“Of course,” he says, “we have no idea, now, of who or what the inhabitants of our future might be. In that sense, we have no future. Not in the sense that our grandparents had a future, or thought they did. Fully imagined cultural futures were the luxury of another day, one in which ‘now’ was of some greater duration. For us, of course, things can change so abruptly, so violently, so profoundly, that the futures like our grandparents’ have insufficient ‘now’ to stand on. We have no future because our present is too volatile. We have only risk management.”

–Bigend, p. 57 from Pattern Recognition by William Gibson.

I’m re-immersing myself in the world that William Gibson introduced in Pattern Recognition before reading the just-released Spook Country. Good stuff.

So Second Life got hacked:

On September 6 we discovered evidence that an intruder was able to access the Second Life database through the web servers. The exploit was shut down on the afternoon of September 6 when we discovered it.

Detailed investigation over the last two days confirmed that some of the unencrypted customer information stored in the database was compromised, potentially including Second Life account names, real life names and contact information, along with encrypted account passwords and encrypted payment information.

No unencrypted credit card information is stored on the database in question. Unencrypted credit card information has not been compromised.

A news story puts the scope of the breach at 650,000 accounts.

Let’s read into the story a little bit.

First, we now know a little bit about the Second Life team’s risk management priorities. They encrypted (hashed, most likely) user passwords. By making this decision, they declared that they were more concerned with account security than incremental performance gains they might have derived from not encrypting them.

Still, even though Second Life handled the passwords responsibly, they still are paying the price for losing them–they will probably lose at least a few on-the-fence customers and also have to bear the increased cost of supporting 650,000 people all trying to change their passwords at once. Long-term, this is the Right Thing.

Second, we know that they care about protecting their revenue stream. I’m guessing they were PCI-Compliant since they encrypted credit card information. That’s also a Good Thing since it means that they aren’t going to be put out of business by lawsuits or the “Death Penalty” from Visa or Mastercard (even if that is, to a certain extent, killing the goose that lays the golden egg).

Third, we know that they have some concerns that at least some portion of the password database is vulnerable to (probably) dictionary attacks. John the Ripper would probably make pretty quick work those ~650,000 accounts, especially if the hashed passwords weren’t salted or weren’t salted with a large enough salt (random value included with the hashed password to prevent a single dictionary attack against the entire list).

Finally, we know that Linden cares less about protecting their customers than they do about their ability to get paid, even if those customers are also an integral piece of the revenue stream. I suspect this is more a case of the floor for compliance being the ceiling for effort than anything else–no law or industry legal agreement requires them to encrypt the data, so they didn’t. They did not perceive risk associated with losing that information, and I suspect that this will be what eventually hurts Second Life when all is said and done.

Interestingly, Second Life seems to have missed a significant tenant of their value proposition–that they provide a place where people really do have second lives. And that’s the real risk in this whole incident. Certainly there could probably be some fraud and account abuse in all this, but I would hope that Linden Labs has or is putting processes and tools in place to identify and make those affected “whole” again.

I strongly suspect, however, that their willingness to accept risk to people’s Identities will be the long-term impact of this incident. After all, I have to suspect that there’s going to be a tendency to self-censor (for better and worse) what people feel willing to do with their second life if they can’t be certain that it won’t be tied back to their first one.

I have to state that I’ve never spent any time in Second Life, but that’s only because I’m a recovering addict (you’re never recovered) of Evercrack addict and a couple of other MMORPG’s–the actual concept fascinates me. As such, I firmly believe it’s best for me if I just stay away from Second Life.

Nevertheless, I know from some experience that some people are very different on-line than in real life, for better and for worse. In the limited confines of an MMORPG, that can create significant problems. In the nearly unlimited scope of Second Life, while most of what goes on is pretty innocuous, I’ve read some things (no links–I’m offline as I compose this) in the past that leads me to believe that some people do things there that they’d just as soon not be tied to in their First Life.

In-game abuse isn’t just affecting Second Life. Microsoft/xBox Live & Bungie software are getting medieval on Halo2 cheaters, according to Wired News

Microsoft responded to the glitches quickly and characteristically: In mid-January, the company launched a ruthless wave of anti-hacking enforcement that’s seen, by Microsoft’s count, thousands of players banned from online play for allegedly exploiting the vulnerabilities. Some gamers are complaining in message forums that they were targeted unjustly, but they have no recourse under Xbox Live’s terms-of-service agreement, which lets the company exile anyone for any reason.

“I will not tolerate even the appearance of cheating,” wrote Bungie’s Tom Gioconda in a posting to the official Halo 2 forum earlier this year. “The existence of an exploit does not give you the right to use it.”

As was implicated in iang’s comment on my post about Second Life, we should be very careful what we ask for when it comes to policing of online gaming activities.

I know full well that when I was administering counterstrike servers in the early days of aimbots, I banned countless players for using them. I don’t deny my hypocrisy, although I did provide some degree of Due Process since I made my contact information freely available for people to dispute their bans, an opportunity that several players availed themselves of.

I’ll ruminate on this in my spare time over the coming days. Is it possible to create limited governance of virtual worlds without letting all the messes of the Real World overwhelm us? On one hand, Microsoft’s unilateral action in banning thousands of Xbox live customers without any apparent due process seems offensive and draconian to my sensibilities, but I know that I didn’t do much better when the shoe was on my foot.

I know there’s been a lot of thinking about Virtual Governance that I need to catch up on before I start putting my foot in my mouth about it, but as I enter into my second year of blogging, this may be an interesting area to explore.

Strange things are afoot over at Second Life, according to Freedom To Tinker:

One of the cool things about Second Life is that players can create new kinds of objects, by writing small programs in a special scripting language to describe how the objects should behave, and then launching objects into the world.

Things got really out of hand when the W-Hats created a doomsday device. It looked like a harmless little orb, but it was programmed to make copies of itself, repeatedly. The single object split into two. Then each of those split, and there were four. Then eight, and sixteen, and so on to infinity.

Okay, not exactly to infinity but to billions of copies (after thirty-some generations of splitting), at which point the servers running Second Life crashed, and the whole virtual world was knocked off-line. The W-Hats had created a Weapon of Mass Virtual Destruction (WMVD).

The WMVD was detonated more than once, and on at least one occasion Linden Lab, the company that runs Second Life, contained the damage by taking parts of the world offline as a kind of virtual firebreak.

Now, the operators of Second Life have called in the cops, and like the guys over at Freedom to Tinker, I agree with their decision. I’m just amazed they could get anyone to agree the crime either happened in their jurisdiction or that there was anything to prosecute.

As an aside, the first time I ever took down a shared UNIX system when I was in college was when I kicked off a program which iteratively initialized some data structures thenfork()‘ed itself, creating a copy of itself including its current initialization state. I accidentally called fork() within the initializer and the thing began spawning copies of itself, which spawned copies of themselves, which spawned copies of themselves. The system did not have resource limits properly configuredf, so the number of copies of my program grew exponentially until there was no memory left. The server never crashed, it just was unable to allocate any more memory or spawn any new processes, including a root shell to kill my runaway process. Not my proudest moment, but far from my worst, either. I’ll stop now before I get all nostalgic for the days when I actually did fun stuff like adminster systems and write things other than email and Word docs.