I know this post is slightly off-topic, but given the induced risks, I want to share this infomration with you. The Second Life Insider reported a security issue with Second Life. If you let the client remind your password, to avoid having to type it each time you go in-world, there is a way for hackers using a malicious web-page and InternetExplorer to gain access to your SL account.
All the details (and the way to do it as well) are explained on http://www.gnucitizen.org/blog/ie-pwns-secondlife. I did not test it myself. Anyway, I never let any software remind passwords for me...
I won't turn this blog in a hacker / safety oriented way, nor as a hoax spreading tool, but this vulnerability seems serious enough to deserve being comunicated widely.
Showing posts with label security risk. Show all posts
Showing posts with label security risk. Show all posts
Tuesday, September 18, 2007
Monday, July 30, 2007
Second Life under attack - LindenLab not telling the truth ?
For the best part of last two days, Second Life users have to cope with strong problems in the Linden Lab virtual world, including unability to teleport, to transfer money, to search for items, and so on.
This makes most of online activities impossible. No camping as money can't be transferred, no financial transaction, no copy of objects. All of the Sercond Life economy is blocked, and could collapse soon if this goes on !
Linden Lab reports on the official Second Life blog does not mention any cause, or specific problems. They just say they're working to solve it. This is not so usual, as normally the blog is much more detailled about what goes on, and what are the problems.
This silcence from Linden Lab, and their unability to solve the problems within reasonable time makes me think that they could be under attack from hackers. This hypothesis raises the questions who and why.
To me the answers are quite clear: gamblers, and casino owners, to protest against the stop of all gambling activities in SL ! As a revenge, or to blackmail Linden Lab, some gambling activists could try bringing it down. Remember, there were even demonstrations of protest in-world this week-end.
This hypothesis also explains why Linden Lab can not manage the problem by simply going back to a previous and more stable version. It also makes clear why they don't make any mention of the problems cause. Revealing such a vulnerability in their systems woud have a catastrophic effect on their business.
Can you imagine how bad it would be if the attackers could find a breach in the clients themselves, getting control over users computers ? It's clear that Linden Lab would not communicate on this !
This makes most of online activities impossible. No camping as money can't be transferred, no financial transaction, no copy of objects. All of the Sercond Life economy is blocked, and could collapse soon if this goes on !
Linden Lab reports on the official Second Life blog does not mention any cause, or specific problems. They just say they're working to solve it. This is not so usual, as normally the blog is much more detailled about what goes on, and what are the problems.
This silcence from Linden Lab, and their unability to solve the problems within reasonable time makes me think that they could be under attack from hackers. This hypothesis raises the questions who and why.
To me the answers are quite clear: gamblers, and casino owners, to protest against the stop of all gambling activities in SL ! As a revenge, or to blackmail Linden Lab, some gambling activists could try bringing it down. Remember, there were even demonstrations of protest in-world this week-end.
This hypothesis also explains why Linden Lab can not manage the problem by simply going back to a previous and more stable version. It also makes clear why they don't make any mention of the problems cause. Revealing such a vulnerability in their systems woud have a catastrophic effect on their business.
Can you imagine how bad it would be if the attackers could find a breach in the clients themselves, getting control over users computers ? It's clear that Linden Lab would not communicate on this !
Subscribe to:
Posts (Atom)
