Current "permission exploit" issue and unable to post to blog

Posting here since for some reason I'm not able to post to the blog - never have, fo figure. All me permission to post to blog please, as it's a feature I'm supposed to be able to do but yet never have been able to do.

Exploit found: Well the update was on Wed. Today is Sat. So that makes *counts on fingers* 4 days if you count Wed and Sat since this exploit has been active in world. (lets eliminate Sat and reduce to 3 days for the sake of argument since we all pretty much know today is a riteoff for game play) So, it's taken 4 days without us knowing about it before something was done about it in an 'emergency' shut down process.

Concerns:
2) I am to assume that for the past 3-4 days my products could be victim of this exploit and now I have a few things to look forward to:
a) People wanting refunds on items they received as part of this exploit but yet they didn't purchase. Of which I had to deal with before with the another exploit bug and then had to sit and stress because I was going to be AR'd for 'improper business practices' in world.
b) People freely passing around products that they may or may not have purchased from any of my vendor locations which will in turn diminish the value of the product.
c) The possibility of any product(s) showing up in the Library which will make it readily available to anyone who checks there, which in turn will totally eliminate any possibility of me continuing to sell that product(s). If you think this doesn't happen, check your Library and see under the "Clothes" folder for items which are in fact being sold in world and were *not* given permission to place as a 'freebie'. One girl I know who's clothes are there has yet (that I'm aware of) been given any type of compensation for her clothes being placed there for all of SL to use as freebie.

My questions is this ...
1) How are we to handle those who come to us for product support on any product(s) that falls victim to this exploit? We need tools to help our customers as well as to protect ourselves from those who take advantage of the permissions exploits and demand refunds, exchanges, product support in any fashion. All we can do right now is verify if the sale was done by checking online accounting. But then we all know that's not reliable since not every sale is registered. I've in fact had processed a sale, clicked OK on my little Blue Box to tell me that a sale went through. Saw the money hit my in world account. Nothing (not to this day) is registered online website.

2) How are we to handle the many AR reports for improper business practices that could be listed against us because we can't verify if the product(s) is from permission exploit or that the online transactions isn't updating and we can't see they've actually bought the product.

3) After all this and said is done, how the hell are we to continue doing business feeling 'safe' that our hours and hours of dedication to our inworld businesses and client base that some of us have worked year(s) on is stable and that our reputable business names aren't trashed with all this. No one who's used the exploit or knowingly has accepted product(s) via the exploit is going to readily ADMIT to it. But yet they will be the first to go and bash any business who doesn't succum to their demands of service.

I'm not going to pitch a fit about the grid going down and the way it's done. I'm tired of doing it and it just depresses me. But this exploit *should* have been handled and verified BEFORE it went to the main grid. That is *supposed* to be the purpose of preview - test known issues, test new options, TEST SECURITY EXPLOITS in any fashion. But then again, this version was "live" on the preview grid for about 12 hours before it was shoved onto the main grid. The preview grid doesn't hold ANYWHERE NEAR the load that the main grid does, so why do you think that preview can actually handle a 'live' preview is beyond me. I'm no developer (thank the gods) and i'm no programmer of any sorts, but I do know (along with the rest of the second life world from reading the thousands and thousands of posts) that preview is a waste at best and that LL is seriously dropping the ball.

You created a fantastic world for us to live in. You've given us fabulous options to make our lives in SL better and enhanced. Now follow up on it. Permissions Exploit is a *huge* issue in SL Commerce, doesn't take a developer or programmer to know that. Check the damned permissions before release is issued. I'm still trying to recover from the last one which put a TON of my products free content. The severity of that financially, I'll never know. And certainly won't be looking for any form of compensation from the responsible parties - LindenLabs, as we know very well it just won't happen.

Protect your people who's into commerce in world. It's a simple request and it's not that hard to follow through on.

I guess my own humble opinion is that it is simply not possible or realistic to think that it will *ever* be possible to feel that an SL business is 100% "safe".

I've been in SL for a very short time compared to you, and I've already seen an overwhelming amount of evidence that no SL business of any size is safe. I guess you have to have other, perhaps more personal, reasons to wish to try running a business in-world.

I wish you and the other residents who have so much at stake the best, and sincerely hope that I am proven wrong over time

You are not alone with your concerns. I have been speaking with other designers and no one is comfortable with our products being out with full rights and not ever really get much input.
I know for myself and some others the thought of just stopping all sales is not only already being done by some, but being considered by many more including myself.
Is it worth the risk to have full rights of products that have taken weeks to create?
Talk about the revenue lost here! Not only sales but all the monies paid out for rent and in land fee's!

It's very clear that LL has some serious issues. If the grid is closed more then 24 hours consectively they are required through TOS to refund us the time down. So, this is why the big rush of re-opening the grid occures. The question is, is this hurting us more then helping? The only logical thing to do, is shut down SL until it is completely fixed! If you have to not charge us for a little while its the least of your worries! Stablize the grid and fix it to ensure to your customers that you actually care and are doing something about this!
If we all have to shut down our sales then its only a matter of time before we all stop being paying customers. Instead LL add's refer a friend bonuses, I would not refer anyone under any circumstances until you can prove that all of our hard work in not in vein.
So, if anyone has other suggestions for retailers then please let me know! I hate to have to shut down everything, but to me the risk is not worth it.

I've actually not seen that in the TOS and would like someone to find it.

3.8 Service Credit for Unscheduled Downtime. You will be eligible to receive Service Credit toward recurring service fees (e.g. monthly account fees, 90 Day account fees, annual account fees, and land use fees) for Unscheduled Downtime.
"Unscheduled Downtime" is an unplanned or unscheduled interruption in Service availability for a period of at least twenty-four (24) hours during which you are unable to access the Service. Unscheduled Downtime is measured from the time the Service is 100% unreachable for a period of at least twenty- four (24) hours until Service is once again restored. The following are excluded from the calculation of Unscheduled Downtime: (i) scheduled maintenance downtime; (ii) problems outside of our Service (upstream providers, or your inbound connection) not affecting 100% loss to our Service;

Awesome, thanks. I tried searching the TOS for things like "24" "hour" etc. and couldn't find it.