Casino owners' grid attack in progress?

Ah, well this thread looks like good news.. have just ARd same thing in Fourmile, so it looks like it'll get cleared up soon.

Two thoughts:

1/ surely something like this must be a kid... in which case bring age verification on!

2/ if not a kid then what the hell kind of adult gets a thrill out of this? Grow up!

That gives strength to my argument that all accounts must have credit cards on fall. I know it's not popular and I understand why but I believe it would make SL much stronger.

Before anyone wants to argue that they've been griefed by those with payment on file. I'm sure that's true, but it would greatly reduce the problem. Griefers could only switch credit cards so many times before they are done with.

IP banning would suck. Even if I have just one IP for the whole day I am FORCED to disconnect and reconnect and get a new one after 24 hours, and so is everyone who is on DSL.

@Raymond: They are...self-replicating crabs? I'd be careful and not wear sandals around them...

Had a replicator attack in my sim and around 50 surrounding sims on the Corsica continent a few days ago. First real parcel grief I have experienced. I tried to IM one linden about it and he told me to file an AR :/ Bureaucracy lover I suppose. Thankfully I managed to IM another linden who took care of the serious situation quickly. This is the best approach; Lindens have the ability to blacklist objects in order to stop replicator attacks pretty quickly. The trick is to find one online who actually cares about solving serious issues like replicator attacks.

IP-banning for this form of abuse is no different to that for any other form of abuse - Spam for instance.

In general Net anti-abuse, it is common to ban IPs and IP ranges that are the source of abuse. Often these include great swathes of end-user IPs blocked because some of the PCs using those IPs have been compromised by trojan/virus.
The activities of the abusers are the responsibility of the abusers' ISPs.
I hope that LL is following normal procedures and reporting the abuse to the responsible ISPs.
Those ISPs have the log resources to identify the RL user accounts concerned and take action against them under their own TOS.
If the ISPs do not prevent their users from abusing the Net, then the IP ranges stay banned.

It is not uncommon for users to pressure their ISPs to police the ISP network when they find that their traffic has been blocked because their ISP has not stamped on abusers.


The problem however is that LL blocking user access might not be enough of a problem for a bad/incompetent ISP. It would certainly come nowhere near the problem that blocking of their mailservers would cause.
It would be a good idea for LL to cooperate with providers of other online worlds to share IP blocklists.


LL have to do one of two things on a basic level:
A) Stop unverified signups, or
B) Ban abusing IPs, even if this bans innocent users


On a more complex level, LL could profile the pattern of activity of new avatars.
The avater who particle-bombed the sims that I was in last night was fresh out of the birthing chambers. There must be a behaviour 'fingerprint' for the set up of mass-manufactured griefing alts.

He got the 'weapons' from someone. If LL haven't stamped on the someone, and the someone next down the chain then they are clueless.
It's a case of "Follow the weapons" rather than "Follow the money".

As an aside, flying into the blizzards of dollar bills was a beautiful experience - for a while, I hasten to add!!!!.
I flew in and out, below and above.
It could be described as art - Really quite beautiful patterns. However it is possible to have too much of a good thing WAY too much.



In Black, there were a pair of sources, both playing Hava Nagila. Before I turned off particles so that I could AR the emitters, it was fun to fly into the blizzards to try and trace to emitters by sound volume. Interesting doppler effects as I few past them.

I got two nearby avatars to submit ARs at the same time as myself.
The emitters disappeared a few minutes after we ARed. I assume it was LL, as the parcel below did not have auto-return. It did have no-build, but had object entry.

The objects spewing out dollar bills was created and owned by the alt that was born same day. Even still called 'object'. My guess is they had the scripts stored on their harddrive, cut and paste into a new object... no fingerprint trail whatsoever... and certainly no noob.

Concierge level support was a godsend!

The fingerprint is the script coding itself.

Since LL holds the data, they could set up a system to ban anyone using a particular script.
Basically, we need an SL virus-scan.

Every time a greifer gets shut down, another greifer-script goes into the file.

Then you may just hope that never someone at your Internet provider does something wrong within SL, because if that happens you may find a message "unable to connect to Second Life" on your screen.

IP banning is no solution at all.

Morwen.

So you say that everyone on DSL gets a new ISP if he/she want to (after 24 hours)?

That is not correct, with my DSL account comes one IP number. It can be changed or reset (only by my ISP itself in matters of abuse).

My ISP is not unique in that I have been told.

Morwen.

(At least in the US, most DSL providers charge extra for a fixed IP. Otherwise they're handed out to your gateway router by DHCP.)

Hardware veification could be done to identify the culprits.

The downside to this is that whenever you upgraded your hardware, you might need to run a quick software verification program and re update your LL hardware files.

Not a big price to pay if they could start nailing these dimwits.

and sure, the griefers could go out and buy new hardware to get around this, but I suspect "mom and dad" wouldn't foot the bill for that. (not very often at least)

*giggles*
The world is a little bigger then the US *teases*

Over here with the bigger and better providers a fixed IP number is very normal.

Morwen.

Maybe they should prevent script creation and script editing for people without payment info on file.

Yep, that's why everyone else now just tp's out and lets it burn, someone important will fix it

These attacks were the result of the efforts of one griefer group that calls themselves the Patriotic Nigras. The leader of the group was the guy that designed the money bomb, and goes by the handle N3X15. You can easily find this guy on the internet.

This same guy created a modified version of the SL client he calls "ShoopedLife", and it's what enables the PN to evade hardware bans. Used in conjuntion with proxy systems such as Electronic Freedom Foundation's ToR, they can just come back again and again despite getting hardware and IP bans from the Lindens.

This one group is responsible for about 80% of the griefing in SL, according to some Linden sources I've spoken with. And this one fellow is enabling them to do it, and is the only reason they're still able to log on.

In providing a large group of teenagers (he can be prosecuted as an adult himself) with the tools to circumvent Second Life's security to gain access to the grid, he's violating the Computer Fraud act of 1984, materially assisting others in doing so, and contributing to the delinquency of minors. Since some of the PN are in Canada, Australia, the U.K. and other countries, it becomes an international problem, which you'd think would invoke the interest of the FBI.

Now, there's a catch there - there has to be over $5000 USD in monetary damagers. However, since these damages are cumulative, and can consist of server maintenance and repair costs due to the actions of an individual spread out over months, it's highly possible that this young man has caused literally tens of thousands of dollars worth of damage to Linden Lab in terms of the accrued support costs.

Maybe Linden Lab could tab up all the damages from the PN raids since January and add it all up and see just how much damage this one guy is responsible for, and perhaps justify taking legal action. This particular griefer does live in the United States, so it's not completely outside the realm of possibility.

Of course I'm no lawyer.

But maybe this is something they haven't thought of yet. If N3X15 were taken out of the equation, the ShoopedLife client would cease to exist with the next required software update, and a LOT of the griefing would simply stop. It would certainly help Linden Lab stop hemoraging cash over this.

Drama queens.

I can see how use of a custom client would enable evasion of hardware bans.
However there shouldn't be any hesitation on LL's part to ban the IP ranges of any anonymising proxy services used for abuse. In theory at least, all users have supplied truthful identity details to LL on signup. They don't require anonymity in communications with LL servers.