because really dedicated griefers will spoof their HW, but at least it operates on a far more accurate principle than IP correlation.
Danziel
Mar 10th, 2011
@Johanna
Well I own a sim too, not RP, but with a sandbox. My experience differs from yours. Maybe the reason is, that I have more freedom from griefers than others, cause I try to think different and allow to go beyond my first thoughts and feelings.
“My partner and I run an urban RP SIM which includes a basic prison/jail RP. From time to time we have cheaters and trouble makers who, after being ejected, use alts to return and continue some mischief.”
In this case my experience is: the more drama I do, the more I yell and whine, the more alts return.
In the last 18 months I ejected 4 avas and banned 2 of them.
None of these made any more trouble.
Am I on the lucky side? I don’t think so, only thing that I do: no whining, no drama, and if I am contacted they get a polite answer.
But not a discussion.
“We have no issues whatsoever with alts or bots and feel that both are good features of SL but they are also easily misused in a gold-rush town like SL, which has no effective sheriff.”
I have seen many sheriff actions of LL, but much more: I really do not need a sheriff for my website, so why should I need one for my sim? LL has given big power to sim owners, much more than a sheriff ever had. Sim owners are sheriffs and judges and they are even those that make the laws in their county or state.
So what more power do you need? You need one more: the wisdom to use these powers right. What I see is often misuse, drama, whining … great food for the griefers and stalkers, that is just, what they are coming for.
“If we know it’s just the same “person” returning we would not waste our time trying to RP and engage with them.”
Hehe, a weird thought: if you run a urban rp with prisons and stuff … wouldn’t those add more to reality? If criminals are banned from your district and they return in disguise, with faked ids and nicely faked documents … what a wonderful chance for realistic rp! Is rp realistic for you, if you and just you know everything?
Well I know, this is a too relaxed way to think about it … but allow for a few seconds to have the idea that these real criminals are those who do the real rp.
“We pay L$22,000/week to provide a SIM for our own pleasure and that of others and I do wonder why Gothgirl feels that her rights (where ever they come from?) as an individual should be paramount?”
We believe that all humans are created equal … you don’t know, if maybe gothgirl pays double for her own pleasure … and even if she doesn’t, she has the same rights to protect her privacy like you and the same rights to find her pleasure.
For you: if your pleasure is to offer your sim for urban prison rp, this attracts people who like that. If after that you don’t like their presence, maybe there is a point to think about, what your pleasure really is. Offering a prison and a bad bad town, will bring you those people that may annoy you.
“If alts are only used for the genuine desire of being able to express ones self in various forms why is it so important that nobody must know who they are and concealing them has become a life and death struggle between redzone, greezone and whoever else?”
Oh, alts are used for many very honest and acceptable reasons. If privacy would not be a human right, at least some of these reasons need alts that are not connected to each other in public.
Besides that, even your example underlines the need of privacy for alts. IF I use an alt to live a different second life, I really would not like to be known as the alt of me.
But much more: I strongly believe that among the 77k people PLUS their alts in their database half of these cases see the wrong side in their db, and the other half is just cases about a neighbourhood fight, when instead of the leaves of your apple tree, a prim expanded on the neighbour parcel.
And I see no need for a db, that gets fed in emotional drama situations and on the judgment of just the developer of a tool, who is proud of numbers and nothing else.
“Maybe the use of alts should become a region setting like “damage enabled” and visitors could then choose if they wish to enter and play the game?.”
This would take a lot from the pleasure of second life.
Second life also is a second chance.
In my system of values everyone gets a second chance. System like redzone are opposite: once you get into drama with the wrong persond, you are on the list … and will never get a second chance.
That is, why I definitely dislike all this spyware.
Yep
Mar 10th, 2011
zFire Xue telling how to steal password and cheat in Second Life
http://www.youtube.com/watch?v=tWINHZDJwSo
Yep
Mar 10th, 2011
Go getem Tiger
Nelson Jenkins
Mar 12th, 2011
Toasting in an epic bread.
RedZone is very much dead at this point: http://no2redzone.wordpress.com/2011/03/11/hack-or-cover-up/
Bye bye, zFire. Hope you enjoyed egging on the internet to come back your server. Have fun cleaning up the mess! Oh, and I hope you do have fun explaining that video to Linden Lab… no reputable website should ever store incorrect passwords – or any password – in a non-hashed format.
Nelson Jenkins
Mar 12th, 2011
*hack
I’m a bit drunk right now, please leave a message
lol
Mar 14th, 2011
/me drinks wine
Lazlo
Mar 17th, 2011
So, just heard ZX and alts and ZedZone was banned from SL. Thanks to all you crybabies out there who pissed and moaned and made it impossible for builders to use the zFire Animator which has nothing to do with RedZone and in fact is a useful tool.
All this gnashing of teeth from you ‘tards while mean spirited scatsticks like Prokofy Neva are allowed to attack everybody with no fear of a grassroots movement to have her rapidly aging ass banned from SL.
Now THAT makes a lot of sense.
Nelson Jenkins
Mar 17th, 2011
@ Lazlo
Uh, hello? Anybody home? Think McFly, think!
Have you seen his master admin page? You know, the one that lists every zFire Animator script in the grid? Yeah, I wouldn’t be too happy about the fact that he spies on his Animator customers, too.
Yep
Mar 17th, 2011
Do you need a tissue Lazlo? Go gettem Tiger
The Anti Herald
Mar 17th, 2011
Think for a minute – if you were selling something, wouldn’t you want to know how where it was being used and whether it was selling and being used or just selling and people giving up on it? How would he know whether he making a product his customers needed without that information? It’s the same information nearly all vendors need and want.
And HippoVend is a networked vendor system, and don’t think for a minute they don’t know exactly where every vendor is and who uses them.
Bunch of idiots, you lot are – you’re so ready to blame everybody else for your problems, and so reluctant to take responsibility when you screw it up.
Nelson Jenkins
Mar 17th, 2011
@ The Anti Herald
When I took this mentality I informed my customers about it and only logged ownership and region information.
An animation script, for one, should not have to record this, and for two, if it does, should provide a warning to the customer.
HippoVend is an exception because if they did not record this information, the system would be entirely unusable!
Think, Mcfly, think!
Velvet Bikcin
Mar 17th, 2011
@Anti Herald
Following your logic, you wouldn’t have a problem if everything you ever owned had software and technology that communicated with headquarters to let them know their product is being used.
Imagine getting an e-mail asking you why haven’t used your vegetable steamer in two weeks. Turning on your TV at 3AM? Let’s put you in touch with our pharmaceutical subsidiary, they sell a sleep aid.
1984 wasn’t supposed to be a feel good story.