Second Life Hit By Massive In-Game Worm

An anonymous reader writes, "At 2:46 CST today, the game Second Life was hit by a massive attack by a rogue programmer. Spinning gold rings began to appear in the air and on the ground, and as users interacted with them they began to chase and replicate. Apparently, most people are willing to touch an object they've never seen before and this invoked a worm script that was designed to multiply and spread across the 2,700+ servers run by Linden Labs in California, the game's owner. Many of the six hundred thousand active users experienced serious lag and lost connectivity to the servers, making it one of the largest known denial-of-service attacks in an online game. Linden Labs had to invoke martial law and lock out all logins by users except their staff as they began the task of cleaning the servers of what they began to term 'the grey goo.'" Comments in the SL blog entry indicate that Linden Labs had already deployed a "grey goo fence" before this worm struck, but someone found a hole in it.

Neat!

[the_humeister]

Now what they need is some sort of illness that affects characters temporarily, just like real life! Imagine, your character gets a cold and slows down and sneezes every once in a while. Or hey, you go kiss another character (if that's possible) and your character gets infected with herpes! Wouldn't that be fun? Oh wait - that was me last weekend. Damn.

Someone please explain

[goombah99]

This sounds like horseshit. It's like something you would see in a factually absurd hollywood movie about a programmer uploading a virus into the power grid. How does this work in these games that someone is ever allowed to inject a code that can run on someone elses session? Why would they allow that. Spining rings appearing in my session from some one elses code and my computer runs the code if I touch them. Praise Tron. I assume there is some explanation for this but since I'm not a gamer I am wit

Re:Someone please explain

[GuruBuckaroo]

Calling it a 'worm' is kind of a stretch. It does not affect your local computer, it affects the view of the world in your local client. It doesn't run code on your computer, it just adds extra "in-game" items that automatically duplicate themselves and clog the Tubes.

Re:Someone please explain

[Anonymous Coward]

Huh? By definition a worm is a self replicating program or algorithm that causes harm, even if only by using bandwidth, network, or computer resources.

That is exactly what this worm did.

Re:

[illuminatedwax]

For that to be true you have to count logging (and pissing) off Second Life players as "harm".

Re:

[Havenwar]

Well, it's a worm that spreads across the Linden Labs servers, ie a network of computers. So it is a worm, it just doesn't effect the end users machines, or in fact the end users at all beyond lagging them out.

Re:Someone please explain

[TekPolitik]

How does this work in these games that someone is ever allowed to inject a code that can run on someone elses session?

Second Life users are able to create objects using a fairly complete scripting language. The scripts run on the servers, and an object can create more objects when somebody interacts with it. It "runs" in other peoples' sessions not because it's running on their system but because they're all viewing the same MMORPG environment.

And to preempt your inevitable comment, yes, it is very lame. I can't believe people are paying ongoing fees (in US dollars) to hold land in this thing.

Re:Someone please explain

[DarkAxi0m]

every object you create in SL can have scripts http://en.wikipedia.org/wiki/Linden_Scripting_Lang uage [wikipedia.org] added to them, that fire on different events, ie touch, never ending loops or the right click menu etc.
some of the commands let you create/spawn (i cant think of the word they use) other objects, like rain, or stars that follow you as you fly around. These objects in turn can have there own scripts too.
i don't know my self how they normally stop never ending loops of created objects other than them asking people nicely not to do it.
Some people have asked to able to disable the scripts but this, i think would have a to greater effects as every thing, doors, cars, lifts, dance club lights etc use the scripts.

i don't mind it, as long a people remember that its really just a glorified chat program with scripts, ie irc with a gui /fish

Re:Someone please explain

[Kadin2048]

i don't mind it, as long a people remember that its really just a glorified chat program with scripts, ie irc with a gui /fish

In that same vein, I would mind this WWW thing a lot less, if people remember that it's really just a glorified Gopher program with scripts...

Re:

[Alchemar]

I'm still debating if the scripts made the web better or worse?

Re:

[SQLGuru]

But the graphics made the web better than Gopher (or WAIS). The graphics led to pr0n.

Layne

Re:

[kabocox]

i don't know my self how they normally stop never ending loops of created objects other than them asking people nicely not to do it.

Don't you remember CS1? I recall how many people in their couldn't write a conditional loop to save their life. I want to know if the script writer was actually looking to do this, or just wanted a few to pop out and didn't know how to properly stop it. Asking people not to do it isn't a solution as alot of people won't know what causes it to begin with. You know this is the

Re:

[Baavgai]

Yep, that's about it.

The scripting implemented in SL via LUA is, at it's heart, event oriented. When an object is created, there is an intentional lag. Functionally, an object cannot "easily" hurt the system with an infinite loop. There is a stack for each object process that's rather small and when that blows, you're done.

Objects can instantiate new objects ad infinitum, if they try hard enough. The object itself isn't doing anything bad, just existing. But each object is overhead so, eventually, boom

Re:

[somersault]

No, it sounded like interacting with the rings is what triggered the script. I've never played Second Life, though I have seen my bro use it, and I've read about it in the past. Having everything residing on the client would kind of miss the point of having a centralised server in the first place, so I don't see why there couldn't be rings floating around, and then when a user touches them it starts up whatever code has been attached to the touch function of the ring. *shrug* Does sound pretty funny to me a

Re:

[acidrain]

I think this was characterized as break out of nano-technology by the admins:

http://en.wikipedia.org/wiki/Grey_goo [wikipedia.org]

Which is a self-replicating sludge of nano-tech which coats the entire world. And that is even cooler/worse than your case of herpes "last week."

Re:

[Class Act Dynamo]

I think a good case of explosive diarrhea spreading through the virtual world would be quite amusing.

Re:

[patio11]

>>
Or hey, you go kiss another character
>>

Kissing another character is not the most likely vector for an infection in Second Life. We'll leave it at that.

Genitals are objects in Second Life

[Anonymous Coward]

you go kiss another character (if that's possible) and your character gets infected with herpes

Genitals are manufactured objects in Second Life, but your normal face's lips are not, so genitals will almost always carry scripts of their own.

This means that kissing another character is unlikely to be a vector for viral infection, but there's a related activity that could easily do this.

Incidentally, waxing your carrot can of course trigger any scripted action in the object, so climax can be rather more visual

Where's my money?

[PopeRatzo]

I wonder if all the companies that now have a "presence" in Second Life are thinking about suing? What if a big press conference was scheduled for today to occur in the online game?

Ha

[8daze]

Proof that all it takes to kill the Internet is something shiny.

Re:Ha

[G-funk]

Linden labs have released Images of the suspected mastermind [arstechnica.com]. If sighted, do not approach the suspect, and inform police!

Re:

[account_deleted]

Comment removed based on user account deletion

Not just misleading, but factually inaccurate too!

[GuruBuckaroo]

First off, there were only about 14,000 people on the system at the time, not 600,000 as indicated in the summary. Second, while they did lock out new logins, it should be pointed out that any user who was currently online was not kicked off - and the period of "martial law" lasted about 20 minutes.

Of course, if there were 600,000 users on at the same time, the "game" would be unplayable - it's tough enough when it gets over about 10,000 right now.

Re:Not just misleading, but factually inaccurate t

[RealGrouchy]

It's not just the content, it's also the presentation:

"...Linden Labs in California, the game's owner."

Do Second Life users also grab at modifiers that are dangled [wikipedia.org] in front of them?

- RG>

Re:Not just misleading, but factually inaccurate t

[arth1]

Of course, if there were 600,000 users on at the same time, the "game" would be unplayable - it's tough enough when it gets over about 10,000 right now.

With 2700+ servers they have a hard time handling more than 10k users? Less than 4 users per server is tough enough? Um, I think there's Opportunities here.

--
*Art

Re:Not just misleading, but factually inaccurate t

[vtechpilot]

With 2700+ servers they have a hard time handling more than 10k users? Less than 4 users per server is tough enough?

The problem is that the world is Zone Based, meaning each server is responsible for a equal size geographic portion of the world. The result is that processing power is spread evenly over the whole world. The problem is that people like to congregate causing some geographic areas to have more players, and other servers to have none. Where you have more players, you have more work for the server causing everything on that server to slow down. So the result is that the places players most want to be are also the places with the greatest lag. The unfortunate result is that many players have a negative experience right away.

Really, the whole server architecture needs to be reworked to behave more like a proper cluster, but that is too large of a change to ever consider implementing without starting over from scratch.

Re:

[maxume]

It would at least seem possible to make the zone size a server is responsible for variable, and then eventually, dynamic. That would look just like it scaled.

Re:

[jp10558]

Ummm. . . VMWare ESX server clusters under the virtual Zone based servers? Maybe not even have separate clusters, but make all 2700 servers Virtual, run them in ESX cluster that is 2700+ servers, and let ESX handle the proper clustering? Would that work?

PR Stunt?

[replicant108]

The Second Life marketing department have been very active recently.

This story smells funny.

Re:

[joshv]

Really? Are you suggesting they made it up. I was there, it happened.

Re:

[Archwyrm]

Apparently you are unaware of the millions of CS kiddies who cry when the Steam servers go down, but maybe that is not getting huffy either.

Bad soap opera...

[__aaclcg7560]

Second Life as the worm turns.

And it was just getting good

[jibjibjib]

A few weeks ago I was hearing things about SL like that corporations were holding press conferences there, businesses were running there and making good profits, and its economy was worth millions of dollars. I thought SL was just beginning to become important, and show the world that a virtual economy was a viable idea.

Now we have CopyBot and grey goo and it seems like SL is just another dodgy online game after all.

Re:And it was just getting good

[DrMrLordX]

It's also a haven for sleaze [somethingawful.com]. Say what you want about people's right to free expression, but there is such a thing as going too far [somethingawful.com]. It's no wonder that Second Life has attracted so much ire. It was a "dodgy online game" long before Copybot and grey goo hit the scene.

Re:And it was just getting good

[Jeremi]

Now we have CopyBot and grey goo and it seems like SL is just another dodgy online game after all

Wow, given the same evidence, I drew exactly the opposite conclusion. A simple "dodgy online game" wouldn't give its players enough control over their world to allow this sort of shennanigans to happen. Things like viruses can only occur when people are given access to a Turing-complete programming language and allowed to do what they like with it... which is what SL does, and why it's not "just a game", but rather a platform. Granted, it may be an infant platform, still buggy and insecure, and not necessarily useful for very much yet, but then you could say the same thing about the Internet itself a few years ago.

Re:

[Cederic]

A simple "dodgy online game" wouldn't give its players enough control over their world to allow this sort of shennanigans to happen.

Have you even heard of MUDs?

Re:

[Rob_Warwick]

Turing complete [wikipedia.org] refers to a language that's capable of emulating a Universal Turing Machine. It has nothing to do with the Turing test except for who it's named after.

Re:

[iamacat]

Actually a turing test refers to a test to see if a program can be distinguished from a human being. Programs that are intelligent, but not very human-like would fail.

Re:

[ArsenneLupin]

there's no such thing as a "turing complete programming language" the turing test reffers to a test to see if a program could be considered intelligent, your mixing terms.

You know, like most researchers, Turing did more than one thing in his life (... and to those who are snickering: yes, I'm strictly speaking about computers here...)

Re:

[From A Far Away Land]

Excuse me, but how could an "online economy" ever be viable? It doesn't produce anything, and consumes energy.

Re:

[Anonymous Coward]

It's a real-world entertainment service. People get entertainment value out of it, and are willing to spend real-world bucks to get it.

Re:And it was just getting good

[djupedal]

Excuse me, but how could an "online economy" ever be viable? It doesn't produce anything, and [clip]

You're new, I'm guessing...

It produces an environment whereby the ever sought-after eyeballs are gathered, occasionally focused and always tracked. Doesn't matter if it is a polar bear in a snow storm, if you can prove that the multitudes are looking your way, you can cash in.

Re:

[descil]

Sure, that's his point. But there are plenty of secondlife consumers. Supposedly 1.5 million (up .75 million in three weeks, kinda fishy)

Re:

[ArsenneLupin]

i think his point is that at some point you actually have to produce something people will use.

The eyeballs that you are collecting in second life might buy goods that you produce in the real-life economy. For instance, several real-life car makers have set up dealerships in second life [cnn.com], in order to create mindshare for their products.

Re:

[Rix]

Like lawyers?

mod parent up!

[fantomas]

you beat me to it :-) grandparent poster is obviously from some agrarian economy, haven't got as far as paper money yet.. mind you one day somebody will manage to explain the financial "futures" market to me as well!

Re:And it was just getting good

[Angostura]

Next week: "How viruses and trojans prove that e-mail will never be used as a business tool".

What?

[JimXugle]

What? No Screenshot from anybody?

Second Life slowed down?

[Ididerus]

Wow, so now they're blaming it on a "worm"... ok. SL is like watching an MMO flipbook, the packet-loss is phenomenal while they continue to supposedly attract corporations and live-weather map projects, host in-game advertising and I'm sure making money off people somehow with Linden cash transfers. Buy some freaking servers, or get rid of the 2,700 solar-powered calculators currently running the thing.

Getting close to "Snow Crash" here

[Animats]

This reads like something from Neal Stephenson's "Snow Crash".

I never thought we'd get real systems vulnerable to attacks with 3D visual components as an integral part of the attack. This is much closer to SF than expected.

Is there a video?

Re:

[Lord_Dweomer]

This reads like something from Neal Stephenson's "Snow Crash". I never thought we'd get real systems vulnerable to attacks with 3D visual components as an integral part of the attack. This is much closer to SF than expected.

No kidding. And while this definitely sucks for Linden and the players, I can't help but think "holy crap this is cool!" much in the same way I read in awe the story of the scammer from EVE who scammed all that money out of people.

Yeah, this sort of thing sucks, but we're learning so

Don't get too excited

[cgenman]

In snow crash, the visual component was being used to transmit information and reprogram computing machines, in that case the brain. It was an impressive leap of insight into interfaces and the nature of computing machines, not too different than the buffer overflows we've been plagued with since.

In the second life case, the visual component exists because pretty much everything in second life is required to have a visual component of some sort. In this case, the visual component of a ring existed soley a

Re:

[Johnny Mnemonic]

You forgot the WoW plague. I thought that was pretty interesting too. And it was clearly deliberate and difficult to accomplish, so it speaks to how people would prefer to spend their time.

Second Life = Snow Crash

[patio11]

Take one look at some of the screenshots from that game and *boom* say byebye to your cerebral cortex. Think of the ugliest possible art stretched into three dimensions doing things that would make Japanese tentacle monsters say "Hey, that just ain't right".

Re:

[SnowZero]

Think of the ugliest possible art stretched into three dimensions

I thought we were talking about SL, not WoW. :)

Re:

[LiquidCoooled]

Am I right in thinking its Kind of like myspace in 3d?

Re:

[dodobh]

Ah, creatures from the Dungeon dimensions. Oook!

Time for some Black Ice

[Infonaut]

Wow, talk about reality imitating art. Or, art imitating art. Or technology imitating art. Or the virtual imitating the virtual.

Annnyway, this sure brings me back a few years. The first time I read Neuromancer [wikipedia.org], I thought, "Damn, what would it be like to live in a world where interacting with computers is so visceral?" We haven't developed networked, immersive 3d environments, but we've sure come a long way from the days when just getting on the Internet from home was a major accomplishment.

I'd say this attack is proof that no matter how creative and interesting and fun an environment you create, there's always going to be someone out there who will put a lot of time and effort into pissing in it. I'm sure the creator of the worm has some sort of wonderful rationalization, of course. I wonder, is it worse to attack networks in the name of profit (or patriotism), or to do so just because you can?

Re:

[HiThere]

It's worse to attack for money or patriotism.

The reason is that the graffito "artists" serve a useful function, they alert you to holes in you work, and they don't generally do much damage. (Not compared to the others.)

Think about it, which is worse:
1) a virus that crashes your system
2) a virus that doesn't crash your system, but corrupts the payroll files

I think you'll agree that 2 is MUCH worse than 1.

Re:

[RubberDogBone]

Many of us have drivers licenses, but how many of us still drive badly, break assorted traffic laws on a routine basis, and generally get away with it? I know I do.

There are already assorted "anti-hacking" laws and even sections of SL's user agreement that prohibit this sort of thing but still it happens. It would still happen as long as the perpetrators felt they could either get away with it or at least have enough fun out of it to make it worth whatever consequences might happen.

Now that SL money is fr

Like a snake around the brainstem

[Fallorn]

Hey Kid, Want to try some Snow Crash?

Screenshots?

[quanticle]

This thread is worthless without pictures.

Does anyone have screenshots of the alleged "grey goo"?

Re:Screenshots?

[Erazmus]

I found a screenshot over at Snapzilla [sluniverse.com].

Re:

[dcam]

There is a video of something that looks rather similar here [somethingawful.com]. Everyonr likes gremlins, right?

Nice Hack

[Anonymous Coward]

Nice hack. Kudos to whomever pulled it off. The videogame generation is in danger of becoming a legion of conformist, rule-following lab mice, conditioned to obey and consume, differentiated only by which Big Media corporation they swear allegiance to. It's good to see someone somewhere is sowing discord. Eris would be pleased, but then who gives a fuck what she thinks ;P

Second Life needs a new name

[TekPolitik]

Linden Labs had to invoke martial law...

Some people seriously need to get a grip. This is all ones and zeroes - comparisons with "martial law" are just silly. Second Life needs to be renamed to give its users a much needed message - namely, Get A Life

Re:Second Life needs a new name

[Jeremi]

Second Life needs to be renamed to give its users a much needed message - namely, Get A Life

I submit that anybody who posts to Slashdot about the other people's need to "get a life" should spontaneously explode from sheer force of concentrated hypocrisy.

Re:

[saltydogdesign]

Child porn is just ones and zeros, if you want to get reductive about it.

Re:

[Schraegstrichpunkt]

"Real Life" is all 1's and 0's at a fundamental level, as well...

Here is a clue for you [wikipedia.org].

Idiot.

My thoughts exactly.

Re:

[iamacat]

Given a complex enough virtual world, Heisenberg uncertainty principle will manifest itself through small variation in timing between different events, if not outright hardware glitches.

Mum nailed it!

[Tablizer]

Like my Mom always used to say: "Don't take virtual candy from virtual strangers".

This one wasn't much to write home about afaict

[ka-klick]

I was online when this thing was attacking, and it never seemed to get to my sim - I saw the notices, and the web notice that they'd locked things down to linden login, but they let anyone there stay. It was laggy, but that's not that unusual these days. At least with this one, the grid was never fully down (if you were already in or didn't get booted) and the Lindens were able to contain and clean it up pretty quick (unlike some of the marathon outages caused by goo of the past). Total offline time for thi

Well, look on the bright side...

[freeze128]

It looks like the admins now have a "second job"....

This sounds like a job for...

[PrismaticBooger]

Sonic the Hedgehog!

Sorcerer's Apprentice

[CodeBuster]

This appears to be related, at least in concept, to problem which sometimes comes up in network protocol design, Sorcerer's Apprentice Syndrome [wikipedia.org], which results in a cascade of copies that eventually overwhelms the ability of the connection to transmit and route the duplicates. The term originates from the Walt Disney animated feature Fantasia where the Sorcerer's Apprentice (Mickey Mouse in the red robes and wizard hat) accidentally causes the mops washing the floor to increase via geometric doubling. One wonders if other MMORPGs are vulnerable to similar attacks.

Re:

[HiThere]

Walt Disney didn't create the story of the Sorcerer's Apprentice. He didn't even create the broom. All he did was change the apprentice to a mouse and draw it.

And for this he got an eternal copyright on the story. Not legally, but effectively. Nobody else would DARE tell that story now, because they'd be sued.

Patents are bad, but I'm not certain that indefinitely extended copyrights aren't worse.

Re:

[CodeBuster]

I did not say that Walt Disney had the original idea for the story, merely that the term was applied to errors in the early ftp protocols because they reminded people of the scene with the same name in the aforementioned film.

Re:

[ArsenneLupin]

errors in the early ftp protocol

tftp protocol.

Ftp uses TCP, which already has built-in acknowledgment management, and would not be vulnerable to such a problem (unless TCP was buggy).

One ring...

[kars]

...to bring them all, and in the darkness bind them.

Say it ain't so!

[dangitman]

"At 2:46 CST today, the game Second Life was hit by a massive attack by a rogue programmer.

Uh oh, I think SkyNet just became self-aware... of its Second Life account.

Playing Doctor.

[Anonymous Coward]

"Apparently, most people are willing to touch an object they've never seen before"

You should be so lucky.

Ah but the big question is...

[Qoroite]

If you get 100 rings do you turn into Super-Sonic? ^_^

dumbest slashdot story ever

[pmonje]

Did anyone read this before posting it? the figure of 600,000 was pulled out sof someones butt. I have never seen more than 25,000 people on SL. It's certainly not the largest denial of service in the game, in fact script attacks like this happen almost weekly in SL and always involve cutting off new log ins. I've never heard them use the term martial law and the supposedly new term grey goo has been used for months and months in realtion to these self replicating object attacks. The in-game scripting mak

Cool or evil?

[Lars Arvestad]

Like most others who have posted so far, my first reaction to this disaster was "Cool!" But when I think about it, I get uncertain to what the rational reaction is. There are several forgiving factors to this prank/terrorist act:

• It is just a virtual world, just a game.
• The vulnerability of the system was demonstrated, possibly a good thing. It makes you consider the consequences about DOS-attacks in the real world.
• It lets people think about what is important in First Life: Maybe it is not a computer game

Well, big deal

[vadim_t]

The first time I saw something like that happen it was really bad. Performance was very badly affected, and the objects would launch people into the air, so the only thing that could be done was sitting (you can't be pushed if you're sitting) and talking until they fixed it. And after a while the whole grid had to be brought down for hours.

Now all that happens is that things slow down for a while, they close logins for a few minutes, and soon everything is back to normality. Some areas aren't even very noticeably affected, because object creation is disabled, so the stuff doesn't get to run on those sims in the first place. The only effect felt there is the degradation of the central servers.

While it's certainly annoying, it's not nearly the problem it used to be.

Quick fix!

[GraZZ]

[PST 3:18] The grid has been reopened to all log-ins. Welcome back!

[PST 3:07 PM] Log-ins will be closed to all except Linden staff while we finish cleaning up the aftermath of the grey goo attack.

[PST 2:44PM] An attack of self-replicators is causing heavy load on the database, which is in turn slowing down in-world activity. We have isolated the grey goo and are currently cleaning up the grid. We'll keep you updated as status changes.

Under an hour from recognizing the problem to fixed. If this were WoW, the servers would have been down 3 or 4 days!

No publicity is bad...

[punkr0x]

I've been seeing an awful lot of stories about second life lately. First it was businesses opening virtual stores, then the copybot and now this. Is it all coincidence, or has Linden Labs been pushing their marketing campaign into high gear?

This isn't news.

[planetjay]

It's business as usual in Second Life. NEWS would be if there WASN'T an exploit for a whole week.

An abridged history of SL DoS attacks

[tony_ratboy]

This latest attack isn't the newest or most severe Second Life has experienced. In October 2006, a glut of attacks [secretlair.com] followed a vague "terrorist" threat [secretlair.com] uttered by self-replicating objects. In April 2006, three major attacks [secretlair.com] took place. Almost a year ago today, Linden Lab blocked a DoS attack by deploying a giant virtual firewall in-world [secretlair.com], but I don't think that method is still used. Linden Lab had suggested earlier this year it would bring DoS attackers to the attention of law-enforcement agencies, but the results (if any) have not been publicized.

Re:Ha ha

[Arkaaito]

Yeah, pointless acts of mass malice have come to Second Life. Now it really IS just like the real world.

Giant worm??? You know what that means...

[revolu7ion]

honey, we shrunk the secondlife-kids...

Re:

[tezbobobo]

Man, thats exactly what I thought but wasn't willing to say it in case I got flamed. Cats out now.

Re:

[Loadmaster]

Well, it was modded "redundant." Obviously everyone was thinking it.

Swi

Re:

[stunt_penguin]

Spinning rings would be funny, an actual giant sandworm [wikimedia.org] in Second Life would have been much more satisfying [angelfire.com]. No way would anyone want to go over and touch that.

Re:Who dun it?

[Mongoose]

Sonic and Tails!

- Shadow

Re:

[Schraegstrichpunkt]

... bounces 100ft into the air ...

Please define "ft" and "air". The standard definitions don't seem to work in this context.

Re:

[tttonyyy]

Please define "ft" and "air". The standard definitions don't seem to work in this context.

Requires imagination/extrapolation. It's your context that's broken.

Re:

[smoker2]

*parp*

You think that's air you're breathing ?

Re:

[Necrobruiser]

or for people to just get a life....

Re:

[iamacat]

These days playing Second Life with talking animals in sexual situations is bound to give you a virtual STD. Actually I am kind of surprised the first in-game worm is not transmitted though sex between players. That would create a nice Linden buck market in virtual condoms.