another huge attack .. sigh

To Carl Omlet: Yes, I totally agree with you. My mind is spinning at the thought that after so many costly grid attacks, LL still does not have sufficient tools to deal with replicators. They certainly need better auto detection and a way to turn off (grid wide) scripts written by a specific person, or temporarily shut down all replicating functions. The fact that they have to shut down the entire grid and or shut off all scripts to deal with these issues is ridiculous. It is not like this sort of attack has not been around for a long time! If it was the first time it happened I would say… oh someone thought of an exploit that LL didn’t think of yet. OK, a complex system like SL can’t be 100 percent fool proof. No one expects perfection in an experiment like this. But LL is doing a huge disservice to their paying tier customers to be this late in the game with no better means to deal with this than shutting down the grid or disabling all scripts.

Indeed, many SL employees work very hard to deal with problems as they pop up. I’m sure many people at LL had less than a full nights sleep. I fully appreciate their individual efforts. The problem is the management and long-term strategy of the company. They are being more reactive than proactive. Learn from past attacks and design proper tools to deal with the problems. We have heard several times now that the latest update will help solve the grid attack issues and yet none have yet accomplished this objective. Not only have they not been prevented, they also don’t have the tools to properly deal with them once they occur without disrupting SL for everyone.

One final request to LL. Please develop some sort of large red window that pops up in emergencies to inform people of things such as the fact that scripts are disabled. People tend to ignore the normal message of the day window. Developers such as myself had to deal with a flood of IMs from customers reporting that their smart doors stopped working or their interactive dance floor stopped working etc. They didn’t know scripts were disabled. Please develop an emergency broadcast message box that shows up in red that with one command LL can send to all online players and then also automatically pop up the instant players log in.

In light of these most recent attacks on the grid. I myself feel,that if it is possible,4-5-6 Islands should be created for non-paying accounts.The people there can't transport out, "any" scripts made availble to them can't leave those Islands,any "pay" accounts can request permission from the Lindens to open a shop/business/attraction so the non-payers can have some entertainment. As for those that have a paid account,well,the Lindens will have all your info and if need be so,deeply place some code into your machine so that no matter what your address....your banned,that computer can't log in and if you try create an alt,still that computer can't log in and if you try another computer to log your toon in,not only will log in fail(your toon being banned), but they will dump some code into that computer,so as to prevent future log ins.....just my 2 cents.

Technically this is already implemented its just what with the open nature of the sign ups for the adult grid its a little hard to keep the teens on the teen grid anymore.

For those who prefer hearing/seeing themselves talk rather than read:

From The Blog:

"There are several of changes going into the next release on Wednesday which should help slow down, if not eliminate, these types of grid attacks."

To Hok... indeed, the claim that the next update will help prevent grid wide attacks has been made on numerous occasions. (As I stated.) Perhaps this time the updates will actually work. I hope they do. I can't say the past record has me particularly optimistic though.

There use to be a time when the teens had there game and we had ours.........But now.....******************NOTHING BUT.**********6/6/06 was the start of the darkages.Never again would the game be the same........... never again would the game be in a peaceful state never again would useful people beable to work and help in a meaningful way for those that are REALLY new players.......All SL is now is Money Chair/Gambling........ Fake money Tree Newbies( Money Tree farms ). If you been to The Shelter resently there are so many fake newbies abusing the land and its monies etc......Travis and Lars has always provided newbies with great help.But these days the money tree farmers are not only taking advantage if the resources of money. But those same people are also bombing and grieft the club.........

They just randomly generate whatever they think will placate us because they know we're angry as hell.

The simple laws of information technology dictate that any time a security breach is found and resolved, those that make a business of exploiting and abusing said breaches have already found new and interesting ways to get around the fix or to exploit another unknown hole.

Push restrictions for land owners weren't out 24 hours before someone had worked out that fast moving non-physical objects rezzed at an agents position in rapid succession did exactly the same thing as the old push the push restriction protected against.

And most of us are tired of the blog, being "talked at" is the most degrading experience in customer service I've ever had period and I pay more to Linden Labs than I do in all my utility bills combined.

I snagged this from a post Yes, I totally agree with you. My mind is spinning at the thought that after so many costly grid attacks, LL still does not have sufficient tools to deal with replicators.

This oddly sounds like a bad ep of stargate *geeks* You remember the replicators kicking their ass alot?

Anyhow serious point .. I read over this and agree that free unverified accounts sholdn't be able to script. Sure people will look at me and go your unverified so there goes scripiting for you! Wrong I have two paid alts, I just couldn't see paying more money for SL as it is. If it isn't gerifing its some odd bug... And yes folks I been around for awhile.. about 3-4 months shy of 2 years.

So as I said do not let Free accounts that ar not verified script. If they want to verify their account make it something like 3-5$ dollars to do so that way they will still have to put money into it (Sure 3-5$ is pocket change to most and others like me its gold) But that would add up to the common greifer and finaly shut him down cause he got sick of spending all the money.

THIS is my two cents and my way to help stop greifing. If you want to rally behind my idea Someone go make a vote thingy and I'll slap my votes to it. Cause my way is a good way.

(Well edit here)
About the teengrid sure good idea, but even with a credit card I still seen teens on adult grid. I know I reported my handleful back in the day who was stupid enough to go on talking about it. So thats not gonna change if you bring back CC verfi ethier.

on 6/6/6, sl invited the evil to enter...

;p

this stupid attack cost me my market... yesterday i was tring to clean up objects that keep replicating on my land, right at the start of the attack (it had not been mentioned globaly yet), and as i kept hitting return others objects over and over to remove the hundred of objects that kept appearing, i somehow hit return group objects...

oops...

needless to say, i watched 4k prims prims vanish in front of my eyes...

anywho... maybe its time for a long sl vacation...

anyone interested in buying a chuck of the mainland?

Somebody, many posts back, had THE idea!! Its the method Google/eBay use for developers to gain access to the application programming interface (API), or in LL's case, LSL. LL could do the same thing here.. You can get a free unverified account, but that will prevent you from creating any scripts. If you want to use LSL, and write scripts for sale or fun, you sign up for a developer account, which can still be free, and LL issues a unique ID (UID) that must be used in say, the first line of your script, or that script does not run.
There were several other points made in the post that I'll not go into, but that seems like a great way to greatly reduce these attacks. Still, I think the best bet to reduce the attacks, is get rid of the totally free accounts.. Make EVERYBODY pay either a onetime $10 for a basic account, or $10/mo for premium. I suspect when one of these idiots gets his account banned for kicking off one of these attacks, he's gonna think twice if to get back on and do it again later, it's gonna cost him another $10... When I came onboard, in June '05, we still had to pay $10 for a basic account, and we had an extremely small amount of this BS... Actually, on the developer signup, I'd not lose any sleep if they did this for both unpaid/unverified AND paid/unpaid/Verified accounts... I think it would make tracking down the perpetrator of the attack MUCH easier.... Frankly, this has become the last straw for me.. When the grid comes back up sometime today (or tommorrow) I'm going to take pictures and a movie of my custom built home, and store the parts in inventory, and delete it, then put my 4608 s/m of land on the market, and when it sells, go back to a verified/basic account. I would never completely leave SL, as I have too many friends I'd miss dearly, plus several projects I'm working on that I'd miss, but I can't see continuning to pay $32.50/month for something that has soo many problems, and is unusable as much as it is. I strongly suspect though, that if a lot of paid residents get a gutfull, and downgrade to basic, LL may/will take that option off the table.... It may take something like that to wake LL out of their catatonic corporate slumber, and actuallly DO SOMETHING to fix these problems!! Actuallly, I'm sure the very sharp, rank-and-file LL employees probably have had these ideas or others, themselves, but the upper "brain-trust", namely Phil, and the "Ginsu" knives in the LL legal dept, have nixed these ideas.... Just my thoughts...


Tas

The real issue is the traceability of grief-causing troublemakers.
If there are real-world consequences to creating trouble in the
game, people will be deterred from doing it. There needs to be
a way to find them if they do it.

For people who have standard credit card accounts, that is a
sufficiently traceable identification. Not everyone in the world
(and it is a worldwide game) has that kind of credit card card,
so for the rest of the players, alternate means of ID should
be provided. The key is that the alternate means need to be
sufficiently traceable to find the troublemaker when the need
arises.

Thus:

- Over the counter pre-paid cards of whatever kind should not
be used for verification, since you can't trace who the user is.
In theory those type of cards should be filterable from full-up
bank issued credit cards with customer name and address info
linked to the account.

- Verification by mail can be done with an attached fee to cover
the processing cost. A check written from a bank checking account
serves as it's own proof of identity from countries which require
identification to open an account. For those who have no such
account, mailing a photocopy of suitable identification would
be an alternative (along with payment in some form to cover
processing cost)

- If you have no credit card, no checking account, and no photo
copyable ID, tough. Linden labs has no way to know who you
are, so you get a restricted account that can't create scripts, and
whatever other restrictions are needed to keep you from causing
trouble.

I'll bet its the old "Not invented here" excuse.. ie: LL didnt think of it, so it can't POSSIBLY work...

These cards are indistinguishable from standard credit cards. They all require registration. They can be traced to the user provided the user registers the card with valid info.

As I understand is all you do is go into any place inthe usa.Buy it come home phone inthe name and tahts it!? There is no real people behind the prepaid CCs?????????

they are the victim as well. lets face it, i have seen many posts guessing at the attacker(s)intelligence level, and while i agree it doesnt take a genius to spread aggravation, these people are just smart enough to use another's hard work to tke out the grid.



Usagi Musashi:
As I understand is all you do is go into any place inthe usa.Buy it come home phone inthe name and tahts it!? There is no real people behind the prepaid CCs?????????


not really it depends on who you get it from. the one i use has real people on the other end and is run exactly like most cc companies. others are gift cards, which means you pay the face value of the card and once its paid for its active. you can get them from almost anywhere. even online, and as one poster put it, they are treated as if you have an actual cc. i do not know where danielle(sp) has gotten her info on pre paids but the one i used asked for everything but my blood type. so thats not correct. maybe as i said earlier she is confusing gift cards with pre paid cards. with gift cars there is no way to verify a persons id, whereas with a prepaid once you give your info, and they do verify it(at least mine does)your pre paid cc is just as good as a standard credit card.

there are many who use the purpose/master card pre paid because it does have a decent customer service behind it. hope this helps Usagi

From a info website on prepaid cards:

"Many of these businesses don't want to do business with a prepaid credit card because there's always the risk that there won't be any money in the account when it comes time to pay the bill."

If businesses can tell the prepaids from the regular cards, so can Linden Labs

ok here it goes a pre paid IS JUST AS GOOD AS REGULAR CC. with one exception, credit cards have deferred payment, whereas pre paids the money is taken out immediatly. i have yet to have mine rejected in any form if the money isnt there,its tld to the customer right then and there. and yes i use a pre paid. when i have encountered the not enough funds issue, i put the needed amount on there. problem solved. so please a bit more info on the website you got that misleading tidbit from please.

I kinda wander what will happen if Linden Lab was to sell Second Life ot blizzard entertainment. They are pretty strict on hackers and fly their lawyers over seas to deal with it. They show no mercy. However that would probably end a lot of things we enjoy doing. Like scripting... I know they wouldnt want us doing that...

Okay, here is my idea to stop the griefing:

Disable scripting, not the scripts mind, just the scripting itself, and enable it so only Hired Scripters can Script items, thus, Linden Hires someone or a group of people that can script and only the Linden Scripters can then script.

We the consumer, go to the Linden Scripters and make a request to have an item scripted, the Linden Scripters then write the script and hand it to the person who wants to add the script to an item, the script being no-transfer no-copy thus rendering the item unsaleable and useable only to the person who it is written for.

Oh yes, no more sales of scripted items - score: Us 0 Griefers 1
No more scripting our own items - score: Us 0 Griefers 2
Having to run to a scripter everytime we want a script - score: Us 0 Griefers 3

No matter what is done, the Griefers win, making this no-win, one way does shut the griefers down though, but also shuts down allot of sales of scripted items.

*Raising shields and diverting all non-essential power, preparing for flames*

Meaning there is no name attached to the pre paycredit card when you buy it from a store.
Yes you have to call in but other then that thre is no information on file other then the phone number the person used to activate it.....( I am refering to Master card, Visa American express ect. The cards that look like cc.Not gift trickets........