zFire Xue Slams Redzone Enemies

by Pixeleen Mistral on 15/03/11 at 9:01 pm

Threatens critics with animal control – hopes for security system to delete accounts

Controversial zf Redzone developer zFire Xue told me he believes that Linden Lab has failed to provide Second Life players with an adequate security system, saying "DMCAs take too long, stolen objects are passed off to alts, Linden Labs does nothing to block criminal viewers, hardly even blocking Emerald. A system as effective as RedZone, upsets everyone with anything to hide. They love to tell everyone how to try to copybot or attack even with such a system. Attackers and thieves change accounts faster than Linden Labs can respond to them."

Mr. Xue went on to say he was not concerned about being banned by Linden Lab and believes the Lindens benefit from the controversy that zf Redzone created. He hinted at future enhancements to his product musing "Bans are so….RedZone. The new system should outright delete people".

These revelations came during my interview with Mr. Xue Saturday afternoon after what must to have been a very trying few days for the embattled security system developer – his site was hacked, database deleted, and what anonymous hactivists claim are screen captures of a secret admin interface to his site circulated.

Who could have imagined an aging MMO could create so much drama? Welcome to Second Life!

Late in our conversation, Xue had harsh words for his critics’ actions saying, "ARing my ISP, inventing fake law, rumors, whatever. Snitching off my Boris to animal control… yeah ok mother fuckers. I will see you join him next".

In Linden Lab’s virtual world, conflicting values and faction wars define much of the gameplay. Drama is created in the bitter struggle between Second Life content creators and land owners who have an unrealistic expectation about how well online behaviour and illicit copying can be controlled, and players who do not wish to be tracked or datamined during their escapist roleplay.

Privacy advocates express deep concern about databases compiled by zf Redzone and other security systems, while the security advocates are more than willing to compromise privacy in hopes of tracking troublemakers. Linden Lab’s inconsistent enforcement of an ever changing ToS and community standards leaves everyone guessing — an environment ripe for vigilante action from both factions.

The weekend battles between Xue and his critics were sparked when anonymous hactivists responded to Mr. Xue’s challenge to "bring it on" in a post to his site’s forum Thursday. Confident of his security prowess, Mr. Xue claimed his server is the "most secure in Second Life", but by Saturday afternoon Xue seemed primarily interested in identifying those who had trashed his site – a completely understandable desire.

While the sort of unauthorized access that apparently took place on Mr. Xue’s server is a criminal act, it seems several parties felt that the challenge and risk was worthwhile, posting several screen captures as evidence then asking if anyone could suggest a way to anonymously send evidence to Linden Lab. At this point both sides are playing for high stakes, hoping to drive their enemies put of  the game.

a screen capture from zFire Xue’s site posted to sluniverse.com forum epic-length Redzone thread

The interview was conducted under rather difficult conditions – it took most of Saturday to track down Mr. Xue. Our conversation began when I sent Mr. Xue several IMs which went unanswered, then switched to e-mail, then finally continued via a live IM session. A transcript of our multi-modal new media meet-up is below:

Pixeleen Mistral: It appears that your isellsl.cx site may have been compromised. There are php errors on several pages that suggest that the site’s sql database has been altered. Also a source has pointed to what are claimed to be screen shots of the "Admin Overlord App". I am working on a story and have several questions – will you be available to chat sometime today?

zFire Xue: Yep they deleted the database.
zFire Xue: Are you going to be protecting cybercriminal(s) or where they anonymous?

Pixeleen Mistral: do you really think that they guys who got loose in your server would tell me who they are?
zFire Xue: they might have the same IPs that I have on my log

Pixeleen Mistral: well they might, but it is unlikely that it would do you much good
Pixeleen Mistral: fwiw – all I know is they sent a comment from an IP address that is an exit from a Tor anonymizer

Pixeleen Mistral: I’ve seen some people claim that the SQL injection exploit for your site was known for quite some time
Pixeleen Mistral: how do you know that the backup you loaded has not been altered?
zFire Xue: It was first attempted on the 7th
zFire Xue: I have a log to check for IPs of attackers and check that.
zFire Xue: Merlins PW seems to have been known

Pixeleen Mistral: some of the hactivists that compromised your site say that you invited them to try – and they will publish more embarrassing info if you don’t acknowledge that they did compromise your site
Pixeleen Mistral: so – I guess they can stop now since you told me that they did get in
Pixeleen Mistral: what I can’t figure out is why you would capture failed logins and make those available as "Possible SL PW(s)"
Pixeleen Mistral: at the point news of that gets out your reputation is in tatters
Pixeleen Mistral: what were you thinking?
zFire Xue: Do you want an official reply, or an off the record, clear english one?

Pixeleen Mistral: this is on the record
zFire Xue: Starting now? LOL

Pixeleen Mistral: I’m a reporter – you know who you are talking with
zFire Xue: ok sure

Pixeleen Mistral: so – what was that rationale?
zFire Xue: The entire system is intended to do the Job Linden Labs completely fails at doing. DMCAs take too long, stolen objects are passed off to alts, Linden Labs does nothing to block criminal viewers, hardly even blocking Emerald. A system as effective as RedZone, upsets everyone with anything to hide. They love to tell everyone how to try to copybot or attack even with such a system. Attackers and thieves change accounts faster than Linden Labs can respond to them.
zFire Xue: RedZone is the only system to find, block, ban, (or worse), the cyber criminals of SecondLife. By every means necessary. Even automated ones LL fails to implement.

Pixeleen Mistral: but why try to capture the possible SL passwords of your own customers?
Pixeleen Mistral: you explained why some people buy Redzone – but the screen captures show you tracking possible SL passwords for your own customers
Pixeleen Mistral: how can that possibly help your cause?
[...6 minutes pass...]
zFire Xue: If I where logging SL passwords, and I have heard the theory, Linden Labs would have clear evidence of logins on other accounts from the same IPs I use. I find the idea interesting and wish I was able to log into some of the copybot accounts that I am aware of, and delete them from SL because when LL does anything, it is a suspension, if anything at all. LL fails at tracking inventory objects and banning alts of Copybot users.
zFire Xue: Your information says I log RL locations as well, but they failed to put a nice "real life location" box into the pictures.

Pixeleen Mistral: so I guess the theory would be that some Redzone customers could also be copybotters, and if you had their passwords then you could possibly log into their accounts – but that would be a bad idea since it would come from your IP address and LL would notice that
Pixeleen Mistral: so my guess is that if someone were to do that sort of thing, they would go through a Tor anonymizer to hide their IP address and also fake their Mac address, etc.
Pixeleen Mistral: in other words – LL would not be able to tell
Pixeleen Mistral: which is probably the same reason that LL fails at security
zFire Xue: It is well known that some serious hate bloggers, griefers, even a few creators that copybot competitors are found out by their own system. If I where able to log into and delete them, all stolen goods, and alts.. Yes LL would notice. But would they have cared?

Pixeleen Mistral: It is hard to know if LL cares
zFire Xue: Linden Labs would see the Tor, or other proxy, as a sign of a problem.
zFire Xue: Linden Labs would get distress calls from deleted accounts, see the proxy IP and simply unban them, ban the proxy, and contact the proxy. However that would work.
zFire Xue: So the theory would not work. LL could just block all proxy’s.

Pixeleen Mistral: Are you concerned that today’s developments might lead to your accounts being banned?
zFire Xue: Nope. Linden Labs knows fact from fiction.
zFire Xue: I have photos of the Greenzone founder copybotting. Clear photos, and the Lindens don’t accept those.

Pixeleen Mistral: Isn’t the bad press from this scandal something Linden Lab would want to stop?
zFire Xue: Linden Labs loves the google ranks this provides.
zFire Xue: They also must enjoy watching a "social simulator"

Pixeleen Mistral: no such thing as bad publicity then?
zFire Xue: Not at all. According to what I read, I am now zFire "The godfather" Xue, Dr Claw, super hacker, capable of impressive impossible things.
zFire Xue: I wont bother listing what they claim I can do, or have done, but it is impressive sounding.
zFire Xue: Even the small silly ones, like blaming the rise in friendship requests on RedZone.

Pixeleen Mistral: Plastic Duck told me this morning that he is surprised you are not banned already – he said Redzone caused much more drama than he ever did
Pixeleen Mistral: but Michael Linden is no longer with the Lab so that might explain it
zFire Xue: I have never heard of Plastic Duck, so I assume RZ created more drama.
zFire Xue: Eco Linden, Glen Linden, etc.
zFire Xue: 30% layoffs.
zFire Xue: Where are the disgruntled X lindens?
zFire Xue: So who will protect SL?

Pixeleen Mistral: a very good question
zFire Xue: Maybe the hacktivists should work on finding and deleting copybots.
zFire Xue: Bans are so….RedZone. The new system should outright delete people.

Pixeleen Mistral: I think the hactivists value their privacy more than the pixel clothes and other elements of the SL economy so they are unlikely to go after copybotters
zFire Xue: The Privacy argument indeed.
zFire Xue: Privacy, or security. Linden Labs wants a happy middle ground.

Pixeleen Mistral: well – I’ve taken a lot of your time – thanks for talking
Pixeleen Mistral: is there anything else you would like to tell the Herald readers?
zFire Xue: yes there is

Pixeleen Mistral: I’m all ears
zFire Xue: Give me a second

Pixeleen Mistral: k
[...5 minutes pass...]
zFire Xue: ARing my ISP, inventing fake law, rumors, whatever. Snitching off my Boris to animal control… yeah ok mother fuckers. I will see you join him next.
zFire Xue: I have nothing more to say on this.

Pixeleen Mistral: I have no idea what "Snitching off my Boris to animal control" means

zFire Xue: Oh they do.
Pixeleen Mistral: I guess someone will explain it in the comments
[...9 minutes pass...]
zFire Xue: http://www.youtube.com/watch?v=5UPg1GfxGTU
zFire Xue: no point in sharing that, Im taking it down. Id rather see who knows about it.

Pixeleen Mistral: ok – now I have seen it all – a raccoon in diapers

zFires racoon in diapers
YouTube video reveals Boris is a raccoon in diapers

What sympathy I had for Xue’s desire to learn who had reported Boris to Animal Control waned by Saturday evening when I found myself ejected from his zf Redzone store in-world. I had apparently been marked as a "former copybot" after what I can only conclude was my manual addition to his copybotter database.

Redzone ban 2
I taste the wrath of zf Redzone’s security

By Sunday I was no longer being ejected when visiting the Redzone store. Had Mr. Xue been trying to send me a message, then thought better of it ? Or were the hactivists updating the zf Redzone database behind his back?

In either case, many questions remain unanswered. Is someone in zFire’s inner circle feeding his critics pointers YouTube videos to cause him trouble? Who snitched out Boris the raccoon to animal control? Has the level of drama risen to the point that Linden Lab will take action? Will the Second Life babyfur community look favorably on zf Redzone now that they know zFire Xue is a potential fan? What of the wider Second Life community – and the risk of gross anarchy with diapers?

41 Responses to “zFire Xue Slams Redzone Enemies”

  1. Reader

    Mar 15th, 2011

    “Will the Second Life babyfur community look favorably on zf Redzone now that they know zFire Xue is a potential fan – or is zf Redzone simply a front for gross anarchy with diapers?”

    This was very crafty indeed.

    I laughed my ass off.

  2. Henry Darkthief

    Mar 16th, 2011

    And how does keeping your customer’s passwords and RL locataions in a databse as well as violating people’s privacy enhance SL’s security zFire Xue??

    As for the security of your system, well, your website certainly shows how capable you are of making things secure.

  3. AlexaMonroe

    Mar 16th, 2011

    Wow, he wasn’t even running the latest version of RedZone on his sim. I’m pretty sure it’s up to 4.2, if not even 4.3. The 4.1 releases weren’t compliant with the new CS.

  4. Rawst Berry

    Mar 16th, 2011

    Ok first zFire claims that he logged the passwords in order to log onto copybotter’s accounts. Then he goes on to say that doing this is futile because if the original owner of those accounts complained, they would simply be unbanned.

    So….. Yeah. Not even a good try.

  5. deadzonr

    Mar 16th, 2011

    One question I would have love to seen asked, was “How many copy botters/ griefers has the system actually A/R’ed to Linden Labs?”. With all the talk of catching them, I would think he would have been bragging on those numbers, if in fact he actually turned any in..and if not why not??

    things that make you go hmmmmm…

  6. Scylla Rhiadra

    Mar 16th, 2011

    I would have found it hard to believe that my contempt for this utterly despicable man could grow . . . but this story, aside from providing me with many lulz, has proven me wrong in that regard.

    zFire’s disregard for the rule of law and Second Life was revealed when he banned me from his forums for daring to quote the Linden Lab ToS, section 8.3: “You will not . . . harvest or collect any data or personal information about other users without their consent.” But then that’s no surprise: the entire operation of RedZone is contemptuous of the ToS, and the rights of every resident in SL.

    RedZone is dead. In a sense, it doesn’t matter whether LL takes further action against him or not. He’s being abandoned by his own supporters, some of whom have left some choice comments about him on his own “Neighbourhood Watch,” or who have called him out on his own forum. Funny, but his customers don’t seem to like their own privacy being violated.

    There is now a media filtering patch for a beta version of Phoenix, as well as the Cool Viewer, that will cut RedZone’s attempts to skim IPs dead. V2 will have to follow up with one as well, or be abandoned in droves by residents who care about their privacy. In the meantime, we are starting to spread the word about how to safeguard against RedZone and other data mining systems.

    Residents are abandoning clubs and businesses that use RedZone; those who don’t use it are proudly publicizing the fact. Becoming known as a RedZone user will be the kiss of death to any business.

    In a matter of weeks, this system, if it’s still even here, will be dead in the water.

  7. Danielle

    Mar 16th, 2011

    Prophetic words, Scylla, as it appears Mr Xue and his shop have been deleted from Second Life.

  8. Scylla Rhiadra

    Mar 16th, 2011

    And it looks as though we may not have to wait a couple of weeks.

    Buh-bye xF-Fire!!!

  9. Scylla Rhiadra

    Mar 16th, 2011

    So it would seem — even if in my excitement I mistook my “x” key for “z.”

    Happy as I am to see RedZone gone . . . and I AM enormously happy . . . the problem that it represented, namely data mining, has not itself yet been addressed. There are other systems out there that use the same exploit to harvest info, and there will be others in the future that rush in to fill the vacuum left by RedZone.

    So ridding SL of zFire and RedZone is a great step in the right direction, but there is still much to be done.

  10. Observer

    Mar 16th, 2011

    So let me get this straight. This convicted felon that served years in prison had an illegal pet raccoon. And the authorities discovered it, probably in the course of their investigation into a continuing criminal enterprise, and confiscated it. And the con is posting death threats thinking some group of privacy advocates were responsible? Clearly that guy needs to be under 24*7 surveillance.

  11. Oh noes

    Mar 16th, 2011



  12. Wow

    Mar 16th, 2011

    Well, personally i dont give 2 shits about either zFire, copying pixels, sticking pixelated donkey dicks in your e-anus, but this with raccoon in diapers is simply RETARDED! Nuf said

  13. Nills

    Mar 16th, 2011

    This whole thing is hilarious in so many ways, I can’t even begin to describe.

    You can’t pay for this kind of entertainment!

  14. Pappy Enoch

    Mar 16th, 2011

    That po’ critter, Boris, deserves him a better fate n’ wearin’ a diaper.

  15. Dern-it, Pappy....

    Mar 16th, 2011

    L O L!!!!!

    Next round o’ shine am on me.

  16. [...] Zue himself went on the warpath prior to his ban from SL (the interview took place on the Saturday prior to him being banned, but [...]

  17. Bambam

    Mar 16th, 2011

    @ Observer …WHOA!!! SL business owners openly gave their passwords to a convicted felon? zFire Xue is a ex felon??? Is this right?

    and business owners are worried about getting copybotted?
    ROFL!!!!!!!! OH this is way to funny!

  18. Tux

    Mar 16th, 2011

    Oh how simple is for zFire now to create a bot system to log in using the data lists. Log in grab money, delete inventory.

    You are all doomed – because you had faith in a sales pitch!

    Do you honestly think your data is still safe?

  19. [...] The Alphaville Herald – xFire Xue Slams Redzone Enemies [...]

  20. Darien Caldwell

    Mar 16th, 2011

    You would have to be ignorant to think RedZone actually did anything. And sadly, ignorant people are always the ones that get taken advantage of. And please understand I mean ignorant in it’s true definition, ‘lacking knowledge’, and not as ‘dumb’.

    I’m glad LL finally took the steps necessary to rid SL of this ZFire pest.

  21. Nelson Jenkins

    Mar 16th, 2011

    Still don’t see the purpose of banning zFire now that he has access to thousands more accounts. :/

  22. Gramma's Grammer

    Mar 16th, 2011

    @Darien Caldwell said:
    And please understand I mean ignorant in it’s true definition, ‘lacking knowledge’, and not as ‘dumb’.

    So you mean the kind of ignorant that doesn’t know the difference between it’s and its?

  23. Nightiwhs Sveiss

    Mar 16th, 2011

    @Nelson Jenkins eh doesnt hav password of scanned people, he has the web pasword of its own users, wich in most case are the same of their SL accounts

  24. hobo kelly

    Mar 16th, 2011

    zFire Xue,
    zFire Xue,
    where are you?
    where are you?
    copybots are ringing,
    griefers are singing,
    zFire Xue,
    zFire Xue…

  25. Osama Bin Linden

    Mar 16th, 2011

    Well mr Xue (Mike Prime), the only “Cyber Criminal” here is you…


    Care to comment? lol

  26. MystikaJaded

    Mar 16th, 2011

    Seems zFire is back in SL under a new name. So much for LL banning him.

  27. Innula Zenovka

    Mar 17th, 2011

    @MystikaJaded — what leads you to say “Seems zFire is back in SL under a new name”?

  28. Nelson Jenkins

    Mar 17th, 2011

    @ Nightiwhs Sveiss

    He has that plus the incorrect attempts, which may be SL passwords entered accidentally. Nonetheless, he created a system to test these passwords and is now in possession of a list of accounts and corresponding passwords.

  29. GothGirl

    Mar 17th, 2011

    Aye where is Skills Hak now, Looks like the Tables Have Turned XD, lets see if he will comply with Linden Lab & Get his account back?


    Skills Hak, and anyone else logging information without my consent, We are coming for you, and you are next, and some people in SL will be getitng a warning from me, and if they do not respond with removing these alt detectors from their systems will get abuse reported for such, and I will personally get others involved as well, KThxBai.

  30. GothGirl

    Mar 17th, 2011

    ** Damnit I mean’t Zfire Xue lol.**

  31. Osama Bin Linden

    Mar 17th, 2011

    Don’t worry zFire you can rent my cave, I can’t guarantee you won’t get fleeced on the way in though lol

  32. Win Zinnemann

    Mar 17th, 2011

    I was also manually added to the list of “copybots” just because one of the founders of Green Zone is someone who is very close to me and I had supported her on my blog. I also visited the RZ shops with an alt and was not recognized, in spite of all the claims. It’s nice to see most people have come around and realized how dishonest, malicious and devious this guy was, and nobody’s happier than I am for RedZone’s banning. I know he’ll be back and that some people will be fooled again – and yet, the end of this battle proves you can’t fool everyone forever, no matter what.

  33. GothGirl

    Mar 18th, 2011

    The funny thing is that my name got manually added to the Copy Bot list because I know everything there is to know about Theft on the Grid, and tested cryo life only once in my life, and he knew. He also only add my name because I was against the privacy violating that went on, and did not do so until he saw me make a post on the Jira.

  34. Melvin Starbrook

    Mar 19th, 2011

    great to hear redzone and its creator is banned and its database is removed :) )

  35. copiable NO TRANSFER

    Mar 20th, 2011

    Is Zfire one of Gadhaffi’s sons?

  36. The Sun King

    Mar 21st, 2011

    FFS is that all you talk about
    You and your fucking LL ban I expect when you heard about how Japan had been decimated your first thought was “sounds like how I was treated by Linden lab”
    jeeezass youre the fucking life and soul of the party arent you?
    The fact is you got caught. Deal with it !

  37. dead zone

    Mar 21st, 2011

    Lets see…reality time..its been all great, that this man and his ability to match alts are gone from SL, in all the celebration we forget a few things. Since SL provides the space to earn RL money, and LL provides the space for copy botting, griefing, cheaters using alts for anything from board voting, to creating entire clans for Bloodlines play…there will be a NEED in SL for some type of system like this. As long as there is the NEED, and money can be made, there will be creators making and selling these types of systems. So the answer must be obvious, LL has to provide some sort of protection, alt banning, the ability to get copy botting out of SL permanently..until then, the battle will continue, gather your troops now.

  38. Katrina Swales

    Jun 9th, 2011

    I like how he claims screenshots can be edited, then in another claims some he made are “clear photoes” showing proof, I mean what does he think he did, stand behind her and take a photo?

  39. Observer

    Aug 2nd, 2011

    Oh my!


    Seems punks are not exempt from prison shower sexy time after all.

  40. Dontspill McGinnis

    Aug 2nd, 2011

    And this is a guy that the JLU, and especially Kalel Venkman spoke out in defence of.
    Kinda makes you wonder, doesn’t it?

Leave a Reply