Gods and H4x0rs: SL Exploit Aims at Virtual Businesses
by Alphaville Herald on 19/07/05 at 9:58 am
In what was probably the first effort aimed at SL’s vibrant business community, a Second Life client was hacked earlier this week to allow ‘god’ mode–in which a user may access copy-only scripts and make account balance adjustments, etc., that are usually available only to Linden Liaisons. Linden Lab moved quickly to patch out the exploit, but not before the hacker gained access to important information from some of the biggest resident-run businesses on the Grid. [Thanks to Zero Grace at Clickable Culture for the tip. And read more at Walkerings.]
According to forum postings, the exploit was used “to gain access to popular scripts, including all of the major ATM machines, the Nexcom phones, Seburo, ROAM, and others.” The source code for the hack was apparently also published online and advertised via a popular SL-related IRC channel.
The fact that the hacker or hackers mainly targetted SL’s businesses–many of which take in more than $100,000 a year, according to SL godhead Philip Linden–indicates the perpetrator had more on his mind than simply mischief. Like many hackers of the past, however, he (assuming it was a he) also sought some recognition for his “accomplishment” by spamming the chat channel.
The hack comes at a particularly bad time for Linden Lab, which recently struck a series of deals with outside corporations that promised to start transforming the Grid into a more robust and useful application than it had been before. Whether such deals continue in the near future will depend in large part on how well LL deals with security problems that have now become apparent.
According to one forum poster, “The implications of an attack such as this are troubling indeed. I really, really want a statement from Linden Lab. I’ve spoken to some people who were affected by this breach. They’re not exactly chipper about doing any future scripting projects.”
But the question has been raised on the forums about whose responsiblity such security really is. One poster pointed out that real-world business software is usually designed so that the release of the source code does not compromise a particular business’s security. In other words, real-life business apps commonly rely on security in the application software itself, not the security of the platform on which it runs. It may be that SL coders need to bolster their own level of security for business-related applications, rather than relying on SL’s security to seal any holes for them.
Residents whose code was stolen have been working to correct any potential security flaws since the exploit was announced. According to forum postings, the code that was affected by the hack includes the following:
Cubey Terra Flight WARP
Gigas Server
Ginko ATM
Gravity Gun
Hug script
LCC Vendor
Nexcom 3
Roam
Scan Foo
Seburo Compact-eXploder v.1.3.47i
SL Boutique Vendor 0.7
SLBoutique (old vendor code; deprecated)
SL Exchange Terminals
Splashable Water
The Herald will continue to bring you updates on this developing story.
Adam Zaius
Jul 19th, 2005
Unfortunately, bringing up security in LSL is a bit of a difficult topic. Since LSL still remains a fairly primitive language, tamper-proof’ing LSL is a bit more difficult than you would imagine.
In the real-world you have processing power capable of implementing ciphers like AES or RSA. You also have the ability to access the compiled binary of your application, you could do a checksum to check it hasnt been tampered with, or something similar. in LSL the limited amount of memory availible, and the inability to view the content of the application from within itself makes the task a bit more difficult.
I’ve recently asked LL about increasing the security options open to us, and asked again when this exploit was discovered. Hopefully we will get a commitment by LL to improving the general security of the Second Life platform as a whole, something a few high profile sellers are going to require if they are to keep developing for SL.
-Adam
Tony Walsh
Jul 19th, 2005
Adam, my understanding is that the security breach was caused by a hacked client, not by an LSL exploit. Does that sound right, or was there also a LSL component involved?
Walker Spaight
Jul 19th, 2005
Adam Zaius > “Since LSL still remains a fairly primitive language, tamper-proof’ing LSL is a bit more difficult than you would imagine.”
I completely agree, Adam, and you make good points. I just think the episode raises interesting questions about who is to be responsible for this kind of security in a “user-created” virtual world. It may be that the combination of LSL and LL security measures is insufficient to support robust business apps at this point. In any case, I do think the hack is testament to the power of the SL economy and the proprietors within it. It would be unfortunate if no fix is forthcoming and business owners abandon their operations as a result.
Adam Zaius
Jul 19th, 2005
Tony>
The exploit was with the SL client yes, but the magnitude of the problem was raised because of the limited ability we have to tamper-proof our applications. A well written client/server application should be able to withstand having the client open sourced, unfortunately in SL that becomes a little more difficult because of the limited options we have availible to us.
Walter>
Yes, I’ll be watching LL closely on this one to see how they react. If we dont see a shift to prioritise protection of works within SL itself, or still dont have the ability to do it ourselves, I doubt we will see much larger investment in SL-based applications.
At the moment, while we still depend on LL for all our security (due to a lack of alternative options), I would expect LL to take responsibility for these problems, until we see the ability to do it ourselves, at which point – any problems at that of the coders themselves.
-Adam
Mr F.
Jul 19th, 2005
I’m surprised it took this long for somthing like this to happen.
Prokofy Neva
Jul 20th, 2005
Always ask, “Who profits?” SL’s major, monopolistic resident-run corporations are the chief beneficiaries of Plastic Duck et. al’s antics — including their banning — because they get a neat justification to demand their own security measures outside the TOS of LL, whether it be aggressive bounce scripts that hurdle both griefers and innocent building and flying neighbours to kingdom come, or increases in data-harvesting and blocking of people via the Internet’s vast technical capacities for doing so, and moving of many functions of the game outside the purview of LL on to third-party sites.
Relieved, a harried LL will hand over these functions to the FIC monoplists, who, in the name of saving us from Plastic Duck, will increase their hold over the airwaves, the real estate streams, the economic streams, the newbies, whatever there is to grab. It’s like how when the Soviet state collapsed, thousands of “private detective” agencies were formed to guard the oligarchs who were all made up of old KGB agents who fought each other. Same old, same old.
The losers from Plastic Duck are liberal groups like the Thinkers who can’t find a way to stop providng a platform to W-HAT because of their erroneous and empty-headed clinging notions that freedom of speech = freedom of *behaviour*. It doesn’t. You can have an art show that is vulgar, at least, in my world of an Art. 19 ideal. You don’t get to then take the World Trade Center and literally crash it into other players in the game, invade their properties with it, grief their events, and generally behave like assholes. Go on your own damn land and behave like assholes, thank you. W-Hat yammers on about Art. 19 and free speech and no one ever says “Um, but what you do is incitement to imminent action and ACTION not speech.”
With the destruction of the feeble and small thinking class through it’s hijacking of Thinkers, especially in this last week, with its emboldening of the FIC to scream for more “security,” Plastic Duck has been achieving the destruction of the state, the goal of all radical anarchic terrorist types, who work all the ends against the middle, get everyone fighting each other, so that the real destructive work is achieved not even by themselves but by everyone else. Hey, nice work!
I’m glad Phil got the patch in fast, but programming is not the only way to fight these kinds of threats to a free society.
What is the solution? Things like Plastic Duck have to be fought through increasing human solidarity, and finding various horizontal ways around the vertikal of terrorism. Thinkers should have ejected W-Hat long ago. It’s an old Bolshevik trick to constantly deny affiliation with the group’s worst actors but never disassociate from them by leaving the group. Thinkers is not *obliged* to open its doors to EVERYONE — no group is. Let them be in their own little isolated corner hooked up to nothing. And the security state wannabees among the monopolists also don’t get to invade me further in the name of protecting me from Plastic Duck, thank you very much.
What, people steal top designer’s creations, they steal my RL info without consent and reveal it, they harass through money-losing measures like rogue officer recall, and they don’t get permabanned, and W-Hat gets permabanned for what…again? A giant dick? And…a copy of somebody’s blingtard vendor thingie and some gun? Huh? There should be gradually longer terms of banning from SL, like 90 days or 120 days or whatever, with the meter running on tier and subscriptions. The severity of perma banning merely makes them try harder to get in on all their relatives’ credit cards and dial up from Kinko’s or whatever. Bleh. The way around Plastic Duck is…to walk around Plastic Duck. He’s not that witty or interesting. The hysteria fanned about about this by the FIC on the forums illustrates the emptiness at the core.