Chaser Zaks

After reviewing the terms of service, I'll admit, I was incorrect about it being in violation. However one can argue that it is disclosure due to the fact when a alt is banned, both accounts are banned and they will have the same ban duration listed in the parcel listing, eg: More precise timestamps can be acquired. For some, this is enough to identify alts. EDIT: Was going to edit the other posts crossing out the violation statements, but apparently can't do that after 24 hours.

That is possible. I suspect they are actually using hash, but I didn't in the example for the sake of clarity. However, even hashed, it still violates the terms of service because it doesn't take long to generate a rainbow table to look up IP address hashes. I have one myself, it is about 63 GiB when stored correctly, and takes less than a second to locate the hash because of how it is stored. There are ways to get around the rules, but I'm not going to mention it here because it'll tell people with bad intents how to get around the rules.

All accounts used below in the example are mine and IP addresses are internal addresses. Here is a example table: KEY VALUE altdetector_127.0.0.1 1623172887~796b1537-70d8-497d-934e-0abcc2a60050 altdetector_192.168.0.127 1623173421~835096de-9f7e-42d2-b92d-6dc6677f7d8f In this example, Chaser Zaks(796b1537-70d8-497d-934e-0abcc2a60050) and Saltyalt(835096de-9f7e-42d2-b92d-6dc6677f7d8f) are already in the area and have clicked the URL already. When Parker Oh(918ff3eb-e8fe-4cfe-8bff-5963a461962e) with the IP of 192.168.0.192 enters the area, they are prompted to visit the URL. They do and this is added to the table: KEY VALUE altdetector_192.168.0.192 1623172926~918ff3eb-e8fe-4cfe-8bff-5963a461962e Now, Parker Oh still has the URL. They can simply change it to /?796b1537-70d8-497d-934e-0abcc2a60050 and it will look up the the key "altdetector_192.168.0.192" and see that a entry exists and that the UUID assigned to that address is "918ff3eb-e8fe-4cfe-8bff-5963a461962e", which since the time is very recent(I presume it is a past 24 hour check because it bans for 24 hours), it will consider "796b1537-70d8-497d-934e-0abcc2a60050" as a alt of "918ff3eb-e8fe-4cfe-8bff-5963a461962e", and eject both Parker Oh and Chaser Zaks. This can be repeated for /?835096de-9f7e-42d2-b92d-6dc6677f7d8f and eject Saltyalt. I should note that script is using a "trust the client" approach and not storing any request history. I have checked this and confirmed it myself. It is the same URL for every person, there is no salt/hashing inside the URL, and it doesn't check if the person is even in the area before it ejects them.

Time to deep dive into this: I just tested it on a testing account. This is exactly what occurs: The user is told to add a experience to their land The user is then told to deed the object if it is group owned Then upon entry of any resident(Checked every 10 seconds), they are told to visit a LSL HTTP URL with a query string matching their UUID(EG: http://simhost-#.agni.secondlife.io:12046/cap/<cap>/?<VISITOR UUID HERE>) with the following message: This is also sent in chat: A "mathematical hash" occurs and detects the alt. The user sees the following message in their web browser: Any alts on the land at the same time and you are kicked with this: So what can I figure out from this? Does it work, yes! (This is both good and bad, bad because it works, good because I get to go all analysis on it, figure out how it works, and figure out how I can use this knowledge to break it) Inspecting the request headers and response headers, cookies are not used. In fact, nothing identifiable is stored on the browser, so that leaves either the user agent, or IP address. Let's rule out the user agent because that's easy to test by simply doing this: felix@crocuta:~$ wget -O- "http://simhost-093042474281521d7.agni.secondlife.io:12046/cap/f2140c12-6696-325b-9e97-a545e8e39ae9/?796b1537-70d8-497d-934e-0abcc2a60050" Still detects me, so that means the IP address has to be used, lets try that in tor. After trying it in tor, IT DOESN'T DETECT ME AS A ALT! So that means it is indeed using the IP address, but it says that it doesn't record it, but it uses a mathematical hash, so what is really going on under the hood? Well, thankfully dataserver is sent to the prim, not specifically a script. So I put in a little bug to watch the dataserver responses and I get this: This is a response from the llReadKeyValue function, which means it follows this format: <status>,<data> With that knowledge in mind, we know that the "1," is part of the LSL function, which leaves us with the data after that: 1623172887~796b1537-70d8-497d-934e-0abcc2a60050 Clearly it is seperated by a ~, so we see a number, and a UUID. The UUID is me. The number is the current unix timestamp(EG: https://www.unixtimestamp.com/index.php). But no information regarding on what the "key" of the value is. Since they mentioned a "mathematical" function, I guarantee you their "mathematical" function is just: llMD5String(llGetHTTPHeader(request_id, "x-remote-ip"),0); Or maybe it is just sugar coated and just stores the raw IP address without MD5 hashing it. Even if it is MD5 stored, because you can easily iterate over all the experience database keys and figure out what what the keys are, you can simply have a rainbow table of every IP address(4,228,250,625 different hashes to index, but this includes reserved IP addresses which can easily reduce the number a lot). My GPU can do around a million hashes per second, if not more. So it'd only take me about 70.46667 minutes or less to figure out someone's hashed IP address. So what does all the techno jarble I just posted mean?: Your IP address gets stored by this, either by hash or just plain text. Either way is bad and I would be able to reverse the hash in less than 70 minutes. Your alts are detected by this, but it is easily foolable by just using a proxy(such as tor) to visit the URL, or by using LSL to llHTTPRequest the URL and make the request from the simulator it's self. You can abuse this to get other people banned from the land by changing the last part of the URL you are given. To ban for example Dan Linden(Sorry Dan!), provided he is on the land as well, but he wouldn't be too happy about alt detectors: /?3de548e1-57be-cfea-2b78-83ae3ad95998. It most certainly violates the Terms of Service.

Posted this earlier in the commerce group, but figured I would post it here as well: I didn't know Ebbe personally, but I had spoke with him once or twice though. He was a really nice guy, and I know he was really liked among his colleagues. Wish I had gotten to speak with him more though. May he rest in peace.

Maybe? Is Internal Monologue like: "hmm wot to do" and just general thinking to yourself? If so, yes.

I'm not sure where you are getting Mallchimp, Maiichimp, or Malchimp from. The domain used was mc.secondlife.com and list-manage.com. Second Life's domain is subject to these issues alone, I can easily type "secondlife secondlife secondllife secondlife secondlife sec0ndlife secondlile sesondlife secondlife seconcllife secondlife secondlife" etc. Can you count how many "alternative spellings" are listed in there? Phishing is a problem, it has always been one, and will continue to be one no matter how good we make computers and how well we teach users. However technology has been improving to make it more difficult to phish, including various techniques such as machine learning to filter out, and users are slowly learning they need to be careful. One thing I try to tell people is: If at all possible, if you get a email, don't click the links, instead navigate directly to page by going to a bookmark that you keep or by typing in the URL manually, and if you are ever suspicious, check the SSL certificate and see who it is signed to. Simply put, you should always be careful what you click.

This is not a marketing post, I am not affiliated with Mailchimp, nor am I endorsing it. I use a different provider for my email distribution, so I would have no reason to vouch for Mailchimp other than I know that they are a company that exists and I know they are not a bad/malicious company. This post is only to explain to those who Mailchimp is, why it is being used, and what they do and do not have access to. So for those worried about Mailchimp: Who is Mailchimp: Mailchimp is the industry leader in marketing email list distribution(Accounting for more than 62% of this market). Mailchimp is used by various big companies, including Crunchyroll, Name.com, Dailymotion, and DigitalOcean. Around 7,000+ companies use it to date. Mailchimp is not the only company to provide services like this. Others include Mailgun(My choice), Sendgrid, Amazon, and Google. The later two I would have more concern about. Mailchimp has been around since 2001. Mailchimp does not have access to your Second Life account, or any other information. What Mailchimp has access to: They can see your email address, but that's about it. They are not interested in it for any other purpose other than fulfulling the service Linden Lab has paid for. In specific, it is only used for two purposes: Sending you emails that Linden Lab has authorized, in this case, it'd be event notifications. Protecting you from bad actors who abuse Mailchimp to spam. More specifically, the unsubscribe and report button at the bottom of the email. When you unsubscribe, the sender can no longer send you emails via Mailchimp, as it gets put into their internal "Don't send emails to this address". The sender cannot see that you blocked these emails. When is Mailchimp not used?: Linden Lab does not use Mailchimp for a varying number of emails that they send, these include, but are not limited to: Emails that contain sensitive information, such as password reset, account recovery, anything regarding L$, etc. These are sent directly from Linden Lab to your inbox. Marketplace emails. Instant message emails. Jira emails. Support emails. (These are handled by Freshdesk) User group mailing lists. (These are handled by Google Lists) (My guess as to) why LL is using Mailchimp instead of their own servers: Very likely due to LL's move to the cloud. Off loading various services to third parties, such as simulator and asset hosting to amazon web services, moving the forums to Invision's servers, etc. It means less money that Linden Lab has to spend to provide a better and faster service (once all the issues of moving from a internal infrastructure to cloud infrastructure is ironed out) Do you have anything to worry about: No. I do security research and internet technology related stuff. If there was an issue, I would raise issue with it. I'd honestly be more concerned about Amazon hosting simulator and assets than Mailchimp sending out emails. What about the spooky "tracking link"?: This is purely to assist with Linden Lab making better emails that will help with user engagement in the future. It basically just tells them how many people have clicked in total, how many people clicked a header image vs text link, etc. They are harmless and do not actually "track" you like tracking cookies would. If you still are not ok with this: You can make sure that Mailchimp will not have your email the next time LL sends out a marketing email by choosing "Unsubscribe" here: https://accounts.secondlife.com/change_email/?lang=en-US

mc.secondlife.com is LL's subdomain for MailChimp, which is a marketing mailing list service that Linden Lab uses. It is a lot faster than most internal solutions. The email is legitimate. I received one on my email that I only use for Second Life, as well as having inspected the email headers. The reason it comes from mc.secondlife.com is the same reason my automated emails come from mg.MyDomainICantMentionAnymoreOrTheForumThinksItIsSpam.com: To satisfy anti-spam and phishing detection by includinf valid DMARC and DKIM information in the TXT field of the domain name. By using a subdomain, it means LL can still use secondlife.com and all it's other subdomains to send emails and what not that don't go through MailChimp, such as im.secondlife.com for object emails. You can opt to unsubscribe from these emails by clicking the unsubscribe button at the bottom, or by unsubscribing here: https://accounts.secondlife.com/change_email/ If for some reason the above solutions do not work, you are encouraged to submit a bug report on https://jira.secondlife.com/ Just remember that LL will NEVER ask you for your password except during viewer login, id.secondlife.com, web-login.secondlife.com, and on secondlife.com/my/ when changing password. If you receive a email regarding a password reset that you did not request, simply delete and ignore it.

This is a wili bad sock puppet attempt. Now I don't speak for LL, but I know there is only so many times they will humor you sock puppeting on the forums to advertise.

I already did, and as I said, usernames are not a fashion accessory. If you want fancy characters in your name, use your display name so I can refer to your username when I have to use moderation tools in regions I moderate.

I already refer to people by their username when they make their display name untypeable. I will start referring to people by their UUID if they start doing the same with their username. Usernames are supposed to be readable, not a fashion accessory.

If implemented, I am hoping that llOpenFloater is more than just llOpenFloater(string url);, as llOpenFloater could have much more use potential. I'd see something like llOpenFloater(string floaterName, list options); being a better suited function layout, as this would allow, in the future, more than just a webpage. Perhaps a floater asset that can be custom designed by using XUI in-world(sanity checked of course, I've done crashed myself a few times when editing XUI). Though with webpages being the initial selling feature, is does kind of seem like a re-implementation of llLoadURL, though without explicit user permissions. There is reasons why llLoadURL, media streams, and MOAP have permission dialogs, and that's redzone, we don't need a repeat of that. No amount of money is going to stop people from being malicious with it, just take the landlords who spam people with notecards weekly if you happen to get on their mailing list somehow. Perhaps webpages should be whitelisted in a similar fashion to media URLs, initially whitelisting *.lindenlab.com and *.secondlife.com, and allowing users to choose to accept whether or not a URL is allowed or not.

I honestly do not like attention because aspergers came with social anxiety. I once built up enough courage to go to a furry club, then someone yelled(shouted) "<UNICODE GLITTER> HELLO CHASER ZAKS WELCOME TO <CLUB>!!! HOPE YOU ENJOY YOUR STAY! <UNICODE GLITTER>" the second I arrived. It made me leave immediately because my anxiety shot through the roof. Not going to another club ever again.

Just because someone reports you, doesn't mean that LL will automatically do something about it. They take reports with a grain of salt, and use it as a starting point for their own investigations, which they gather from server logs. Once they have enough evidence that they themselves produced, they take action. As for the situation you presented: They likely reported you for "Disturbing the peace > Repetitive spam". Second Life's older residents have experienced quite a bit of spam over their time, and are very.. unhappy.. when it comes to being IM'd out of no where with ads. General rule of the thumb: If you are going to IM people, it shouldn't be an advertisement. There is a place for advertising, and that is classifieds, the marketplace listing enhancements, and in-world advertising banners. Sending unsolicited ads to people will often have a negative effect of word spreading about spam.

As long as the scripts remain full perm, it falls within the GPLv2 license. You can always get the scripts for free at: https://github.com/OpenCollarTeam/OpenCollar

Parker(October 15 2004 - April 29 2021) on the left, Fluffy(October 15 2004 - April 8 2021) on the right.

I have seen a few places that forbid furry avatars, but it is perfectly reasonable and in their right to do so. Personally what I do is get my alt account and scope out the place to make sure it'll be somewhere I will fit in, this is primarily due to anxiety but also because I like to read the rules before I set foot on my main. People have their reasons to forbid specific types of avatars, but there is also plenty of places for everyone in SL.

Because for some reason people think that "unless the boobs are big, it is a child", because people don't think flat/small chested people don't exist apparently. I have the kemono avatar, I don't use it often, but I see lots of people use it. Unless someone goes out of their way to make it look like a child, I don't see it as a child.

Do what I do and use a script which can pull facial expression data off a webcam and animate the avatar based off what it thinks the expression is.

Talking with the rest of the team, it is possible you downloaded the 32-bit version which is capped at 512. You'll need to get the 64-bit version to go above 512. You can try a re-install to install the 64-bit version instead(I'd recommend probably uninstalling the 32-bit version first): https://www.firestormviewer.org/choose-your-platform/ If you can't figure out which version you are using, you can post your environment string and I'll take a look at it. You can find that here:

That is texture memory limit. The memory limit is based off the maximum that your graphics card can hold. You can still see textures that are up to 1024x1024, just it is limited to how much can be in the video memory at once. As for group chats, that is a Linden Lab issue and is something that is out of our control.

If I recall correctly, the issue boils down to them making claims that you subscribed somehow, and that they offer the ability to unsubscribe. Often unsubscribing mean contacting them and hoping they read your message. Only then you can file an AR for not unsubscribing. I would really like to see this rule rewritten as:

So with all the mainland getting connected, I am proposing a new super highway from the rest of the mainland to Zindra, below is my expertly made diagram: My super highway plan will take approximately 4,500 Regions, and 10,000 Moles. Thoughts?

Search "OwO what's this". I can't finish the rest of the phrase because it'd lead into nsfw, but that will answer your question.