broy12211488313522 Posted June 4, 2012 Share Posted June 4, 2012 A group of friends and I were hanging out today when out of the blue all of us received the message "you have been teleported by an objected owned by....." in my case my name was the owner of the object that TPed me, and the objects that TPed my friends had their names as the owner. All of us were TPed from a no script, no build, no push sim, to The Corn Field (which by the way is a very interesting place) and then to a weapons sandbox, then back to The Corn Field. Each of us had to relog in order to get back to are starting point, because trying to TP via landmarks failed and we wound up right back at The Cornfield. From what I personally saw several sims were hit in this fashion, including a bunch of poor Bronies Link to comment Share on other sites More sharing options...
Dilbert Dilweg Posted June 4, 2012 Share Posted June 4, 2012 Yea i got hit today. Not sure what happened but sudenely was being teleported Link to comment Share on other sites More sharing options...
JWabbit Posted June 4, 2012 Share Posted June 4, 2012 The same thing happened in the London City hub. Myself and everyone else present was teleported to the Violet Infohub. The same message as above (replace with my name) was given in local chat. I couldn't get back so I logged out and back in. Others who stayed reported being transported en mass from there to other infohubs. Link to comment Share on other sites More sharing options...
Marianne McCann Posted June 4, 2012 Share Posted June 4, 2012 Interesting. Sounds like an "unintended consequence" of https://wiki.secondlife.com/wiki/LlTeleportAgentGlobalCoords That it allowed you to go to The Corn Field reveals a serious design flaw, IMO. That sim (not the numbered clones) is not pubicly accessible. Which means one could potentially use this to get into places they should not. Filing a SEC JIRA... Link to comment Share on other sites More sharing options...
161488303349 Posted June 4, 2012 Share Posted June 4, 2012 yes. is some holes in how it works at the moment Link to comment Share on other sites More sharing options...
Marianne McCann Posted June 4, 2012 Share Posted June 4, 2012 16 wrote: yes. is some holes in how it works at the moment I could pilot an ocean linder through that hole. *if* this allowed one to get to The Corn Field, then one could get to a lot of other sensistive areas of the system. Very much not a good thing. Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Marianne McCann wrote: Interesting. Sounds like an "unintended consequence" of https://wiki.secondlife.com/wiki/LlTeleportAgentGlobalCoords That it allowed you to go to The Corn Field reveals a serious design flaw, IMO. That sim (not the numbered clones) is not pubicly accessible. Which means one could potentially use this to get into places they should not. Filing a SEC JIRA... This sounds wild. Especially because the way this script is supposed to function: "To run this function the script must request the PERMISSION_TELEPORT permission with llRequestPermissions and it must be granted by agent." (my bolding) Link to comment Share on other sites More sharing options...
Caitlin Tobias Posted June 4, 2012 Share Posted June 4, 2012 Marianne McCann wrote: Interesting. Sounds like an "unintended consequence" of https://wiki.secondlife.com/wiki/LlTeleportAgentGlobalCoords That it allowed you to go to The Corn Field reveals a serious design flaw, IMO. That sim (not the numbered clones) is not pubicly accessible. Which means one could potentially use this to get into places they should not. Filing a SEC JIRA... Hm no, the Cornfield is open all year, it is even listed in the Destination Guide as a SL Origin: https://secondlife.com/destination/the-corn-field Link to comment Share on other sites More sharing options...
Mudslinger Ning Posted June 4, 2012 Share Posted June 4, 2012 My experience so far: I haven't been hit directly with it myself - but several friends and one of two bots I have running on a sim got whisked away. It appears the greifer attack is limited to a number of meters (from where it is deployed) as other people in skyboxes and the far parts of the sim were unaffected the whole time. This may indicate the attack may be limted to the attacking viewer's view range or an object detection range. As for the bot - according to the logs she was hit with an object masking her own name, ripped off her base station and got sent to several sims including the cornfield and a weapons sandbox a couple of times and ended up finding her in a pile of other unfortunate bots from other sims in one of the Brony places. Had to relog the bot to send her home. Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Caitlin Tobias wrote: Marianne McCann wrote: Interesting. Sounds like an "unintended consequence" of https://wiki.secondlife.com/wiki/LlTeleportAgentGlobalCoords That it allowed you to go to The Corn Field reveals a serious design flaw, IMO. That sim (not the numbered clones) is not pubicly accessible. Which means one could potentially use this to get into places they should not. Filing a SEC JIRA... Hm no, the Cornfield is open all year, it is even listed in the Destination Guide as a SL Origin: https://secondlife.com/destination/the-corn-field That is new news! For the longest time it was closed to "public" access. "It is located at the North-West tip of Orientation Island 1 and closed to the public." http://wiki.secondlife.com/wiki/The_Corn_Field Link to comment Share on other sites More sharing options...
161488303349 Posted June 4, 2012 Share Posted June 4, 2012 Perrie Juran wrote: "To run this function the script must request the PERMISSION_TELEPORT permission with llRequestPermissions and it must be granted by agent." (my bolding) yes. this is how it supposed to work. and it does if write/use it the way is documented Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Mudslinger Ning wrote: My experience so far: I haven't been hit directly with it myself - but several friends and one of two bots I have running on a sim got whisked away. It appears the greifer attack is limited to a number of meters (from where it is deployed) as other people in skyboxes and the far parts of the sim were unaffected the whole time. This may indicate the attack may be limted to the attacking viewer's view range or an object detection range. As for the bot - according to the logs she was hit with an object masking her own name, ripped off her base station and got sent to several sims including the cornfield and a weapons sandbox a couple of times and ended up finding her in a pile of other unfortunate bots from other sims in one of the Brony places. Had to relog the bot to send her home. I wonder if this is using the security flaw detailed in this thread and the corresponding JIRA to hide it's true origin. http://community.secondlife.com/t5/General-Discussion-Forum/What-The-Scam-Is-Going-On/td-p/1477327/highlight/true/page/2 https://jira.secondlife.com/browse/VWR-28743? Even though it is set as a major bug and reprod almost two months ago it is still marked unresolved! Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 16 wrote: Perrie Juran wrote: "To run this function the script must request the PERMISSION_TELEPORT permission with llRequestPermissions and it must be granted by agent." (my bolding) yes. this is how it supposed to work. and it does if write/use it the way is documented Apparently then there must be something wrong with the "MUST REQUEST" if this is what is being used. Link to comment Share on other sites More sharing options...
Marianne McCann Posted June 4, 2012 Share Posted June 4, 2012 Caitlin Tobias wrote: Hm no, the Cornfield is open all year, it is even listed in the Destination Guide as a SL Origin: https://secondlife.com/destination/the-corn-field Link goes to The Corn Field2, one of the instances I was referring to. NOT the original, Linden access only The Corn Field (no number). Eay way to tell them apart: the instances all have spooky Halloween stuff in them, the original does not. Link to comment Share on other sites More sharing options...
Hatusu Perl Posted June 4, 2012 Share Posted June 4, 2012 Yes its happening to myself and a lot of my friends today too. I've been to the Corn field, a Linden's land and a gay club so far.....wonder where he will send us next Link to comment Share on other sites More sharing options...
Marianne McCann Posted June 4, 2012 Share Posted June 4, 2012 Okay, looks like a fix is in process. Link to comment Share on other sites More sharing options...
Mudslinger Ning Posted June 4, 2012 Share Posted June 4, 2012 awesome - hopefully it doesn't hurt too many people until it's put in place Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Marianne McCann wrote: Okay, looks like a fix is in process. Can you provide a link to the JIRA? Link to comment Share on other sites More sharing options...
Marianne McCann Posted June 4, 2012 Share Posted June 4, 2012 Perrie Juran wrote: Marianne McCann wrote: Okay, looks like a fix is in process. Can you provide a link to the JIRA? Not with a SEC JIRA, I'm afraid :matte-motes-not-even: Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Marianne McCann wrote: Perrie Juran wrote: Marianne McCann wrote: Okay, looks like a fix is in process. Can you provide a link to the JIRA? Not with a SEC JIRA, I'm afraid :matte-motes-not-even: Right. I had forgot about that. I also posted a link to this thread in Oskar's server updates thread. The potentials for abuse of this function even after they get the permissions issue ironed out is way to big IMHO. We shall see. Link to comment Share on other sites More sharing options...
Arduenn Schwartzman Posted June 4, 2012 Share Posted June 4, 2012 I got tp-ed around starting from the Violet infohub and 10 minutes ago I ended up at The Corn Field3 (the public Halloween sim). I see people tp in every few minutes, by the dozen. Is this griefing? Or a flaw? Link to comment Share on other sites More sharing options...
Qie Niangao Posted June 4, 2012 Share Posted June 4, 2012 Is this griefing? Or a flaw? I suppose you'd call it both. An exploit was discovered in a new function that isn't even quite deployed yet, and one or more griefers are using it to do that for which we so love and admire them. :matte-motes-yawn: It's not a flaw that happens spontaneously, if that's what you mean. Link to comment Share on other sites More sharing options...
Dilbert Dilweg Posted June 4, 2012 Share Posted June 4, 2012 Looks like there may be an emergency fix going down right now Emergency Deploy Starting Now 06-04-2012 02:36 PM To solve a security issue with the Experience Tools that were deployed to Magnum last week we are doing an emergency simulator rolling restart deploy. This has already begun. Link to comment Share on other sites More sharing options...
Elite Runner Posted June 4, 2012 Share Posted June 4, 2012 This forced teleporation can be a hazard if someone simboards around, even when there's a simball game in progress. One team member can be knocked out if he or she faced a forced teleportation. This can also be troublesome to drivers who race, as one racer goes fast on a track going 200 MPH or so then BAM he gets teleported without warning, ejecting from his car and stopping a vehicle, causing it a hazard for other racers that that can cause a multi car collision. This can be a bad time for clubs also. Good thing LL is conducting an emergency deploy to fix this. Link to comment Share on other sites More sharing options...
Perrie Juran Posted June 4, 2012 Share Posted June 4, 2012 Elite Runner wrote: This forced teleporation can be a hazard if someone simboards around, even when there's a simball game in progress. One team member can be knocked out if he or she faced a forced teleportation. This can also be troublesome to drivers who race, as one racer goes fast on a track going 200 MPH or so then BAM he gets teleported without warning, ejecting from his car and stopping a vehicle, causing it a hazard for other racers that that can cause a multi car collision. This can be a bad time for clubs also. Good thing LL is conducting an emergency deploy to fix this. Please stop shouting at us. Pretty please! Link to comment Share on other sites More sharing options...
Recommended Posts
Please take a moment to consider if this thread is worth bumping.
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now