DDoS Attacks of February 2018

The previously reported (Second Life DDoS Attack) DDoS is mostly over… for now. Oddly, I am having to search for news of the attack(s). It is there, but the media does not seem interested. On the net, you can find information. Like:

I suspect the reason for the lack of coverage is this type of information is too techy for most newscasters and writers to handle… maybe even understand.

Warriors... come out to play

Warriors… come out to play

From Internet searches, we can see a lot of people knew this type of attack was coming way before it happened. But, those that failed to protect their servers from misuse apparently didn’t. This failure of people to prepare for a known possibility is rampant in society.

Those of us that want solid Internet connections can take some steps to mitigate the impact such attacks have. The attacks often target the DNS servers, the units that translate secondlife.com into something the computer can use, IPv6 = 2001:578:3f::30 or IPv4 = 216.82.8.56. The bad actors get the most impact for their clicks by taking down DNS servers as without them your computer can’t find the machine addresses and cannot connect. Fail. Continue reading

News Update 2018 w09

Earlier I reported (ref) on the DDoS attack and linked to the Linden post on the subject. Things seem to be getting better. Concurrent use was back to the mid 40k users.

In the Server-Scripting UG meeting, Simon Linden told us this has been on-going for about 24 hours. April Linden tells us the same in the SL Blog post.

However, from a credible source, I understand the SL Forum went nuts with fake news. So, be aware there are nuts posting on the forum that enjoy creating havoc.  The sad part is some believe what they are saying and think they know something. Others know they are deliberately making mischief.

How do you tell which is real? If you go into the Answers section of the forum and look at the 3 to 6 posts threads, you will find a small number of people consistently answering questions. Those people are mostly trustworthy. When they don’t know, they have been known to say so…

So, the statement the asset servers went down and all SL content was lost was totally bogus. I’m not sure why anyone would make that statement. There are those always wanting to harm the Lab. Others think it fun to scare people. Others seem to believe whatever pops into their head.

I understand some new people will believe anything about SL and the Lab. But, I have the idea that with all the fake news, propaganda, and spin people would be more skeptical of what they hear. Silly me.

Second Life News 2018 w09

The last few days we have had some people complaining about login issues. I’m one of them. But, the problem is so erratic and apparently random I can’t put any useful information in a JIRA.

This morning there was some issue with logins. Only 17,000+ were on when I logged in at 10:45 Am SLT. On my trackers next update, 19,000+ were on. That 17k is an extraordinarily small number. The low for the day is about 7,000… but it may have been zero. My tracker only grabs data every 10 minutes. A lot can happen in the computer world and RL in 10 minutes.

Lauressa - Close-up

Lauressa – Close-up

I currently show 3,000 to 2,000 people logging in every 10 minutes. This is indicative of some grid wide problem.

Status only says they are investigating intermittent login issues.

Update 11:00 AM SLT – Seems the problem is a DDOS attack. See Unscheduled DDoS. This is not a Linden Lab specific attack. Early indications, often wrong, suggest it is possibly an attack on America. I would not be surprised to trace it back to North Korea. They will likely react to the sanctions just placed on the Democratic People’s Republic of Korea. So, appease them now and face a nuclear attack later or deal with them now?

Did you know the average duration of a mass shooting is three minutes? What is the response time of the police in your neighborhood, to your sports arena, movie theater, or school? Continue reading

AvaStar – Infected Download

WARNING UPDATE:2/9 – OK The original post is not quite right. Original:

The AvaStar people (wrong – wasn’t reading closed enough) have posted a warning about recent downloads of AvaStar being infected with a Trojan or computer virus. They aren’t clear on what it was just that it was a bad thing. See: AvaStar – infected download.

If you downloaded their version 2.3-2 update in the last 2 or 3 weeks… you are at risk. Get a new copy and replace it. Scan your computer…  Type DEFENDER in the ‘Ask me anything‘ or Search Windows field and run Windows Defender. Click Virus & threat protection. In place of a Quick Scan choose Custom Scan and point Defender to the place you keep your downloads.

Gaia commented below. Also, the original warning came from Casper Tech, not Machinimatrix. Also, the Casper Tech post has changed since I first read it.

Gaia and the Machinimatrix people seriously doubt the AvaStar code or package was infected.

Thinking about it, the programming code for Blender is Python. Blender add-ons, at least all those I have, are delivered as text files written in the Python language. So, the malicious code would have to be written in Python making it a specialized case, which is outside the normal pattern of malicious code for a web hack. So, I suspect Gaia and crew are right, the AvaStar programs and package were NOT compromised.

Doing some research this morning, I find that it is possible to embed malicious software in Blender files (.blend) and place executable code (.exe) in Python programs, but the Python has to call them and Windows intercepts the call and asks if it is OK to run it. Neither case is conducive to hackers. So, possible but unlikely.

However, Casper Tech is pointing out that the website hacks were sending people to a third-party site. They were attempting to inject malicious software into computers arriving at the site. But, a manual virus-scan of your computer will reveal any problem.

OpenCollar No Longer OpenCollar?

More SL drama. Unfortunately, about 100,000 SL users will be affected. It seems in November 2017 there was a sudden change in the OpenCollar programming team. Wendy Starfall and Garvin Twine were doing most of the work, programming, marketing, support, etc. for the last 6 years.

The early founders, from the history I can find, are Nandana Singh (now Nirea Resident) and Athaliah Opus. Several involved in the OC Project say they have ignored the project for the last 6 years or so. Leaving it to Wendy, Gaven, and others in the team to do the work and pay for websites and land (regions). But, we would have to define what the speaker means by ‘ignored’.

A point came when Nirea and Athaliah decided the OC project was going the wrong way. It seems that while the open source OC code was being maintained with no income for the programmers from it when the active programmers decided to sell an add-on under a brand name called Virtual Disgrace and some other things based on OC open source code.

“You can't stop the future You can't rewind the past The only way to learn the secret ...is to press play.” ― Jay Asher

You can’t stop the future You can’t rewind the past The only way to learn the secret …is to press play

The entitlement mindset folks decided it was an outrage that programmers working for free should even consider working for a profit and not giving them everything free… So, the great divide opened. The eventual result Nirea and Athaliah reclaimed the OpenCollar in-world group and kicked Wendy and others on the new path out of the group.

OpenCollar remained fee. But, the programmers were making other toys and selling them on their own. I could use the OpenCollar code and make a toy and sell it. But, you would still be able to get the free OpenCollar code and made your toys and sell them. Continue reading

Linden Lab Copyright Goes Nuts

Strawberry Singh is dealing with the Lab banging on her for a copyright violation at YouTube. See: Trademark Complaint Received from Linden Lab.

Strawberry writes, “I didn’t think that would be an issue as it says on their Trademark Guidelines page that journalists and media outlets have special permission to use it in blog entries etc…

Copyright!?!

I’ve read that. I understand the rules to be pretty clear the problems are about impersonating Linden Lab or Second Life, doing something to make the people seeing the logo think you are associated with the Lab, a product is made by the Lab, you are some part of the Lab or represent it in some way.

Strawberry is not doing that. While I can suppose someone might make that mistake watching Strawberry’s video tutorial, I do NOT think it a reasonable conclusion.

So, I understand the information the same as Strawberry does. So, what’s up? We don’t know. Of course, YouTube isn’t waiting around. The Lab complained and YouTube loaded the 12ga and said move it. With almost no time and the Lab doing the old single lame answer and then stonewall, Strawberry had had no choice but to take down her 2 SL intro videos.

If the Lab provides no discussion or clarification, this will through a chill on people making SL tutorials that show how to join or use SL. F______g dumb. People use logos and trademarks in all sorts of stuff. Admittedly with permission, which the LL Trademark Guidelines give and the context in which they can be used. Companies like CokaCola allow broad use of their trademark on just about anything but a competing can of soda. They understand the importance of having something promoted.

I suggest you jump over to twitter and pop off a tweet to @ebbealtberg. Give him a link to Strawberry’s blog and ask, what’s up with that?

May be use the hashtag #berryCopyright.

…or maybe this is some devious plot by Drax…  naw, he likes Berry. No matter how many more viewers she gets than he does.