Yordie Sands wrote today about SSB: What Happens Now? which discusses how Linden Lab’s upcoming Server Side Baking project may break several third party viewers, including the immensely popular (and rightly so) Firestorm. I don’t want to see Firestorm broken, mostly because I believe the developers have been through enough with all the problems and bad publicity from the former Emerald viewer. In my opinion, Firestorm is the best viewer available for anyone who’s doing parcel or sim security or trying to oppose griefers, and maybe one of these days I will post about it. But Yordie’s post is timely, because it’s a good transition to another issue – malicious third party viewers.
Today I received an IM from a friend:
Found out who hacked my other account btw. It was the Patriotic Nigras, Simms who programmed illegal viewers is dropping password loggers in viewers and giving them out on the internet.
My friend lost her original avatar, including thousands of Lindens and her entire inventory that she collected over the years. She is a techno-wizard who dislikes copybotters immensely and goes after them when she can. To do that, she experiments with different third party viewers. One of the viewers she downloaded had code in it that captured her Second Life username and password. As soon as she logged off, someone else logged on and destroyed her inventory.
Last week was extremely chaotic, with good and bad things happening all over the grid. When I had a few seconds of free time, I sent an IM to another techno-friend and asked her what was the purpose of the notecard she had given me. She didn’t recall giving me a notecard, but when I described the URL from the notecard and the website where it took me, she was horrified. She said something to the effect of “Don’t EVER download someone’s SL viewer if you don’t know them. People are building viewers just to steal passwords.” I trust both of my friends, and would click on any URLs they recommended. My mistake in thinking that the notecard came from my second friend almost cost me my six year old account. The only thing that saved me was that when I got to the website and saw that it was all about downloading some new and fantastic viewer that was guaranteed to eliminate lag, I closed the window on it. I already have the best viewer on the grid, Firestorm. If I had been in an experimental mood, it could have been a very bad day for Hal Jordan.
We all know about not opening email attachments from unknown sources, or not responding to emails that take you to a website where you have to enter your bank account information to keep your account from being closed. This is exactly the same thing with Second Life software. Be very careful about accepting notecards and objects from unknown users. If you do accept, be careful about clicking Internet links inside notecards. If you do click, don’t download Joe’s Awesome Viewer if you don’t know Joe. As we say in my industry, we should all “cultivate a healthy sense of uneasiness” or a “questioning attitude,” and “stop when unsure.” Just remember the old warning: If it looks too good to be true, it probably is.