Tuesday, March 22, 2011

Linden Lab is Slacking on Media Security

It seems most people have gotten back to business as usual in Second Life.  The atmosphere is one of optimism, music venues are once again starting to flourish, and retailers are enjoying a new surge of shoppers enjoying a sense of regained security.  But is this sense of peace really just a case of too many wearing rose colored glasses?  Yes.

It's wonderful that Redzone and Quickware Alts are both gone.  It's also great the Sparrow Industries has removed all alt detecting function from their products.  My fear is that people have been lulled into a false sense of security.  The truth is, the media exploit that allowed devices like these to function is still there.  I would be willing to bet there's others just like these, trying to detect alts and worse, working discretely on the grid right this very moment.  Redzone was out there and 'in your face', so it was easy to know who the enemy was.  Now, because others have seen zFire's demise, they've learned from his mistakes to work quietly and slip under the radar.

Thankfully, Sione Lomu coded a media security patch that requires anything trying to access your media or music to gain permission.  This is a huge step in the right direction.  Currently, there are three viewers that are using Sione's patch:

Notice anyone missing from this list?  Yup, Linden Lab.  Why is it that the TPV's picked up the media security patch rather quickly but Linden Lab hasn't for it's standard viewer?  Wouldn't you think they'd be the first in line to protect Second Life residents, not last?  I'm sorry, but this is seriously wrong.  Linden Lab should've made their own security patch long before Redzone existed and Sione made his media patch, and yet they still don't even have the protection in their own viewer.

I find this particularly disturbing as all new residents entering Second Life use the standard viewer and have no clue there even is a security risk.  Can you imagine how many newbies have inadvertently put themselves at risk?  Or rather, how many newbies Linden Lab has put at risk with it's lack of security and information for newcomers?

This shouldn't be tolerated by anyone, old timers or newbies.  I find it more than a little ridiculous that we have to rely on each other for security help and information while Linden Lab remains irresponsibly silent.

I urge everyone to continue to take responsibility for your own security and pass that knowledge onto others.  I also encourage everyone to keep the heat on Linden Lab until they finally do the right thing and actually start proactively protecting all residents.

Some resources:
Media and Privacy by Inara Pey
Media Security Notecard offered by Inara Pey

1 comment:

  1. Looks like the Singularity Viewer also has the media filter patch. It's a 1.x based viewer, too.