Jun 092011
 
 
Editorial by Vagabond ‘Tony’ Carter

We’ve all seen them… rezzing replicators, spamming regions with obscenities, flooding your screen with whimsical to pornographic images and sounds. Crashing sims and viewers for fun, and with countless other attacks they claim it’s ‘just a game‘ and “we do it for the lulz” – even using illegal computer programs to steal from legitimate real life (RL) businesses, and harass residents in-world.  Some going so far as to track down a resident’s real life information and make harassing or threatening phone calls, and in very rare cases a few have traveled miles to mock their victims at their doorstep with veiled or direct threats. Who are these people and what motivates them? While the term is used in nearly all multiplayer online games,  in Linden Lab’s Second Life and other MMO’s we call them Griefers.

Continue reading »

May 242011
 

 

Infamous “W-Hat” Group In Disarray, Closing Down

Krypton Radio Staff

W-Hat Logo

Masakazu Kojima (Masa), known within the virtual world of Second Life as leader of the controversial and at times infamous W-Hat group, has announced via the W-Hat website that his account had been permanently banned from the SL service by Linden Lab.  The online service cites “severe or repeated violations of the Terms of Service” but in their email to Masakazu did not detail what those violations were.

W-Hat was originally created in Second Life in 2004 for members of the forums at the popular Something Awful web site.  W-Hat members referred to themselves as “goons”, or “SA goons”.  They were well known for their general interest in that which others find offensive, and the group attracted wide range of people, from the merely curious to some of the worst griefers Second Life has ever known. Members of W-Hat have created hacked clients, committed content theft, and even created sim crashing weapons.  The sim crashers used by the Patriotic Nigras were based on the original ones created by W-Hat.

However, the FAQ page on the W-Hat web site states that none of these things are condoned or are the official policy of W-Hat, and that people who engaged in this activity were removed from the group whenever they were discovered.

The infamous Voted 5 group was comprised primarily of former W-Hat members who were invited to leave because their activities cast W-Hat in a bad light and put the group at risk.  Plastic Duck, the creator of both the first truly effective sim crasher weapon and creator of the first megaprims (distributed via his alternate account, Gene Replacement) was one of these.  Plastic Duck was also responsible for the discovery and correction of a critical bug in the Linden Lab monetary system which could have destroyed the entire economy.  Plastic Duck could have simply exploited the flaw, but instead worked with Linden Lab to identify and correct it before it became a problem.  Plastic Duck lost his account permanently immediately following an interview on a griefer-friendly blog site in February of this year.

Masa’s primary interest seems to have been technical, and while the official W-Hat policy was against griefer and racist activity within the group, this same activity went largely unmoderated, thus leading to W-Hat’s overall unsavory reputation.

In an email interview with Krypton Radio, Masa shared what information she had on the possible circumstances surrounding her banishment and the future of W-Hat:

Continue reading »

May 112011
 
an Editorial by: Vagabond 'Tony' Carter

All to often the word “griefer” is used as almost a blanket term for someone you don’t get along with. This I cannot help but feel is in error, far too broad a brush used far too often. So I’d like, if I may , to examine closely the meaning of the word.

Wikipedia defines it as “.. a player in a multiplayer video game that purposely irritates and harasses other players.”
Wiktionary, a cousin of wikipedia, has this to say ” griefer – One who griefs: a player who plays a game primarily to reduce other players’ enjoyment of it.”

Second Life requires a bit of a refinement here. SL is not a game by definition, but is rather more akin to a platform in which, among other things, games are played. Second Life has clearly stated Terms of Service and Community Standards agreements which further clarifies matters. Applying this logic we arrive at the hybridized definition of:

“Griefer, one who habitually, intentionally, and maliciously acts to disrupt the usability and enjoyability of the virtual world for other users or residents, these acts are usually in direct contravention of ToS/CS agreements as historically and currently enforced by Linden Labs.”

This statement provides a good litmus test for whether or not the term griefer should apply in a given situation, so it is quite important to be accurate when applying the term.

Continue reading »

Apr 162011
 

An Investigative Report

by Vagabond "Tony" Carter

Shortly after my exclusive on Stark Reality Exclusive: The Wrong Hands-Spies on you, Tux Winkler posted a lengthy response on his public blog. In which he makes several accusations generally trying to play himself off as a victim. Keep in mind that we at Krypton Radio are not interested in getting into a blog-war with anyone, however in the interests of truth and public safety it is our responsibility to keep you the public informed on matters such as this. What started out as Tux Winkler and his group simply trying to stalk and harass the Justice League, turned into him stalking private residents with no connection whatsoever to the JLU or any Peacekeeper group.

Snapshot-_-Superhero-Monitor-Station-Superville-

Tux Winkler's 'base' owned by him displaying "The Wrong Hands" Logo, where he gives out his freebies.

Mr Winkler’s most common assertion is that he is not involved with and never has been involved with “The Wrong Hands”, however an investigation conducted by members of the Justice League Unlimited and Krypton Radio has uncovered a wide array of facts to debunk Winkler’s claims.

As shown in the pictures of Tux Winkler’s base/store, he is indeed a member of The Wrong Hands, even having his land and objects set to that group. It is a known fact that another person can not set another person’s objects to a different group, so this easily refutes his claims.  This parcel which Winkler maintains is where he gives away his freebies in-world, it also serves as a small base for The Wrong Hands. The simple fact of checking Tux Winkler’s in-world profile shows his connection via the use of The Wrong Hands logo, and directions to its main base in the region of Red Square.

Red Square and its connected region of Revolution, are the current home of the Woodbury University refugees previously banned by Linden Lab. And while permanently banned from the use of SL, these individuals have made very public statements antagonizing the lab as if daring them to ban the regions once again, along with the continuing actions of Winkler which serve to increase the exposure of the Woodbury University’s illegal return to Second Life.

Screenshot of Tux Winkler's tracker page

Screen-grab from Tux Winkler's tracking page, now hidden from the public.In this screen-grab of the tracking page from Winkler's website, we see the long list of people who never consented to their in-world locations or login times being posted for the public to see. Winkler may have violated Section 8.3 of the Linden Lab Terms of Service forbidding the use of Trojan Horse programs in recording this information. Note that many of the detections in this screengrab list the location as Red Square, a closed region. This is because when location data was unavailable, Winkler had to resort to a simple online status monitor which reported its location as being on that region. His logging system was unable to differentiate between field sensors and his stationary online status monitoring device.

 

 

Tux Winkler had several accomplices assisting him in placing spy prims in various locations around the grid, without the permission or knowledge of victim landowners. Ryokashi Revestel is shown here as owner in these screenshots, and was one of the more prolific. Winkler appears to have caved to public pressure to remove or deactivate the tracking page to which these devices and his Trojan horse freebies streamed information.

The function of the trojan horse scripts in Winkler’s devices (all named “”#.- DO NOT DELETE THIS -.#””) was verified by independent testing.  When the scripts were removed from the freebies, the tracking page no longer updated with avatar tracking information for the current location, yet the freebies continued to operate unaffected by the removal of the script otherwise.

In the case of the spy prims hidden in various estates as stationary probes, in each case when the device was removed, the tracking page stopped updating for that location.

It is important to note that Trojan Horse scripts are in clear violation of the Linden Lab Terms of Service and are expressly addressed by the Community Standards. Also, there is no way of knowing what other “features” his spy devices have; remote chat logging is certainly possible with such a device.

The three major claims made by Mr Winkler in his defense:

  1. Winkler denies association with The groups calling themselves “Woodbury” and “The Wrong Hands”: Proven false
  2. Winkler claims that the “#.- DO NOT DELETE THIS -.#” Scripts are merely product support / updaters. : Proven false
  3. Winkler claims that he did not employ spy prims, either on public or on private lands. : Proven false

While not unexpected, continuing in his counter claims against the JLU and its free networked security system known as The Phantom Zone, asserting that it uses IP detection and geolocation. It does none of these things. Readers are cautioned that Winkler does not speak for the League and to refer instead to the About page here on the Krypton Radio web site for further information about this system.

Winkler had been using the tracking page in attempts to blackmail some of the people listed on it into handing over chat logs or other information about, or from, the League. The individuals approached have turned over logs of the attempted blackmail by Winkler and this information has been forwarded to Linden Lab. These logs will not be printed out of respect for the privacy of the individuals who do not wish to be named or contacted by the public.

Residents are advised to delete any objects in their inventory created by Tux Winkler as a safety precaution, or if you desire to keep the object or item, remove the script called “”#.- DO NOT DELETE THIS -.#” to disable the trojan horse functionality.

In this day and age of armchair bloggers and forum flame wars it’s easy to lose sight of the facts. The facts here support the charges against Tux Winkler and The Wrong Hands for stalking, harassment and defamation. I know some people are rolling their eyes at this, looking at it as some grudge match between two groups. However, Tux Winkler has decided to drag innocent people into this and make it public, so before anyone tries to convince you of anything ask for the facts.. Ask your own questions and don’t listen to the rhetoric, judge the situation solely on the facts.

 

Update:

The land at the Superville region, once home to Tux Winkler’s trojan horse spyware, went up for sale sometime in the latter portion of May of 2011. The precise reason for the decision to sell is not known, but the usual motivations of economy and financial strain are the most likely cause.

Additional pictures:

Script inside

Same prim, inspecting it shows Tux Winkler as the creator of the prim and the script.

Oxbridge Villag, Caledon Oxbridge V2

One of Tux's creations, a spy prim placed on open land, verified by the fact that on returning it, the Tracker stopped updating for this location

Tux Base prim

Note the owner and Group this prim is set to...

 

This image, taken just hours after the initial publication of this article clearly shows Tux Winkler wearing a Soviet Woodbury logo belt buckle. This puts to rest any doubts that he has ties to Woodbury.

Tux Winkler's "The Wrong Hands" LinkedIn Page, which puts to rest any doubt that Winkler considers himself in charge of The Wrong Hands, proclaiming himself to be CEO of "TWH Ltd.". The page has since been deleted. He had posted his city of residence on the page, but this has been redacted to protect his safety and that of his family.

 

 

 

Feb 242011
 

RedZone gets new lease on life

by staff writer Emiley Tomsen
(with contributions from Krypton Radio staff)

On Feb 24, 2011 the Terms Of Service/Community Standards were updated by Linden Lab, the creators of the virtual world of Second Life, to reflect concerns by users of the service regarding privacy and the use of multiple user accounts by one person.

“Residents are entitled to a reasonable level of privacy with regard to their Second Life experience. Sharing personal information about your fellow Residents without their consent — including gender, religion, age, marital status, race, sexual preference, alternate account names, and real-world location beyond what is provided by them in their Resident profile — is not allowed. Remotely monitoring conversations in Second Life, posting conversation logs, or sharing conversation logs without the participants’ consent are all prohibited.”

Readers should note that the Community Standards and Terms of Service apply only to the Second Life service and web sites owned by Linden Research, and not third party web sites.

For weeks many users of Second Life have blasted the SL-forums with complaints about fellow residents, who use automated security systems to protect their virtual properties. Some of these systems have the ability to detect and share information on user’s alternate accounts. This is done by comparing the IP address of a scanned avatar and comparing it to other avatars that have been scanned by the security system. Residents claim that these systems violate their right to privacy, since SL is more or less geared towards anonymity. The counter-arguments are that many residents who have been previously banned by Linden Lab use alternate accounts to come back into SL, letting them grief and stalk others making such alt detection systems useful and necessary.

One such system to take the brunt of the hatred from privacy advocates is RedZone, created by SL resident zFire Xue. Land owners could use RedZone to scan for and ban users from their private land based off of the possibility that person was an alternate account of a previously banned user.   Part of the controversy of his system, is that it publicly identifies residents’ possible alts of banned avatars to RedZone users via the subscribers’ interface on the official RedZone web site.

Mr Xue granted Krypton Radio permission to print a statement he issued on his RedZone customer support forums concerning the Linden Lab Terms Of Service change:

“Hello RedZone owners.
After talking with Linden Labs over the past month we have reached an agreement.
Effective now and retroactively the RedZone system will request Consent to display alt name information.
LL policy will reflect this change by tomorrow the 25th.
The zRZ HUD will now request consent much like a bloodlines bite.
The zRZ Website now offers a system to send an IM to request consent for a zF RedZone Alt Background check.
The system is already in place, new functions and consent methods will be offered as we discover how best to implement this feature.
Linden Labs has been good enough to suggest many ideas that settled on this one.
Alt names can still be viewed to settle disputes, run security background checks etc. (With Consent)
Please see http://isellsl.ath.cx/checkconsentinfo.php for more.
The RedZone system has been, and always will be current with SecondLife(tm) terms of service.
I would like to thank Linden Labs for working with RedZone and providing enough time for RedZone to make these changes.
Best Regards,
zFire Xue
PS: Everything is still logged as before, everything still works as before.
Only now to view the alts you need consent.
Alts are still bannable if they are related to a new user you do not want on your land.
Alts of people you banned are still banned, alts of copybots are still banned, alts of anyone you have banned are still going to be banned, just not named.”

There are various security systems used by residents in SL, some utilizing the ability to compare avatar accounts by checking IP addresses. This has never been a fool-proof tool, as some users share the same address due to the location they log-in from such as a college dorm. Mr Xue’s security system does in fact have an appeal option on his website, to allow people to file a grievance if they feel they were wrongly banned from a private property by the RedZone service. To clarify, the RedZone system only has the ability to ban avatars from property where it was installed by the property owner.

Critics of the RedZone system say the copybot viewers it detects represents only 0.025% of the total viewers scanned, according to zFire Xue’s own web page dedicated to users of the system.  While this number seems low, it makes more sense in perspective: according to Justice League estimates, less than half a percent of the citizens of Second Life are griefers in the first place, so the number of copybot clients detected by RedZone compared to the number of griefers is actually rather significant.

The Green Zone

The main group of critics appears to be users of a product called “Green Zone”,  a device which until recently was able to detect the probe objects used by the Red Zone security device.  The Green Zone Users group in Second Life was founded by an avatar named “Fart Admiral”, and the group is open enrollment with no controls at all on who joins. The fact that the group has nearly a thousand members does not speak to the quality of its membership.  It is not possible to determine how many of these members are secretly alts of other members. The group could easily have been vastly inflated in size by a small group of dedicated dissidents, creating the impression of  a vast anti-Red Zone response, and there is no way to prove otherwise.

The GreenZone device itself was created by the operator of an avatar named Anastasia Howlitt, purportedly in retribution for the banning of her alt Andromeda Sawson for copybotting activities.  zFire Xue posted compelling evidence of the connection between the Andromeda Sawson and Anastasia Howlitt accounts on the RedZone support web site.  Howlitt’s sole defense was to claim that her computer was used by “a friend”.

Green Zoners have gone to great lengths to harass Red Zone users in efforts to coerce them to abandon use of the product, even going as far as crashing their sims in some cases.  Anonymity appears to be being abused by at least some faction within this group.  It is clear that at least some percentage of the Green Zoners have an agenda in which the public welfare plays no part. Even some otherwise responsible journalists have fallen for this ruse, unintentionally siding with copybotters, known trolls and sim crashers.

Something indeed strange is going on with this topic of interest:  opponents of the RedZone system point to such things as this large group in SL and how active the thread on SL Universe is (400 pages and counting) – but Hamlet Au of New World Notes questions how widespread interest in this topic really is, saying that more people are interested in his article on Kinect for SL than they are in his original RedZone article.  That this could be a manufactured “social uprising” is not entirely out of the question.

IP Addresses and Privacy

There are still concerns by residents that logging of IP addresses or other information is a violation of the Terms Of Service, however this was addressed by Linden Lab under the following regarding Privacy.

“Certain account information is displayed to other users in your Second Life profile, and may be available through automated script calls and application program interfaces. This information includes your account name, account type, the date your account was established, whether or not you are currently online, user rating information, group and partner information, and whether or not you have established a payment account or transaction history with Linden Lab. Further, you agree and understand that Linden Lab does not control and is not responsible for information, privacy or security practices concerning data that you provide to, or that may otherwise be collected by, Second Life users other than Linden Lab. For instance, some services operated by Second Life users may provide content that is accessed through and located on third party (non-Linden Lab) servers that may log IP addresses.”

So far it would appear that logging of IP addresses and detection of possible alts is still allowed, however the handling of this information is what this update covers. As long as the information collected is not publicly shared without permission, those security systems who employ these methods are still allowed to operate.

The ramifications of this dramatic change in Linden Lab privacy policy appears to be a boon to those who consider their alternate accounts private, but may have the opposite effect on land and business owners throughout the grid who now have no where to turn for information on  abusers of alternate accounts to help keep them off their regions and away from their friends, families, and places of business.

 

UPDATE:  RedZone Not Allowed to Reveal Alts In-World Under Any Circumstances

On the Second Life JIRA service, on March 2, 2010, Soft Linden posted the following:

Hey, all. I got the go-ahead to give an update on zF Red Zone specifically. Again, thank you for the ARs with specific info about violations. These have been very helpful for letting Lindens know what’s going on.

Tuesday morning, we removed zF Red Zone from the Marketplace for a second time. We removed the in-world vendor distributing the item as well. We determined that zF Red Zone was still in violation of our Terms of Service and Community Standards.

We asked for removal by no later than today of all zF Red Zone functionality that discloses any alternate account names. That is, even if consent is asked, the service may not act on the consent. In addition, we asked for removal by no later than Friday of the interface for and any remaining implementation of the zF Red Zone consent mechanism because it does not comply with our policies. If these updates are not made, we will take appropriate steps to remedy the violations.

As before, we appreciate your help in keeping an eye on content. If you find that any merchant’s product is not in compliance with our TOS or our Community Standards, please file an abuse report about the product. Do this even if you filed against a previous version. Include a specific explanation of what you believe is a violation, and ideally select and report the in-world object at issue in case it behaves differently than what’s in the Marketplace. Before reporting, make sure you have first-hand knowledge of the issue. Support can best react if you explain specific steps to reproduce or confirm a violation.

This appears to be contrary to what zFire Xue had been previously told by Linden representatives about the suitability of his RedZone system’s handling of information about alternate accounts, and does represent a significant setback for the popular security system.  Mr. Xue’s only possible stance now is  to remove any functionality that permits the use of the system to discover alts through any in-world interface, though a lookup feature on the support web site for the product would obviously be outside Linden Lab’s jurisdiction or control.  Since IP collection is still confirmed not to be a ToS violation, the ability of RedZone to banning by IP address is obviously still not a violation of the Second Life Community Standards so long as  the revealing of alts by in-world means is removed from its list of features.

And it appears that this is exactly the tack Mr. Xue has had to take – the system can still ban by IP address, but the new Terms of Service forbids him from implementing an appeals process  since it would require banned individuals to identify their own alts.  His posts in the Red Zone support forums express frustration with Linden Lab for repeatedly flip-flopping on the rules as they apply to the Red Zone, and applying the rules with apparent caprice.

Update: zFire Xue Banned from Second Life

As of the morning of March 16, 2011, zFire Xue and his business alt, TheBoris Gothly, have been banned from Second Life.  While the RedZone security systems still exist in places on the grid, they are now empty husks – the scripts that made them work have been removed from the asset server’s databases, and the devices are now completely inert.  These actions were done in accordance with Linden Lab’s new policy against revealing alts in-world.

Soft Linden’s additional stipulation that the RedZone devices not reveal alt information even if the device had given permission appears to have been based on Linden Lab’s inability to confirm whether permission had been granted by any individual, since the RedZone database was not accessible to Linden Lab for verification, nor could it be made so in any practical sense.  Allowing this would have put Linden Lab in the position of simply accepting zFire’s word on the matter.

This is a developing story – stay tuned to Krypton Radio for updates as they’re made available!

- 30 -

Links

 

May 042010
 

kryptonspecialreport

Trusted Peer Networked Security System Enters Beta Trials

by Paladin Proto

In September of 2009, the trusted peer networked security system known as SLBanLink went dark due to having been hacked by a disgruntled griefer, who exposed its database and inner workings.  Passwords of estate managers were exposed, and the system was compromised.  A rescue mission was launched by representatives of Luskwood, FurNation and the Justice League Unlimited to try to recover the project and get it back on its feet again, but by January of 2010, Mera Pixel, the woefully under appreciated original developer of the BanLink system,  had allowed the domain itself to go dark.

With repair and recovery of the original system now impossible, the League began building a replacement for BanLink.  Despite the distraction of the infiltration of the League and the large scale wiki leak they suffered in January of 2010, development continued, and the new system, called “The Phantom Zone” has reached the beta phase in its development cycle.  This limited beta release is intended to determine how the system will perform under actual working conditions, and help the community decide what features the final version should have.

Continue reading »