The Hydra: Privacy Problems Expand as Linden Lab Play Catch-up
How the Lab's refusal to deal with overall issues of privacy has come back to haunt them.
Philip Rosedale, the founder and twice CEO of Linden Lab, is a decent guy. He’s smart, creative and charismatic. He speaks with an infectious fervor that spreads amongst people who listen to him. It’s difficult not to like him. Philip is also an incredibly idealistic man.
It is because of that idealism, perhaps, that Second Life is facing the monstrous problem it’s tackling right now.
Idealists want to believe the best of people. They believe that people are basically good and will do the right thing if given the chance. It’s because of that idealism that the rules about privacy in Second Life, while extant, were not particularly clear or specific. Furthermore, even the ones that are actually codified have been enforced with, shall we say, a bit of a lax hand, or at least one that is wild in its inconsistency.
While the big story of the last several weeks has been Redzone, as I pointed out last week, Redzone as a product is only a symptom of a much larger problem. The problem, overall, is the fact that Linden Lab has never adequately dealt with issues of privacy and security from the beginning, and now that’s coming back to haunt them.
Sure, there’s plenty more to talk about on the Redzone front- it’s become almost its own daily soap opera. There have been made for TV movies produced with far less compelling content. But, as I and many others have been saying, until the core issue is addressed, this problem is going to keep coming back like a hydra. That’s what’s been happening now, as it has become clear that there are numerous individuals seeking to sell out other people’s private information at a profit. So far, the Lab has only just begun to start dealing with it- and, as yet, has not gone nearly far enough.
I feel badly for Soft Linden these days- he’s up to his eyeballs in abuse reports and paperwork. Soft is the Linden Labs employee who is their go-to guy for security. He’s been fighting the good fight here. An uphill battle for sure, whereby he is distinctly outnumbered by those who wish to downplay recent events. He has requested several times that Second Life residents aid him in this fight by sending as many abuse reports as possible on items that are in violation of Second Life’s Terms of Service and Community Standards.
There’s something a bit upsetting about that, though. It’s the thought that he’s not being given free rein to do what he knows HAS to be done here- and I think he does. He’s being tied up by bureaucracy, and the overall effect is frustrating for everyone (including him, I’m sure, though I’ve spoken to him exactly once in my life for about 3 sentences.)
Lift the Rock and the Bugs Scatter
That, and the worms seek to go underground.
While the initial RedZone scandal broke, there was another, very similar product, called Quickware. When Redzone got pulled from the SL Marketplace the first time, Quickware did also. However, the maker of Quickware, unlike zFire Xue (the person behind RedZone) stayed quiet, and waited for the initial furor to blow over- or so he thought.
Resources
Analytics The 2023 B2B Superpowers Index
Analytics Data Analytics in Marketing
Digital Marketing The Third-Party Data Deprecation Playbook
Digital Marketing Utilizing Email To Stop Fraud-eCommerce Client Fraud Case Study
Last week he put Quickware in its intitial, now entirely noncompliant with TOS format, as Quickware Alts Pro, designed specifically to do exactly what RedZone was busted for in the first place- scan people without their knowledge or consent and reveal potential alternate accounts to the owner of the device.
Soft Linden and company came down on Guy Quicksand (the owner of Quickware) hard for that, ripping the device from both inworld and marketplace sale, after a boatload of Abuse Reports were sent by residents.
This led to the following “news release” being sent out by Guy Quicksand (all spelling errors are his. I still can’t figure out why people marketing spyware can’t figure out how to use spellcheck.)
QuickWare News.
Unfortunaly we have to anounce that due to the new TOS we have to make some changes.
I think most of you heard of greenzone and there fight for privacy. Linden Labs changed there TOS wich does not allow the disclosure of alternate accounts anymore. In the QuickWare shop there are many people filing abuse reports, so there is a big change that our system will be disabled soon by Linden Labs.
Hoever;
We will continue our battle.
All alt detectors made by Quickware are tracable up to version 2.6 as beeing a QuickWare detector.
Greenzone made software to block us and there are people that will file Abuse reports on simowners using it.
This is all too bad, but we have found a solution for this.
You can get an Update for the detector you have now.
This Update will be less advanced as the ones you have now.
But it has some features that you dont see, that make this new version undetectable and untracable.
I will not clarify here what these features are.
The Alt detection system is sold and will be taken care of by somone else. Guy Quicksand will not be giving support anymore, nor is his support team.
All regular users can request the new Detector by email; [email protected] Please make sure you write down your username correctly, do not use your scenename!!
The battle continues…
No sooner did this occur, than a new account, AltDetector Resident (how inventive!) showed up on the scene, sending out notecards to Quickware users, giving them additional information on how to… well continue doing all the rotten stuff they’d already been doing. That didn’t last long either, as the Lab quickly banned that account also, as well as Guy Quicksand’s original SL account. Guy wasn’t very pleased by that (bolding is mine for emphasis- spelling errors are his entirely):
Posted by Guy Quicksand on March 08 2011 22:38:24
Today 8th March,
All my accounts where banned/blocked by LindenLab after i sold the Alt detection system source codes to somone else.
This person send all custommers a notecard for updates..
Personally i had rather seen them not doing this, but hey … SHIT happens.
All other products should working as they suposed to do.
If you have questions about your alt detectors inworld, you can email to [email protected]
For other products you can directly email me: [email protected]
Linden Lab left me with nothing to protect, so you will hear about me in the future again.
Allthough i hope that LL will unblock my accounts so i can help all my custommers inworld, and my businesses i have with this avatar.
I will see what happens next 2 days, if my account does not get unblocked, i will start coding again, but without concidering TOS.
I hoped that i have informed you the best i could,
Best regards, Guy Quicksand
So instead of eliminating the TOS violations… he SOLD them to someone else(presumably himself, under an alias.). When that didn’t work, the attempted to blackmail the Lab, ironically saying he was going to code without “concidering TOS.”, when his original product wasn’t in compliance with TOS to begin with.
Even funnier, if you go to the quickware site right now, you can see he’s firmly allied himself with.. the side he was always on to begin with:
Banned on secondlife?
… Yes i am still in secondlife …
Cut your losses and start with a new avatar…
We are providing anti ban solutions for secondlife now.
Linden Lab does record hardware Id’s. With this Id they can indentify all your alternate accounts. When you get banned they can disable all your accounts based on that ID !!! Trust me i know 😀
Hardware Bans – We provide a unique hardware ID for every single avatar. – Even if you use them on a single PC your avatars will all have a Unique ID. – Dont have your avatars linked in LindenLabs’s databases, use our service.
IP Bans – We provide superfast networks that changes your IP easely.
Using both Linden Lab can never indentify you, not by hardware ID nor by IP 😀 It will also seporate your avatars on beeing identified as alternate accounts. The services can be ordered seporatly.
For info: [email protected]
So now, it’s clear that his entire purpose is to help people trying to get around Linden Lab’s hardware bans. Are we clear on which side he’s on now?
Not to be outdone, yet ANOTHER product designed to invade privacy the same way that RedZone and Quickware have, has been put on the market- this time from a Second Life Resident hailing from Greece(with the EU’s new laws on privacy protection, this guy may be in serious trouble.) Sparrow Industries, owned by Jacks Sparrow (again, how creative.) blatantly touts alt recognition and disclosure in his products, as reported by Theia Magic, here.
In the midst of all of this, there was ANOTHER product, doing the exact same thing that was hurriedly released to marketplace by Gzoa Resident and pulled back down after a wave of abuse reports made it to Soft Linden’s desk, and the account banned.
Apparently, there’s a bit of an infestation here. One that until now, the Lab has chosen to ignore- but the screaming is getting louder outside Linden Lab’s Battery Street headquarters and they’re not going to be able to ignore it this time.
Redzone Redux
This week, the news about Redzone itself got downright bizarre. On March 8, a youtube video was leaked to several people by an unknown source. If you *really* want to follow the whole confusing mess, you can go here– bring a scorecard- it gets very confusing. Here’s the bottom line though- the creator of RedZone, not content enough to take the money, shut up, and run, appears to have made a video in August of 2010, talking to someone named Mariana about using failed login attempts on his website (isellsl) in order to test them against Second Life passwords and gain illegal access to those accounts. Understand this would largely mean that he’d be looking to break into the SL accounts of his own customers(something many of his hard core followers have yet to figure out.) You can watch the original video here (and embedded below).
It also turns out that both zFire and Mariana (the person he appears to be addressing in the video) are both members of an inworld group whose description follows
“The only real Syndicate in SL.
A bold statement, by a true blackhat with a RL background.
The SL MARS Syndicate is to network a worthy group of people who each have a speciality to bring to the table.
Collectively creating more powerful organization for the accumulation of enjoyment, monetary gain, security, exclusive social networking, and good times with good people.
by invitation Only.”
Anyone with the brains of a turnip would have deleted this trail long ago, but that didn’t happen:
Of course zFire tried to deny all of this on his own forums, claiming YouTube had been hacked. Funny thing though, that the account that created the video was created *four days before* his own personal account in 2008, and as each video to corroborate the evidence was uncovered, it was quickly made private. zFire has since tried to claim that the upload dates on the video were forged. Sadly for him, that question was asked directly of YouTube by Jolene Benoir, here, revealing the following:
Question:
Is it possible for someone to retroactively change an account sign up date? Someone is claiming this may have happened.
Answer:
Not possible.
——
This goes hand in hand with the link I pasted earlier in the thread.
Question:
I would like to know that is there a way to upload a video on the Youtube with an older date form the original date?
Answer:
The only “why not” is that it’s an automated system, and that’s how it works. An upload is given a time stamp when it starts uploading. That time stamp is a permanent part of the upload. It cannot be changed.
Time to Call in the Exterminator.
At this point, it is clear that the damage being caused to Second Life, its residents and the Lab itself, particularly with their recent move to the new Lithium platform for their forum, which ties in with Facebook and Twitter over this issue is spreading, and rapidly. The rock has been lifted now, and the vermin are scattering, many choosing to stand firm and go down with the ship. In fact as of this writing, zFire Xue has *once again* listed RedZone on marketplace (the device phones home when it is activated and the most recent version sent, so it doesnt matter which version he’s actually selling).
The Lab is not(predictably) communicating with Second Life residents nearly enough on this issue- the JIRA as regards this issue is *still open* and ongoing, and even though I truly believe Soft Linden is doing all he can- the fact that he isn’t doing MORE is very likely the fact that he’s being prevented from doing so.
Screw Idealism
At this point I’m going to say with all due respect for Philip Rosedale and his vision for Second Life that the time has come to stop screwing around and deal with reality. It is time *right now* to create FIRM agreement between the TOS and Community Standards, and ban specifically ANY device that has the ability to attempt to match or correlate alt accounts by any means, and give Soft Linden the power he needs to simply rip these things out by the roots the moment they’re found- no discussion necessary.
This problem is tearing the grid apart. People are refusing to turn media on at all- they’re too worried, and even with Sione’s media patch, which is making its way into viewers with a slow certainty, most people are not technical enough to be able to discern what a safe media stream looks like from a malicious one. Considering the prevalence of music venues in SL, this could easily cripple the economy.
This problem has the potential to deeply create long term damage for Linden Lab. Second Life is not ubiquitous, like Facebook. It cannot afford a privacy scandal of this magnitude. The Lab must act- and soon, before it’s far, far too late- if it isn’t already.