Tuesday, September 7, 2010

Lord, Keep My Memory Green

As of 10 AM Pacific Daylight Time (which is also SLT) on September 8, 2010, Linden Lab will block all versions of the Emerald viewer from connecting to Second Life. Emerald users will need to either revert to an official Linden Lab viewer, or another third-party viewer that is still permitted to connect to the grid.

Linden Lab's move is the just the final nail in the coffin of the Emerald viewer—since I last wrote, the Emerald development team has abandoned its plans for a brand new fully transparent organization and scattered to the winds. Some of the former Emerald team have grouped together to launch new third-party viewers based on apparently-legit versions of Emerald itself—more on that below. Some other Emerald team members have apparently gone back to whatever they did in Second Life before they became players in the virtual world's biggest soap opera, and some of them—maybe, hopefully—have maybe gone away for good.

But don't bet on it.

How Did We Get Here?

Linden Lab removed Emerald from its Third-Party Viewer Directory for repeated violations of Linden Lab's third-party viewer policy, and also for violating the GPL, or GNU General Public License (v2).

I detailed Emerald's privacy violations earlier: the Emerald viewer baked personal information into user's avatar textures, and used its login page to hijack users' Internet connections to launch a distributed denial-of-service attack against a third party. It's not clear whether Linden Lab considers the infamous "datamine" database the Emerald development team constructed earlier this year to be a privacy violation, but certainly many Second Life users did.

Violating GPL means that the Emerald development team included proprietary, commercial software in the applications: the now-infamous emkdu image processing library. All third-party viewers are based on source code from Linden Lab released as open source under the GPL license, which requires all derivative software must, in turn, be licensed under the GPL. Since a commercial software component cannot be released legally as open source, it cannot be included in an open source GPL product.

Linden Lab acknowledges being "in communication" with the Emerald development team over these issues, and says it requested "several changes" to Emerald. According to Linden Lab, Emerald is being banned from the Second Life grid for not being able to meet those requests by September 3.

So what were those "requests?"

According to Jessica Lyons—a former member of the Emerald development team and coordinator of a follow-up viewer—Linden Lab demanded the following:

  • A fully transparent development process with open mailing list, online forums, and a publicly accessible source repository with public notices whenever code was committed to Emerald;
  • Publish a privacy policy that detailed all user data collected or stored by any version of Emerald that has ever been released;
  • Everyone with commit privileges to Emerald would have to be a Second Life user in good standing and a signatory to Linden Lab's third-party viewer policy, which means disclosing their real-life identities to Linden Lab;
  • Emerald would have to remove the commercial emkdu library; it also could not ship Linden Lab's own (similarly commercial) llkdu with Emerald;
  • Emerald developers Lonely Bluebird (aka Phox), Discrete Dreamscape, and Skills Hak must be severed from the project.

Ye Gentle Readers will notice that last request is not like the others.

Why Those Three

The Emerald development team has put out the notion that the denial of service attack embedded in the viewer's login screen was the work of one developer—the Emerald project lead, Fractured Crystal, aka JCool—and he resigned from the Emerald project as a result. So why was Linden Lab intent on getting three more Emerald developers off the project? In the world of anonymous avatar names—and where creating a new account and a new name is the matter of a few minutes' work—it's hard to be precise. But all three appear to be (or have been) involved in the creation of Second Life viewers capable of downloading and copying in-world content in violation of copyright, and which likely contained griefing tools and other exploits that could crash user's client, crash sims, and even getting users to connect to rogue sims.

Linden Lab's beef with the person behind Discrete Dreamscape is long-standing: Discrete posted copybot code to Linden Lab's own JIRA issue tracker system on multiple occasions—another Emerald developer, LordGregGreg Back, lauded it. Skills Hak is the mastermind behind the popular Second Life cyberpunk roleplaying community Insilico, but is also the main face beyond the Gemini CDS (Copybot Protection System), which purports to protect private sims from users with content-ripping viewers. And Lonely Bluebird—aka Phox—has reportedly been permabanned from Second Life on at least one occasion.

In addition to creating Emerald, several of the Emerald developers were also working on a viewer called Onyx, which Fractured Crystal positioned as a private viewer—not available to anybody!—that focussed on identifying vulnerabilities in Second Life so they could be reported to Linden Lab to be fixed…and, of course, detected for commercial purposes by Gemini CDS.

In May of this year, a snapshot of the Onyx code base from October 2009 leaked to the broader Internet. The code archive revealed two things:

  1. Onyx was merely an elaboration of the content-ripping client Vlife.
  2. Developers who had checked in code to Onyx at that time included Fractured Crystal, Lonely Bluebird, Luminous Luminos, Thomas Shikami, Tyken Hightower, Zwagoth Klaar, and Discrete Dreamscape. (At a later date, Skills Hak stated she was working on Onyx.)

By most (not all) accounts I've been able to gather—and, again, avatar names and online handles are slippery things—the VLife client was the child of JCool—aka Fractured Crystal, the former head of the Emerald development team. And VLife is apparently one thing that got his JCool persona permabanned from Second Life. (There is some evidence JCool was banned more than once, or at least commited multiple serious violations of Second Life terms of service, including accessing "god mode" administrative features reserved for Linden Lab employees.)

The list of programmers who checked code into Onyx is notable for three names: Lonely Bluebird, Discrete Dreamscape, and Skills Hak. Those are the only three (known) Onyx developers who were still on the Emerald team last month when Linden Lab removed Emerald from the third-party viewer directory. All the others had, by that time, apparently left the project. Maybe, anyway. Tyken Hightower was definitely hanging around with the Emerald development team at the time of the denial-of-service attack.

I could easily be missing something, but Linden Lab's "request" that Lonely, Discrete, and Skills leave the Emerald development team makes sense in this context: Linden Lab won't permit a third-party viewer in its directory that has developers who have worked/are working on content-ripping and griefing viewers.

According to Jessica Lyon, Discrete Dreamscape and Skills Hak withdrew from the Emerald project in response to Linden Lab's "request." Lonely Bluebird, however, refused, then singlehandly released a new version of the Emerald viewer (build 2600) with the ability to spoof its version and client ID. That version of the Emerald viewer was not vetted by whatever QA or release procedures the Emerald team had in place.

So what about those slippery avatar names—couldn't these just create new accounts and get back on board? Yes, they could. And that seems to be why Linden Lab is now requiring every developer who can contribute to a third-party viewer project be a signatory to Linden Lab's third-party viewer policy…and that includes handing over real-life identity information. This is a significant policy change for Linden Lab, which had previously permitted Emerald to be listed in the third-party viewer directory with only the project lead as a signatory to the policy.

Viewer Options

So what now? For all the variously illegal, copyright-infringing, and TOS-violating acts seemingly committed by substantial number of Emerald developers in the last year, there's not denying the Emerald viewer garnered broad support in the Second Life user community for its advanced features and capabilities.

For now, Emerald devotees aren't without options:

The most direct beneficiary of the Emerald debacle is probably Imprudence, which has been around for two years now. When Linden Lab initially announced its third-party viewer policy earlier this year, Imprudence announced it would cease supporting Second Life and continue on as an OpenSim-only viewer; however, they quickly reversed course and created a version that complied with the policy. Imprudence says they're still primarily focused on OpenSim, but the viewer does pack a lot of power-user features and, to my sniffing anyway, seems to have few or no ties to the Emerald development effort.
Phoenix: The Phoenix Viewer is currently the most direct inheritor of Emerald, and is available for Windows, Mac OS X, and Linux. Phoenix is spearheaded by Jessica Lyon, the dev lead is Dimentox Travanti (the creator of the Dark Combat System (DCS) widely used in Second Life, and includes former Emerald developer LordGregGreg Back as the current Windows development lead. Former Linden Lab employee Vortex Saito is on board as well. The current builds of Phoenix are essentially the last "legitimate" version of Emerald, minus the emkdu library.
Emergence is a Windows-only viewer, based on the final "legit" Emerald code base, released by LordGregGreg Back who initially characterized it as a stopgap measure to tide Emerald users over until the brouhaha resolved. It's not clear whether LordGregGreg intends to sustain Emergence now that Phoenix is available.
Ascent aims to be a lighter client with features specifically aimed at content creators.

Of these viewers, Imprudence has the longest pedigree as a standalone project. I know almost nothing about Ascent; however, it—along with Emergence and Phoenix—only managed to get listed in the Third-Party Viewer Directory today.

Note that most of these third-party viewers swap code around—that's how open source works. For instance, Ascent contains features borrowed from Emerald, and features from Imprudence found their way into Linden Lab's SnowGlobe and from there to Emerald and other viewers—there are many other examples. Folks who want to be entirely free of code contributed by the Emerald development effort would be best advised to stick with Linden Lab's official viewers—and, even then, there's a possibility code contributed from Emerald via open source could make it in…particularly since Linden Lab is knuckling down on rapid viewer development with its new Project SnowStorm.

Who Do You Trust?

Some folks will shrug and think "Second Life is only a game, none of this really matters to me." And, for some portion of Second Life's user base, that's undoubtedly true.

However, let's remember that many people run real businesses in Second Life with real money. so the notion of who you trust with your Second Life account information—which, in turn might be connected to things like PayPal accounts, credit cards, and bank accounts—is less trivial.

And then there's identity. Just because you might around Second Life as a giant robot or a cartoon character of a 2m-tall vampire something doesn't mean there's no consequence if your privacy is compromised. Collecting IP addresses, associating accounts with particular computers and locations, and paying attention to how avatars behave and what they reveal about themselves, it's possible to track down many Second Life users in real life—and that creates a possibility for real harassment. How many Second Life users would be comfortable with their employers, co-workers, colleagues, family, or friends knowing everything they do in Second Life?

And, of course, if someone has your real life information, they might decide to break into your house. Or worse.

1 comment:

  1. A nice roundup of the current Viewer landscape. Thank you!


Comments are moderated. You can use some HTML tags, such as <b>, <i>, <a>. If you'd like to contact me privately, use a blog comment and say you don't want it published.