Privacy – lost in SL?

ok .. so  I kinda had a plan  that I  wanted to  write  about my  new life in InWorldz.  The best laid plans and all that …

So  anyway most of you  know, or at least the ones that knows me, that I primarily  reside in InWorldz now. I do  however  drop by SecondLife now and then. Actually I  just  rented some land of a good friend to set up a yardsale to  get  rid of some of my  inventory, ya know for good measure and all that . (Yardsale to be found at Onyx << shameless plug)  I also  keep  half an  eye on the  SL blogums  and the other day  I stumbled over a post in  there where the debate  was heated due to a product called RedZone.

Now  not all might know of this little “gem”. What it does is simple, it uses the  media to  log your IP and then  conect that IP with  other accounts using same IP. Why,  you  might ask … well  the  creator is a  heartfelt  person that  belives all  alts are the  spawn of satan and should be dealt with accordingly, ra ra and  something jazzy  insert here. We all know that Alts are  only  used for  copybotting and stalking and giefing ..  isnt that so ? I  mean common,  no honest person  would ever  have an  alt, would they? … if ya sensing a bit of sarcasm here you might  just have  the right sensors on *wink, wink*

Well RedZone isnt the only  boy on the block, Gemini CDS and a new boy QuickWare Alts Pro also  claims to  be the pillar of  the virtual society. All they want to  do  is help you get rid of those pesky alts. And thats great isnt it ?

WRONG, WRONG, and  more WRONG. See what these  nifty  gadgets are doing (and  do excuse me for using plain  english as Im  no techie)  is they are  sitting on a sim, placed there by, well  anyone that  will  buy it really, and waits ..  untill someone comes in  range. For  RedZone and Gemini CDS that means  Region / Sim wide scans, QuickWare  claims only to  scan  on the  individual  parcel of land it is put. Now It wont tell you its logged you, nor will  it ask  permission to  log you, nor will you  be allowed to be taken  off their lists which  incidently they  keep on  their own  servers.

Ok you say  but my IP is public anyway so they arent really doing anything illegal.

Erm yes your IP is “public” in  that sense that your visible  on the internet when surfing. In fact you  need that IP  to  even  get on  the internet, yes I  get that. What Id like you  to  do  here is  imagine this  senario:

Ok so you  turn on  your comp, Go surfing on the internet, various sites  clock your  IP for surfing habbits etc, so far  just dandy.

Now  imagin this;  In a virtual world like SL there are different regions, you  can  compare these regions with various internet sites. The owner of  the servers, these regions are on (or sites if you will)  is in SL,  Linden Lab. To  access these regions (sites)  you  have to sign  an  agreement with Linden Lab that give them permission to  have your  personal  info on all your accounts (if you should so choose to have more than one for  various reasons).

Ok, so  you  go  around to  these regions (surfing the  wirtual world as it were)  and all  is dandy … but hold on.. no  it isnt … someone else is surfing .. oh and someone else  has permision to  place  a script on  some of these sites ..  this script  is the one that is logging your IP, and it isnt Linden Lab. Its someone you dont know, but they  feel  they want to  have info  on you  and this script gives them  that info.

That is similar to  someone  placing mall/spyware on an internet site, and that ladies and gents are NOT  legal.

But why I  hear you  ask, is Linden Lab not hitting down  on these types? Well, puzzle me if I can  give you  the answer to  that. Maybe the same reason  it took Linden Lab  forever to  hit down  on known  copybot viewers (ie a copybot viewer is a  customised viewer that  can  access a virtual world and copy what is around them easy  as pie < non tech explenation)

Now current status of this in Linden Land  is … Unknown!

So interesting questions emerge here

1. Rodvik Linden (new CEO of Linden Lab) gave an interview to Dusanwriter where he stated that Linden Lab took  privacy  serious. Hmm, maybe he need to  tell  his staff that ?

2. I myself  talked to  Jack Linden  just over a year ago at his Office Hours, so Linden Lab  to  my knowledge has known about this for over a year (maybe even  longer) and has not  reacted on this yet, why?

3. Why doesnt Linden Lab  enforce their own TOS naimly;

(Edited for clarity and relevance)

SecondLife TOS 8.3:
Post or transmit viruses, Trojan horses, worms, spyware, time bombs, cancelbots, or
other computer programming routines that may harm the Service or interests or rights of
other users, or that may harvest or collect any data or personal information about other
users without their consent.

Community Standards. 4: Disclosure.
Residents are entitled to a reasonable level of privacy with regard to their Second Life
experience. Sharing personal information about a fellow Resident –including gender,
religion, age, marital status, race, sexual preference, and real-world location beyond what
is provided by the Resident in the First Life page of their Resident profile is a violation of
that Resident’s privacy.

Policies and Policing – Alternate Accounts:
Alternate accounts are generally treated as separate from a Resident’s principal account.

Now here the clincher. Any account made and operated by me is MY personal business part of MY privacy. End of debate! There are no  “if” and “but” s here. Anyone apart from Linden Lab has no right to  know my  other accounts for ANY reason! Its a non-debate clear and simple. I do not care if your virtual wife has deceived you and you  know feel  like all  alternate accounts are evil. You are not god you  do  not own the servers I frequent and I  most importantly did NOT give you my permission to  log my IP to  use to  investigate what accounts I  use on my IP.

Now I dont actually know 100% that I  have been  logged by any of these devices. Except for one exsample;

Summer of 2010, I went to  visit the BF in Vancouver, now when  I  go there its my  vacation time and I dont log in  unless its urgent. During my two week stay  I did have to  log in once or twice, and of course I used his computer to do so.

Some time later a “friend” of his IMed him asking if he had an alt called ….. “Lady Sakai” ….. yes thats right  they  had logged me logging onto  his IP via his computer.  Apparently they  had a club that he had been  frequenting and  therefor they  had his IP and could track  anyone that used his IP.  Needless to  say  I got  angry, very  angry !

Linden Lab, for  petes sake get a grip and  get this sorted ASAP!!

How to  block  these gadgets;

Disable ALL music & media in the viewer (in preferences)  in SL, Turn off  Cookies as well as I been told  that they  use that  exploit as well. Voice is another way they can  exploit this due to a security hole in Vivox so  advice would be to turn  your voice off in  preferences as well (Thank you to Theia Magic (SL forum)  for pointing out my original wording needed to  be altered a bit and to Roxy Couturier for  pointing out the  security hole in voice , you might also want to se Roxy´s comments on this post further down)

Do not take my word for this, do your own  investigation into this issues

Go to the Jira on this and vote AND watch (as Linden Lab will  take voting off JIRAS soon)

https://jira.secondlife.com/browse/VWR-24746?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&focusedCommentId=241056

You can  get a gadget called GreenZone on  the SLM, this will scan  for RedZone but  I do not currently know if it picks up any other similar devices.

AR all RedZone Devices you  find / come across

Write to Linden Lab  asking them  to  protect your privacy in SL, this is a serious issue!

Now I  havent even  touched on theses devices fail rate nor on the ways these devices can be misused that might be a tad to  lenghty  but  I  have faith in  peoples IQ and the ability to think for themselves (if not just  hit me with an IM in SL or IW or make a comment here and Ill  make a post  about that as well 😉 )

Whoooosh for now x

Comments
13 Responses to “Privacy – lost in SL?”
  1. Mera Kranfel says:

    Excellent!! I could even survive your twittering about Duran Duran after this =)

  2. Roxy Couturier says:

    In general I agree with what you’ve said, but a couple of comments on some points..

    Re: Rodvik Linden: In all fairness, that interview was published Feb 12, 2011. Just two days ago, I’m willing to cut some slack regarding the time frame since the interview may have been done prior to the info on Rz coming out. I *am* hopeful that he follows through on that statement.

    Re Turning off media and cookies: That’s correct. Additionally there is a security hole in Vivox that can be exploited in the same way. So, turn off voice as well. That ultimately stops your data from being scraped any further by any such device (except those that merely look at your viewer to make sure it’s not a copybot viewer).

    RE GreenZone: It only detects RedZone. But if I have correctly understood, there may be something coming out to detect the media calls to autoplay media directed at your viewer, which would let you know something may be scanning you. At the very least, you’ll know someone is trying to make your viewer play media unasked for.

    • ladysakai says:

      Thank you Roxy for that excellent update, the more info we can gahter on these devices the better. I was not aware of the voice thing but it makes sence. The GreenZone only picking out RedZone atm is a problem, so infact it can only be used to “find” RedZone and then you can AR. Would be excelelnt if they updated that in very near fututure so people can safely enjoy talking and listening to music again. Re Rodvik, yes fair enough but he neds to be made aware of this isue asap. This is a problem that is old in SL and he has taken over old and new problems when he joined. Hopefully he will push this to critical and they will get it fixed

  3. Bradd Laval says:

    Waaaay too much techie speak but good techie speak nevertheless.

  4. Resident says:

    I use redzone myself, it’s kept more than 30 bad viewers out of my stores….So for me that’s great. It also bans the alts of trouble makers …..again something great.

    You don’t actually get to see any IP addresses, initially the redzone had a vague map of what continents your visitors mostly came from but that’s not even on the system anymore. The only links you see are alts…Generally store and club owners couldn’t give a damn who is who until trouble has started….

    With regards to mixing people up, Redzone has someting called alt metrics, it’s mainly for catching people on dyamic ip addresses (again you DONT see the IPS) you type in two names you think may be alts, if theyve been picked up by the redzone you see in what ways…ie, whether they were in the same sims, on same ip, how often theyve been caught using same IP eover how many days and how many sims…etc….

    LL should allow for IP bans of users….You don’t have to see the IP to ban, just an option where you type in the name and can ban by IP/computer….Like every single chatroom in the world has…. It’d make things much easier for sim owners to deal with griefers and there would be little need for redzone, similarly the option to ban viewers which aren’t official or given the green light would be useful too….

    Zfire is always very open to questions and the demo of redzone is free, it’s really not all that bad….An invaluable tool for those who want to protect their work that’s for sure…

    • Roc says:

      Resident, I am happy that you are getting a benefit from Redzone. I understand the copybot and griefer problems on SL have been around for years. Linden Labs needs to address that issue. What we don’t need is a system like Redzone that ANYONE can access and find out who someone’s alts are. I have personally witnessed a malicious person stand on a sim and shout out people’s alt names as they came onto the sim. As this particular area was a close roleplay community, this caused quite a number of problems for the people “outed”. Several people I personally know have felt the need to quit Second Life completely because they no long feel free to enjoy playing on their various alt characters as they once did. And for that reason, I feel Redzone does more harm than good.

    • ladysakai says:

      Dear Resident
      You might want to read my blog post again. I never said that the RZ gives out the IP but it does give any user of the system the names of supposed alts linked to IPs. ie RedZone does give the users of RZ names of what THEY percive is alts of the first logged IP. If you are a user you should know this.
      Re LL letting people use IP bans via normal bans. Im a former Estate owner and has thus dealt with giefers many many times over, also the elustrius squatters. Ive had one of my regions taken down by the Niegras and had that posted by them on YT. Trust me I know full well the damage these people do. As a content creator I also know of the copybot problem that are not only in SL but in all virtual worlds out there.
      Heres some interesting facts for you: While I had my Estates I found out that if I turned off build the griefing went away. I had that in my covenant, that no public build was to be allowed by any of my residents. I and my manager regually went over the regions and made sure build was turned off on all parcels. I effectived that about two + years back and only had one instance of grifing in that period (I forgot to turn build off at my club 😉 ) Re the squatters I only caught a handfull in same period and again that was due to residents forgetting to turn build off. Estate owners using RZ is a sad excuse and its simply the owners being lazy IMHO.
      Now Estate owners frequently debated this issue of grifers making alts and comming back over and over. We talked to LL about this and LL said they would NOT allow for IP bans and they themselves did not use it as it was way way to random and could hurt innocent ppl due to dynamic IPs and even the static IPs can be changed very very easy.
      So how do we solve this? Only way is to let LL handle it and for that to be effectiv LL needs to designate a team for these tasks specificly.

  5. X says:

    Nice post, but CDS doesn’t do alt-matching or anything the like, it doesn’t even store IP addresses.

    • ladysakai says:

      Dear X
      Unles you are Skills Hak (or any of her alts) you have no way of knowing this for sure as she has never actually said how CDS works. I know she had / had(?) a website that is pending payment to avaid take down.
      The device that logged my BFs IP and then subcequently logged me as his alt is to my knowledge CDS.

  6. Micaela Darkwatch says:

    @ Resident

    You know, first off, I’d like to address the problem of people hiding their MAIN Second Life avatars that are using these systems. If it’s such a good product, and you are proud of using it, please quit posting as a sock-puppet. All of you put on yer big kid panties and discuss the issues.

    Now onto your points.

    1. kept more than 30 bad viewers out of my stores- You do not know they are bad. In fact, Imprudence, Dolphin and even LL’s Viewer 2 have been marked as bad by Redzone at different times. People do compile viewer code on their own. They’re allowed to. It doesn’t mean they are using a bad viewer, it means that zFire doesn’t know about it.

    2. also bans the alts of trouble makers- Please read up on how IP address’s actually work. Not even Linden Lab can be certain of who is who when it comes to the bad guys. The really bad guys are laughing their a**es off at you. Trust me on that.

    3. You don’t actually get to see any IP addresses- Maybe you don’t, but they are on zFire’s servers. He has full access to them. And I have no guarantee my information is safe. There was no “informed consent” (look it up) from me. And any GeoID on me would be very close. Lady Sakai will be able to confirm that I’m coming from a very small town.

    4. LL should allow for IP bans of users- I’m very open to that. As long as no other Second Life user can see who my alts are, that’s fine by me. But remember, if LL can’t get rid of people via IP bans or MAC bans, what makes you think you can?

    5. Zfire is always very open to questions and the demo of redzone is free,- zFire is only open to questions that he agrees with. As far as he and many of the users of his system are concerned, since I am in fierce opposition to these things, I am either a copybotter, a griefer, or someone cheating on a SL partner.

Trackbacks
Check out what others are saying...
  1. […] This post was mentioned on Twitter by JoJaDhara and Johan Neddings, Lady Sakai/Alexandra. Lady Sakai/Alexandra said: New Blog: Privacy – lost in SL?: http://t.co/4WCj0VX […]

  2. […] for  more info  on this  please go to my other blog  posts  where I  have  links with info Privacy – Lost in SL? & Second Life erupts in outright war & The Privacy wars real victims […]



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

  • Top Clicks

    • None
%d bloggers like this: