Emerald Viewer DOS Fiasco

By Xah Lee. Date:

Lots is going on with Emerald now. I haven't had time to digest it all, but it's going wild. Here's few links to start you off with, i'll write a better report when i've done my research.

A Emerald developer “LordGregGreg” announced quitting, on his blog dated 2010-08-14. http://lordgreggreg.wordpress.com/2010/08/14/emerald-reassessment/

He's saying there's is a piece of code “emkdu.dll” that is not open source, and seems intentionally hidden from all other developers. (you can find this dynamic library in your Emerald dir, e.g. c:/Program Files (x86)/Emerald Viewer/emkdu.dll)

Besides that, he's also not happy that the money made by Emerald is handled privately and not open to all developers, even he wants none of it. (presumably the money mentioned is from ads running on the modular systems site)

I'll need to do research on this yet. However, there seems to be another major issue going on, probably not related to the above.

It seems that Emerald users have been used as a “Denial Of Service” attack on a website.

Modular system's official response to this is here: http://blog.modularsystems.sl/2010/08/20/shenanigans/

About this issue, there's also this interesting voice recording on youtube.

Want to dash through walls?
Try Xah Tele-Dasher!

Emerald Off Linden Labs Viewer List; Emerald Team Restructuring

The DDOS attack incident has hit emerald hard. As a result, Linden Labs has taken Emerald off the safe 3rd-party viewer list. See: http://viewerdirectory.secondlife.com/. Fractured Crystal (founder of ModularSystems), responsible for the DDOS attack, has resigned. The Emerald group announced restructuring. See: http://blog.modularsystems.sl/2010/08/22/emerald-resurgence/. Here's some selected quotes:

From this point on, there will be no ONE single person running Emerald Development.

As of NOW, All affiliation between Modular Systems/Fractured Crystal and the Emerald Viewer have been permanently severed.

The website will be hosted at EmeraldViewer.net and should be online and operational shortly.

This address the DDOS incidence, but as well addressed the concern voiced by LordGreg about close sourced questionable code.

About Fractured Crystal

I know Fractured. He is a friend. I know him for close to a year, but not well. We chatted on voice for about 5 or so times, sometimes for over 30 min.

He is not a bad, greedy, guy at all. From my impression of him, he seem to be another typical programer, easily gets excited about coding and technology, but have no interest or understanding about business, making money, at all. (i remember when he first implemented the C++ templates system in LSL, he excitedly told me about it, and we argued about programing technology like a hour, because i don't like C, C++ technologies.) In fact i have tried to talk to him about making emerald a commercial entity, but that line of thought is often thwarted when talking to programers.

I don't know why he did the DDOS attack. I'm sure it's a mistake. It's common for programing geeks to piss fight with their peers. Btw, DDOS attack isn't something very serious in the spectrum of all online crimes, but by all means it is not something one should do.

Fractured has now made a official announcement about this: http://blog.modularsystems.sl/2010/08/22/emerald-off-with-his-head/.

I would recommend that we forget about it, and thank Fractured for his past contributions, for as a leader bringing us the best 3rd party viewer by far, and made huge impact in Second Life. (Emerald brought us sim wide radar, breast physics, rez platform commands, click to tp, ability to disable tp blackout screen, cancel tp, … too many really useful ones to list) Hopefully, Fractured will come back later on and contribute code, when this is all forgotten. Thank you Fractured.

What's DDOS Attack?

DDOS stands for “Distributed Denial Of Service”, often just just “Denial-of-service” (DOS).

You know, when you visit a website, your browser sends a request to the server the site is hosted on, then the server in return sends the content of the page back to your browser. Suppose, the server on average gets 5 requests per second. What if all of a sudden the site got mentioned in all major news, and got swarmed? So, it suddenly gets 100 requests per second. The computer running the server software can't handle it, so the site becomes super slow, or crash. Effectively, making it out of service.

A DDOS attack is exactly just that. You let lots of computers to access the site in a short time, effectively taking the website down or making it too slow to be usable.

How Emerald does DDOS?

When you login to Emerald, you get a splash screen, showing you a sim screenshot, as well as news, right? That screen is from this site: http://www.modularsystems.sl/app/login/. So, everytime you login, Emerald makes a request to the ModularSystems. What happened was that, someone inside Emerald, modified the webpage so that the page also makes 30+ requests to another website “iheartanime.com” owned by Hazim Gazov (a critic of Emerald).

(for those familiar with html, it's 32 embedded iframes. See here: emerald_ddos_iframe.txt)

So, when each person using Emerald logs in to Second Life, the iheartanime.com site gets 30 requests. That's DDOS.

How many users are using Emerald? According various sites, Emerald users are about 20% to 30% of Second Life users. On a average day, there are about 40k to 60k users logged in (as can be seen in the viewer login splash screen.) So yeah, the DDOS is quite effective.

DDOS is not legal, of course. But one should understand this in making a judgement related to online crimes. In particular, simple DDOS as done in this incident is not some sinister, complex hackery, nor did this case involve viruses, trojans, etc.

Is Emerald Now Banned?

No, not really. You can still use Emerald, and my guess is that Emerald will soon be back on Linden Labs's 3rd-party viewer list.

For some detail, see this official blog from the Emerald team. http://blog.modularsystems.sl/2010/08/23/emerald-and-the-tpvd/

Qarl Linden Laid Off by Linden Labs

On other news, it seems that Linden Labs recently laid off some 30% employees, according to: Source. One of them is Qarl Linden, a acquaintance of mine. See: 〈and a linden is slain〉 (2010-08-04), by Karl Stiefvater (aka Qarl Linden), at: qarl.com.

I knew Qarl, somewhat. Been on his friend list for about 3 years. I met him thru Seifert Surface (For Sei's work, see: Math in Second Life). Qarl runs the sim named Q. It is a giant 3D cube, that is actually a maze inside. Check it out with friends, it's quite fun. It took me 2 to 3 hours when i first tried to solve the maze (without cheating). (this was before Emerald, and before i knew all about dashing thru walls and tricks.)

Note that Qarl is largely responsible for bringing us sculpties.

Corporate environment can be harsh. One day you are hired, is a hero, and next day laid off. (i was laid off in 2002 at Netopia, and still haven't recovered. LOL)

Second Life Gallery

  1. Introduction to Second Life
  2. Mont Saint-Michel
  3. Alice
  4. Non-human Animals
  5. Exotic Architectures
  6. High-tech Architectures
  7. Chinese Hell, Japanese Architecture, Full Rigged Ship
  8. Art
  9. Atomium
  10. Flying Ammonite by Bathsheba
  11. Seaslug Ride
  12. A Blowfly Ride
  13. Cybernetics
  14. Buy Lindens Special Offer
  15. Chthonic Syndicate Improvement Suggestions
  16. Sword Fighting
  17. Dancing
  18. There Be Dragons In Second Life
  19. US Eagle with Machine Gun
  20. Education
  21. Emerald Viewer DOS Fiasco
  22. Emerald Viewer Banned by Linden Labs; What Viewer to Use?
  23. Evil Lords In Second Life
  24. Fairies
  25. Furries, page 1
  26. Furries 2
  27. Furries 3
  28. Furries 4
  29. Second Life Furry Soldiers
  30. Second Life Combat: Military 2042
  31. Second Life Combat: Chthonic Syndicate
  32. Second Life Futuristic Cities
  33. Indoor Games
  34. Outdoor Games
  35. Pretty Girls
  36. Warrior Girls
  37. Nymwars: Google Plus Account Real Name Policy Debate
  38. How To Fight In Gor Sims
  39. Art of War - MLT Style
  40. Guys
  41. Second Life Hamster Ball Roller Coaster Video
  42. Gaming Headset Reviews
  43. How to Increase Frames Per Second
  44. Second Life Screenshot Gallery
  45. Second Life Gallery Thumbnails Index
  46. Leisure Activities
  47. Installing Second Life Viewer for Linux 64bits
  48. Battle Droids
  49. Transformers
  50. Droids
  51. Musical Instruments
  52. Mythological Creatures In Second Life
  53. Second Life Gallery: About the Screenshots
  54. Airplanes
  55. Politics
  56. Player's Frequently Asked Questions
  57. Architectures: Learning Centers
  58. Software for Video Capture and Screencasting
  59. semigod.com Dead Snow Avatar
  60. Second Life Combat Xah Videos
  61. Second Life Debug Settings
  62. Second Life Demographics 2009
  63. Dragonfly
  64. Second Life Outfit Links (Inventory Links) Explained
  65. Second Life Keyboard Shortcuts Cheatsheet
  66. Second Life Login Name, Display Name
  67. Second Life Product Market Value
  68. Math
  69. Math, page 2
  70. Math, page 3
  71. Math Lorenz Attractor
  72. Second Life Combat Videos
  73. Second Life Militaries List
  74. Second Life Military Map
  75. Second Life Problems and Improvements
  76. Second Life Rich List
  77. Second Life Shop: Froggles
  78. Second Life Viewer 2 Problems
  79. Misc Info On Second Life Viewers
  80. Shopping
  81. Shopping in a Fairy Land
  82. Superheros
  83. Tinies
  84. Toons
  85. Second Life Tech Warfare Guide
  86. Second Life Tech Warfare Guide Bot Info
  87. Xah's Edu Corner
  88. Xah Bump Squeak
  89. Chthonic Syndicate Dive Roll Movement Enhancer
  90. XstreetSL Item Disappears
  91. Zelda, Breath of the Wild, Inscriptions
  92. Second Life Dive Roll Movement Enhancer Comparison
  93. Soul Caliber Voldo Dance