Online gaming security/your personal data:

[Maryanne Solo]

Can anyone tell me why every major gaming platform/system has been hacked to bits in recent times except Second Life?

I have never seen any reason for this exalted security status that Linden Labs has bestowed upon us. Nor have I ever seen this issue discussed anywhere before.

How much kudos is due to the labs for ensuring we are safe from this tsunami of personal data invasion?

This is getting to be a habit :matte-motes-agape: but for the second time today, thank you linden labs for a job extremely well done.

[Ceka Cianci]

do you mean game server hacks or people having accounts hacked?

[Peggy Paperdoll]

Aside from SL having one successful hack attack a few years ago which caused LL to stiffen the security considerably, SL is just not an attractive target for hackers.  The concurrency is not really that great even at peak times.  There may be a couple million "members" but there are relatively few regular users.  And of those regular users there are very few users who provide payment information.  There are just too many other, more attractive, targets for someone to attack besides Second Life.

 

Sort of like the Mac users gloating over their more secure operating system.  It's about numbers (as Mac users are finding out since they've come up in the world of users).  If and when SL gets "big time", that security will go away............and fast.

[Maryanne Solo]

Game server hacks Ceka well anything really. Anything that doesn't come from people sharing passwords etc or inworld exploiters RZone and the like.

Thanks Del and good point Peggy.

[Bree Giffen]

In 2006, some SL server got hacked for names and addresses. They made us change our passwords as part of the security upgrade.

[Ceka Cianci]

hehehe ya peggy kind of pointed it out the one i remember..infact  we just passed the anniversary for it..9/6/06..so it's been a long time and having only one on record is still doing really good i think..

but ya not much since then really..i'm sure that made them get tighter than jimmies hat band the way people freak out around here  LOL

 

WoW is pretty safe also..i hadn't heard of any hacks on them like that..

[Maryanne Solo]

Ah a bit before my time Bree. I was sure there would have to have been at least one incident somewehere along the line ty.

[Nyll Bergbahn]

Second Life was hacked on the 6th September 2006 which Linden Lab openly acknowledged but there may have been a less publicised hacking event in late 2006 as well as I joined in November 2006 and I recall being forced to change my password along with a limited number of other residents. I don't recall any official explanation and rumour was that some account data had been compromised.

There were Quick Time and IE exploits in 2007 but these were targeted at individual accounts not the servers. I assume LL closed these down before anyone did any serious damage.

Although not a hack, Linden Lab's local payment provider for non-US residents seems to have caused a stir over credit card data and I must confess I keep a close eye on my credit card account.

http://community.secondlife.com/t5/General-Discussion-Forum/Client-Data-leaks-from-LL/td-p/893203

 

 

 

 

[Ceera Murakami]

Second Life has been hacked numerous times, but it hasn't often amounted to much.

As others said, there have been breaches of the account security that forced LL to force all users to change their passwords. LL claimed that no actual account passwords or financial data was exposed, but knowing real names and e-mail addresses for accounts did make it far easier to to further attacks to compromise account security, so they had us change passwords to be safe.

There have been hacks that briefly allowed things to be created that shouldn't be possible. The initial creation or Megaprims was one such hack, as was the later window for creating them.

There have also been numerous hacks that allowed hackers to circimvent the permissions system and make full-perms copies of restricted-permissions content. Those have actually been quite harmful.

The land auction system got hacked once, allowing one person to onbain many regions of Mainland at fire-sale prices, with no competition. LL had to take that hacker to court in the real world, and they confiscicated the sims he stole.

Griefers that crash sims or crash multiple regions are doing a type of hack attack, too, though at a fairly primitive level.

So it does happen, but unless LL has to force everyone to change passwords, they generally don't publicise that it happened. They just roll out a new server patch to close the security loophole, or force a viewer upgrade on everyone suddenly.

[Void Singer]

as noted there's been one major account breach of SL, but there have been TONS of smaller hacks, including two notable ones on quicktime which allowed people to steal L$ from others, dozens of server crashers, and truth be told, even though most people don't think about it, both times megaprim creation was enabled, those were actually exploits of the server. and that's not counting the various content theft loopholes (one of which exposed scripts).

 

that said, there's a big difference between the paradigm games use, and the one that SL uses...games are designed for the most part to limit actions to a specific set approved for balance of play. SL's environment is designed to maximize actions by providing multiple avenues of freeform creation and extension.

because of that, people looking for an advantage in games have only one alternative... hack the system to give themselves and advantage. whereas in SL you simply make your own options with the tools provided. This leads to a much larger hack culture going over the code with a fine toothed comb in gamin communities, and a much smaller one in SL, and here they have a different focus.

there's also more of a challenge ethic in gaming communities, based on the game itself being a challenge, so subverting the game is just a step up  on the same ladder. In SL there is not goal except the ones you set for youself, so there's less drive to challenge the system (although the competitive drive with other users seems almost as strong)

[Thermal Absent]

It does remind me to change my pw today.. thanks for the reminder..

 

Have a wonderful morning.......