To quote the Blue Beetle...

BWA HA HA!

Someone remind me, who was the first person who realized physical, self-replicating spheres could crash a sim? Who was the person who posted this in the forums, and had the thread deleted by a Linden? Who was it that got called an evil hacker for sticking such a warning in his signature for months?

Oh, let's see now... IT WAS ME! I predicted this crash months -- MONTHS -- ago, and got called names for it. Got snubbed by the establishment. Well now I'm going to sit back, think of fifty new ways to crash the grid, but this time I'm not going to bother trying to warn you schlubs.

Bwa ha ha! Bwa ha ha!

I would like to sign up for your mailing list. Do you have a newsletter?

The question that comes to my mind is - would these fewls have figured out the technique on their own if you hadn't made it so easy for them (posting the method in your sig)?

Would they have figured it out eventually? Maybe. But I think you may have inadvertantly contributed to making this happen sooner by posting your findings publically.

We'll never know for sure. But bad form on the 'Ha Ha I Told You So'.

Hmm, should we call for a pre-emptive ban on THIS fool too?

Public security advisories for software are normal these days - absolutely 100% normal. There are a lot of sites that do this. So why should it be any different for Second Life?

The secret squirrel approach isn't good. And I have to disagree with you Travis - what was done is hardly brain surgery. I doubt Jarod's posting had anything to do with it - after all it's something that any scripter could do in 5 minutes.

I don't think it's bad form on the told you so either - maybe LL should take things like this more seriously when highlighted to them.

script is posted in another on topic thread atm, i believe

Around 5 or 6 lines of code at a guess? I'm really just suprised it hasn't happened before.

pretty much and yup

Thinking about it somebody should setup a Second Life Security Advisories web site. Maybe that would encourage LL to take things more seriously and address those issues that are really to be considered security flaws, or flaws that can be exploited for nefarious purposes. For instance, today I realised that the parcel return bug, where items aren't returned last-in-first-out, still exists months after being brought up. That's something that can be used to ruin people's builds and compounded the problem with the recent service griefing.

So something maybe needs to sharpen the minds at LL where such matters are concerned?

If that 5 or 6 line code block is all there is to creating this kind of fiasco, and that is all Jared was eluding to in his previous sig entries..... I respectfully retract my earlier comments.

AFAIK, Christopher Omega, way back in 2003.

This thread is awesome just for Blue Beetle references.

Kooey Kooey Kooey!

In which case it makes the in-action even worse then to allow this to happen 2 years later, and so easily still. Mind you, I'd heard that there was supposed to be a 4-generation limit in effect. Does anybody have any more information on that, as I guess it's broken if it even exists.

I only heard of this too. I had been digging for historical info sometime ago but didn't come up with anything, so I paused on that thoughtline for the time being.

In fact, I once made a self-replicating temp-on-rez object specifically for the purpose of getting around object autoreturn once.

Absolutely no harmful intent - I was doing it in a sandbox environment for the specific purpose of seeing if it could be done, and a simple manual return easily killed the loop - but it wasn't all that hard. Just like the snippet someone posted earlier, have an object with a copy of itself inside, rez the copy, give the parent's inventory to the child, repeat.

when i owned a private sim, i did this a few times to see how a scanner/satelite network could be created.

filling the world up with objects (even with a 4 generation limit) is easy. also, some temp on rez object properties seem to get reset when they cross sim boundaries.

Eh, people had things that were crashing sims waaaaay back..

In summer '03 I saw this curiously labeled cube sitting on the ground on public land.

I took a copy of it.

I went to my home sim at the time, Immaculate, rezzed it and clicked on it while Lynn watched. The next thing you know - it starts building a tower - and building, and building and building...

Then it tumbles over, covering the ground with prims, and crashing the sim.

Pete inadvertantly crashed the rental sims during Lynn's prehistoric flea market - his volcano went wild and started shooting out 10's of 1000's of rocks - Andrew got 1000's of emails from what I heard!

Edit: StoneSelf IS alive!

Crashing sims is one thing, crashing the entire grid for 3 hours or so using such a simple script is another. I'd like to know more about the 4-gen limit I've heard mentioned, as that would seem to be a good solution if it actually worked. It wouldn't stop it completely but it would certainly slow it down, and that's important when trying to get a handle on a situation.

100^4 = 100,000,000

I agree.

Jarod did use the singular though, and extrapolating from what some have stated here with respect to crashing a single sim - one could imagine that it should be possible for multiple sims or the whole grid as well.

Ooh, nice maths. I'm not sure the 4-gen actually means that though. From the conjecture I've read the 4-gen implies that the object that's rezzed inherits the generation of the parent. Which would mean the following:

1 object rezzes 1 object = 2 objects (all at 1st gen)
2 objects rez 2 objects = 4 objects (all at 2nd gen)
4 objects rez 4 objects = 8 objects (all at 3rd gen)
8 objects rez 8 objects = 16 objects (all at 4th gen)

The End as all objects are at 4th Gen.

That was my interpretation, as if each newly rezzed object was reset on the generation then the impact is slim to nothing.

I'm sure there must be legitimate reasons to rez past this but I can't think of any from my own experience.

The problem isn't completely solveable but with such a limit the problem would not escalate as it appears it did yesterday (or today, depending on your time zone).

Actually I'd of thought that there should be enough resilience in the system to not allow such an easy exploit to crash the entire grid. I'm obviously wrong but I can't help feeling I shouldn't be wrong. This shouldn't be possible. Single sims yes, I don't think you can do anything to stop that, but the whole grid? So swiftly and easily? I'm having difficulty thinking that that's acceptable. And it's not a new exploit. It's almost one where LL relied upon the good nature of the users not to exploit it. Second Life can't continue like that, and I'm sure this isn't the only simple exploit that could cause such problems.

I'm guessing as well that timing might have been good for this. Last night for me (GMT, a good 9-10 hours before this happened) I was having really bad asset server problems when I was in-world with scripts unable to save because of asset server problems, going into sims where my objects weren't rezzing for me and a lot of smoky grey texture because textures weren't downloading, as were others I spoke to. The inability for the system to scale, which has been evident for quite a while now, I suspect would of made the problem worse, as it appeared it was already stretched before this happened. When I first saw posts about what had happened I thought it must of been going on whilst I was in-world - but it appears it was well afterwards, so it had nothing to do with the stress the system was under then, although I guess that didn't make it any easier at all.

Mind you, at least we've heard of a new 'space' server as a weak link. We've had squids, the asset server and now the space server as weak points. How many single points of failure does SL actually have?? And why aren't such simple exploits fixed? Just like the lack of last-in-first-out prim system on parcels, which is a bug as has been admitted months ago. Oh and we were asked not to post about it. My bad.

i object can rez way more than one object. actually a single object can spawn as many objects as the sim will allow.

limiting llrez() it to one object would break many automated building scripts with legitimate uses.

i use llrez() for up to 1000 objects to build an amphitheatre, and geodesic domes, and i used it to make a tree that was 100 meters tall, and a fractal tree.

Yes, but still you're limited by the sim and also it would take 25 minutes to rez those 15,000 prims (with the .1 section delay on llRezObject()) plus, they wouldn't be able to rez unlimited further generations each, so it wouldn't constitute the problem it did last night simply in terms of speed of growth.

The 4-gen thing wouldn't stop an object creating 15,000+ objects, but it would limit the rate of growth a lot because of the inherited generation that would limit how much further they could self-replicate. And it would also provide time to realise there was a problem. After all such an event should have built in catches to alert the grid monekys that an object is self replicating - that surely is not difficult. Even if it means taking the grid down for 30 minutes to remove the item, that's much better than 3+ hours.

And then, why not up the rez time delay to .5 seconds? Then it would slow it down even further.

Missed that in my previous reply. I never suggested limiting it to one object - that was just a simple example I used.