Second Life Forums Archive - Security Issue secondlifegrid.net?

Kator Bergson

I'm freakin out man!

Join date: 24 Nov 2005

Posts: 125

04-02-2009 11:07

http://www.secondlifegrid.net/ is currently having technical problems... hmmm wonder what that could be? Perhaps cause they are using insecure opensource software to host it?
and yes, I know this image is gonna break this up badly but with the way the sl site itself is borked with posts, the image has to remain as-is.

The problem I see with this software is this, http://www.milw0rm.com/id.php?id=1088
there, your site is insecure and now it makes me wonder what kinds of insecurities the main secondlife.com website has concerning our user logins and such. I would really like to be informed about this as soon as possible for one I should NOT be seeing the default drupal favicon.ico and the fact it says drupal in the title bar does not help my confidence in this company that its lacking massively in that department anyway.

You use a third-party for age verification that has a bad history of "data mining" and selling our PRIVATE information off to other companies that want to send us bullcrap junkmail. And now I see this. On top of this the Adult content problem stacks along side the opensim debacle. SL is floating... and its about to get flushed by issues like this. Hopefully the secondlifegrid.net website is handled quickly however this leaves LL open to huge security holes that usually dont happen with privately worked software (because theres only one copy in the world for it unlike drupal which there are millions and SL is a high class target for malicious crackers out there.) Get off your laurels and work on our security, not your own.

_____________________

Briana Dawson

Attach to Mouth

Join date: 23 Sep 2003

Posts: 5,855

04-02-2009 11:11

huh?

_____________________

WooT
------------------------------

http://www.secondcitizen.net/Forum/

Kator Bergson

I'm freakin out man!

Join date: 24 Nov 2005

Posts: 125

04-02-2009 11:16

I orignally had to quickly edit my first post noting a friend i was talking to on AIM thier screenname was showing up in my taskbar, and to protect thier privacy I had to take down the image, black-bar it and repost it. should make some sense now.

Oh and I wonder if SL knows they are violating GPL by not having the wordpress copyright at the bottom of the secondlife grid status page?

_____________________

Paige Morane

Registered User

Join date: 15 Nov 2007

Posts: 1

this is rediculous

04-02-2009 11:24

ok i dont know anything real technical about computers, but when i find out that theirs holes in the system and MY PERSONAL INFO could be leaked out on the net, it makes me lose faith in the company. i cant afford to have private info sold to other companies. and wtf is it with sl lately? why isnt it working right? i crash at least 6 times a day (in a 5 hour period), my inv keeps trying to dissapear (luckily i know how to fix that) and the lag has gotten terrible!! ever since i downloaded the last 2 updates, its getting worse and worse. It seems to be that LL is slacking on the job here. but thats my own opinion. But, thanks to Kator, i have been informed of the holes and whats going on, and i can assure you that i may remove my billing info and other private info until thats fixed. seriously, stop worrying about all this other shit, and work on fixing all the petty problems that should have been done a loooong time ago!!!

Imnotgoing Sideways

Can't outlaw cute! =^-^=

Join date: 17 Nov 2007

Posts: 4,694

04-02-2009 11:33

Alt+PrintScreen grabs only the window you have active without capturing your whole desktop. Great when taking a shot of only one app. (^_^)y

_____________________

Somewhere in this world; there is someone having some good clean fun doing the one thing you hate the most. (^_^)y

http://slurl.com/secondlife/Ferguson/54/237/94

Kator Bergson

I'm freakin out man!

Join date: 24 Nov 2005

Posts: 125

04-02-2009 11:34

All this stuff too.. get ready for the kicker.

From: someone

After considering what to do next, we've decided to move our team's work completely into the public, with the hope that we can engage and support the open source community more directly than before, and move more rapidly in making SL better. We have created a new version of the Second Life client in a public repository where we will allow direct committing from community members alongside our own daily work. We have also created a new build system to keep this version continuously building when new submissions are received, with new builds available to everyone. We will also make this version available as a download alongside the official SL client, once we have it sufficiently stable. Additionally we will aggressively manage the quality of submissions to this new repository, working with the community to develop appropriate ways of testing, reviewing, and approving changes.

Basically by opening up the source code to the public with DIRECT COMMITS before screening can open up the viewer to theft of username and password. It only takes one stray line of code to be overlooked on accident before our accounts are all messed up 5 ways from sunday

From: someone

Alt+PrintScreen grabs only the window you have active without capturing your whole desktop. Great when taking a shot of only one app. (^_^)y

I have a rather large resolution monitor for a laptop, unfortunately that wouldn't of worked either.

_____________________

Imnotgoing Sideways

Can't outlaw cute! =^-^=

Join date: 17 Nov 2007

Posts: 4,694

04-02-2009 11:45

From: Kator Bergson

...I have a rather large resolution monitor for a laptop, unfortunately that wouldn't of worked either.

It do though. Just un-maximize the application window. Plus the most important part: You would have avoided revealing the AIM icons in the first place. (^_^)y

_____________________

Somewhere in this world; there is someone having some good clean fun doing the one thing you hate the most. (^_^)y

http://slurl.com/secondlife/Ferguson/54/237/94

Security Issue secondlifegrid.net?
Kator Bergson I'm freakin out man! Join date: 24 Nov 2005 Posts: 125	04-02-2009 11:07 http://www.secondlifegrid.net/ is currently having technical problems... hmmm wonder what that could be? Perhaps cause they are using insecure opensource software to host it? and yes, I know this image is gonna break this up badly but with the way the sl site itself is borked with posts, the image has to remain as-is. The problem I see with this software is this, http://www.milw0rm.com/id.php?id=1088 there, your site is insecure and now it makes me wonder what kinds of insecurities the main secondlife.com website has concerning our user logins and such. I would really like to be informed about this as soon as possible for one I should NOT be seeing the default drupal favicon.ico and the fact it says drupal in the title bar does not help my confidence in this company that its lacking massively in that department anyway. You use a third-party for age verification that has a bad history of "data mining" and selling our PRIVATE information off to other companies that want to send us bullcrap junkmail. And now I see this. On top of this the Adult content problem stacks along side the opensim debacle. SL is floating... and its about to get flushed by issues like this. Hopefully the secondlifegrid.net website is handled quickly however this leaves LL open to huge security holes that usually dont happen with privately worked software (because theres only one copy in the world for it unlike drupal which there are millions and SL is a high class target for malicious crackers out there.) Get off your laurels and work on our security, not your own. _____________________
Briana Dawson Attach to Mouth Join date: 23 Sep 2003 Posts: 5,855	04-02-2009 11:11 huh? _____________________ WooT ------------------------------ http://www.secondcitizen.net/Forum/
Kator Bergson I'm freakin out man! Join date: 24 Nov 2005 Posts: 125	04-02-2009 11:16 I orignally had to quickly edit my first post noting a friend i was talking to on AIM thier screenname was showing up in my taskbar, and to protect thier privacy I had to take down the image, black-bar it and repost it. should make some sense now. Oh and I wonder if SL knows they are violating GPL by not having the wordpress copyright at the bottom of the secondlife grid status page? _____________________
Paige Morane Registered User Join date: 15 Nov 2007 Posts: 1	this is rediculous 04-02-2009 11:24 ok i dont know anything real technical about computers, but when i find out that theirs holes in the system and MY PERSONAL INFO could be leaked out on the net, it makes me lose faith in the company. i cant afford to have private info sold to other companies. and wtf is it with sl lately? why isnt it working right? i crash at least 6 times a day (in a 5 hour period), my inv keeps trying to dissapear (luckily i know how to fix that) and the lag has gotten terrible!! ever since i downloaded the last 2 updates, its getting worse and worse. It seems to be that LL is slacking on the job here. but thats my own opinion. But, thanks to Kator, i have been informed of the holes and whats going on, and i can assure you that i may remove my billing info and other private info until thats fixed. seriously, stop worrying about all this other shit, and work on fixing all the petty problems that should have been done a loooong time ago!!!
Imnotgoing Sideways Can't outlaw cute! =^-^= Join date: 17 Nov 2007 Posts: 4,694	04-02-2009 11:33 Alt+PrintScreen grabs only the window you have active without capturing your whole desktop. Great when taking a shot of only one app. (^_^)y _____________________ Somewhere in this world; there is someone having some good clean fun doing the one thing you hate the most. (^_^)y http://slurl.com/secondlife/Ferguson/54/237/94
Kator Bergson I'm freakin out man! Join date: 24 Nov 2005 Posts: 125	04-02-2009 11:34 All this stuff too.. get ready for the kicker. From: someone After considering what to do next, we've decided to move our team's work completely into the public, with the hope that we can engage and support the open source community more directly than before, and move more rapidly in making SL better. We have created a new version of the Second Life client in a public repository where we will allow direct committing from community members alongside our own daily work. We have also created a new build system to keep this version continuously building when new submissions are received, with new builds available to everyone. We will also make this version available as a download alongside the official SL client, once we have it sufficiently stable. Additionally we will aggressively manage the quality of submissions to this new repository, working with the community to develop appropriate ways of testing, reviewing, and approving changes. Basically by opening up the source code to the public with DIRECT COMMITS before screening can open up the viewer to theft of username and password. It only takes one stray line of code to be overlooked on accident before our accounts are all messed up 5 ways from sunday From: someone Alt+PrintScreen grabs only the window you have active without capturing your whole desktop. Great when taking a shot of only one app. (^_^)y I have a rather large resolution monitor for a laptop, unfortunately that wouldn't of worked either. _____________________
Imnotgoing Sideways Can't outlaw cute! =^-^= Join date: 17 Nov 2007 Posts: 4,694	04-02-2009 11:45 From: Kator Bergson ...I have a rather large resolution monitor for a laptop, unfortunately that wouldn't of worked either. It do though. Just un-maximize the application window. Plus the most important part: You would have avoided revealing the AIM icons in the first place. (^_^)y _____________________ Somewhere in this world; there is someone having some good clean fun doing the one thing you hate the most. (^_^)y http://slurl.com/secondlife/Ferguson/54/237/94

Welcome to the Second Life Forums Archive

Security Issue secondlifegrid.net?