| Mail |
You might also like: WoW Insider, Joystiq, and more

Reader Comments (19)

Posted: Aug 24th 2010 9:35PM (Unverified) said

  • 2 hearts
  • Report
How is "taken off the viewer list for review and re-approval" heading toward obsolescence? Have you not heard of programmers removing malicious code to meet with approval? So quick to consign to the dustbin, you are.

Posted: Aug 24th 2010 9:51PM Controlled Chaos said

  • 2 hearts
  • Report
Uhm, if there hacking based back doors in the code, then they likely were meant to be there in the first place, put there by the developers for obvious purposes. Do you seriously believe that the developers of Second Life would suddenly forget that happened if the Emerald Client people removed the back doors?

If they were smart, they wouldn't let these guys anywhere near the game again.
Reply

Posted: Aug 24th 2010 10:03PM (Unverified) said

  • 1 heart
  • Report
After reading the original article, it makes perfect sense. This is the problem with going open-source.

Posted: Aug 24th 2010 11:14PM Laephis said

  • 3 hearts
  • Report
Right, closed-source programs never have a problem with backdoors because those developers are perfect little angels who would never do such an evil thing.

There isn't an /eyeroll in the world big enough for you.

At least with open source programs you're allowed to look at the source and evaluate it for any nefarious coding.
Reply

Posted: Aug 25th 2010 12:19AM Jade Effect said

  • 2 hearts
  • Report
It's been hundreds of years since the story of the Trojan war was written and humans haven't gotten any smarter.

Why bash themselves against firewalls when these criminals can build a nice looking trojan horse and leave it outside for anyone to take. Stupid people will drag the horse into their computer and give these criminals a backdoor or two. Then the stupid people will cry and complain how Linden Labs had "poor account security" and how they got "hacked".

Posted: Aug 25th 2010 4:26AM dudes said

  • 2 hearts
  • Report
I was utterly shocked when I read announcements made by various Sim regions and Linden about Emerald. Only used it a few times. But if malicious bits of code are in there, then it's a complete breakdown of trust between Emerald's devs, the end user and Linden Labs itself.

Never again.

Posted: Aug 25th 2010 4:31AM (Unverified) said

  • 2 hearts
  • Report
The short version (or as short a version as you can get for drama four years in the making) is that Emerald's coders included some rather... hack-tacular backdoors in the client's coding. This is a downside for reasons that should not need to be specified, but does add up to some major problems for the large playerbase still using Emerald.
i don't understand how to operate that, can you make some example?

Posted: Aug 25th 2010 9:34AM NyttyN said

  • 2 hearts
  • Report
Ok you know the Trojan horse?

Basically that, in client form. Also, a helluva lot easier to fall for then a giant wooden horse.
Reply

Posted: Aug 25th 2010 10:21AM (Unverified) said

  • 2 hearts
  • Report
There are 2 main things that have popped up in the past few days:

Multiple iframes on the login screen that loaded pictures from a website effectively creating a DDoS attack of sorts. Although the person who reportedly owns the site said he has not touched it in months and really does not care but I have not looked into it much more.

The second thing was the emkdu.dll

kdu.dll is a rendering library file that LL uses and it is called llkdu.dll
They have v4 of the file. Fractured decided to buy a license to it. That became emkdu.dll and is at v6 (and faster than the linden's version).
Now because it is purchased and is within the SVN with the source they had to add a sort of DRM to it. This involved them having it report to Him and certain others where this file is located on their computer. Now this is where the privacy part comes in.

When they found out they can get peoples names (on macs) they had Phox (apparently) fix it so it wont display their names. Now he did not think about Windows as the default install path is C:/Program Files which does not have a username. Well people do not install it there and put it elsewhere resulting in their username or real name being revealed (For example my full path to the desktop would be C:/Users/Jord/Desktop). This was the other problem as not many people on the emerald team knew about this.

What caused them to be removed from the TPV was the DDoS attack. The privacy issue was not thinking straight to prevent the file from being used elsewhere. Now there MIGHT be more hidden code within the viewer but until they go over it all now with full access rights, they wont know until they go over everything.
Reply

Posted: Aug 25th 2010 2:22PM (Unverified) said

  • 2 hearts
  • Report
I knew there were some shady people in the team, i still have faith on the good people there though

Posted: Aug 25th 2010 7:50PM MewmewGrrl said

  • 1 heart
  • Report
It suddenly became the most popular 3rd party viewer after they made girls boobs bouncy... Give me a break... Are virtual breasts really that exciting for you nerds?

Posted: Sep 3rd 2010 2:23PM (Unverified) said

  • 2 hearts
  • Report
Emerald became popular because it is so much better than LL's Version 2 Client. Most of the stuff you need regularly is actually on your screen, not hidden, {as it is in Version 2}.
You asked for a break, OK here goes,
"Don't just shout emotional abuse at strangers for no reason, especially when you have your facts crooked to begin with."
That do you?
Reply

Posted: Aug 25th 2010 10:53PM (Unverified) said

  • 2 hearts
  • Report
The controversial code in Emerald wasn't actually a "back door" in any usual sense of that word. It didn't allow the developers special access to anything, didn't steal passwords, etc. There was code in Emerald itself that would sometimes include the pathname of the Emerald executable in uploaded data (and since the path name sometimes would include the username, that might violate privacy), and there was code on the Emerald splash-screen HTML page (not in the viewer code itself) that would for no good reason load lots of data from some 'rival' website. Childish at best, but still not really a "back door".

Nitpickingly,
Dale Innis

Posted: Aug 26th 2010 3:49AM (Unverified) said

  • 2 hearts
  • Report
From what we know Dale. If you think we know (or ever will) the whole story, then you are the sort of guy who should just keep on using.

Emerald played hardball with the lab more than once and that sort of thing is great I suppose if your house is clean, When is it so unclear that your own people walk, you just overdrew your karma account.

I don;t think it's as limited as you suggest. Lord Greg Greg let for the very reason he could not find out what the hell was going out the door. All we have is what they admit which is a criminals dream. No investigation, i admit this. That is all, I swear.

And to say the house is clean now is funny.

But let's assure you are right. Are those things we should not care about? Like the information gathered on Neil and his family? The fact a kid should be tossed off the grid for selling a malicious client on the adult grid when he was nowhere near 18.

Linden has over overlooked way too much and we paid with piracy breaches. If they are not going to handle it now, I think it's time we decided how much our piracy means to us and compared to people who demand they be allowed to use the easy thing no matter the danger.









Posted: Aug 26th 2010 7:35PM (Unverified) said

  • 2 hearts
  • Report
btw, i don't think "obsolescence" is the word you're looking for, and storing information in image metadata (or even if they stored it with steganographicly in the image itself) isn't all that hack-tacular

Posted: Aug 28th 2010 11:07AM (Unverified) said

  • 2 hearts
  • Report
The bottom line to all this drama is we as residents and users of secondlife need a good decent viewer to use. The newest version LL has is NO GOOD, even they admit that with the new program coming out to allow the residents to help develop the next viewer. All anyone wants is to be able to be in the program (Note I did not use the word GAME..SL is not a game but a way of life..a second chance..). I have just download and tried a new viewer called Emergence and it is working great..."appears" to not have any codes...

Posted: Sep 1st 2010 5:48PM (Unverified) said

  • 2 hearts
  • Report
The Emerald devs have declined to meet Linden Lab's requirements, which will effectively kill the viewer.

Naturally, they're attempting to put all of the blame on LL.

http://blog.modularsystems.sl/2010/09/01/the-end/

Posted: Sep 8th 2010 2:02AM (Unverified) said

  • 2 hearts
  • Report
And yet in the end, Eliot was right. Emerald's development team is now disbanded[1], and as of today, Emerald viewer has been blocked from logging in to Second Life[2]. There will be no further development on the Emerald viewer.

1: http://blog.modularsystems.sl/2010/09/01/the-end/
2: http://blogs.secondlife.com/community/features/blog/2010/09/07/emerald-viewer-to-be-blocked-from-second-life

Posted: Sep 8th 2010 6:11AM (Unverified) said

  • 2 hearts
  • Report
There will be further development under a new project called Phoenix Viewer. The viewer can be downloaded from the following site:

http://www.phoenixviewer.com/

Featured Stories

Engadget

Engadget

Joystiq

Joystiq

WoW Insider

WoW

TUAW

TUAW