There’s a lot going on in Second Life circles (and tori, and rings, and dimpled spheres). I haven’t been inworld in… probably more than a month, because it’s summer, and Real Life actually beckons with Things To Do and New TeeVee Episodes to watch. But I’ve been missing my friends and feeling guilty about my lack of support of my own modest little products.
Yesterday and today, it developed (heh) that the Emerald dev team had attempted to “count coup” or perform a (not very successful) Denial of Service attack on a rival’s site by hiding up to 32 iframe tags in the code of their login screen, which mean that behind that viewer that all Emerald users were using, it was accessing the rival web page, loading images, and apparently trying to either prove to the rival how much more successful Emerald was, or slow down their site with all the loading images and links.
I had been an enthusiastic Emerald user during my most recent “reboot” of enthusiasm for making stuffs in Second Life, but I’m feeling decidedly less enthusiastic (jiggly boobs or not) after reading up on the scandalous behavior of the Emerald development team after their puerile stunt was revealed. Not everyone who’s commented on it has come down as hard on Emerald’s action as is warranted, in my opinion.
I think that Katharine Berry has the most sensible attitude; I must quote her post in its entirety because it has the clearest explanation of what happened. I’ve included her link to the Emerald team’s non-apologetic apology post and to her screenshot of the offending iframe links that were on the loading page.
So, Emerald has been up to things again. This time they’ve been “boasting” about their traffic (but not their spelling ability, clearly). By including 32 iframes to another website in their login screen. That means that every time someone launched Emerald, they made thirty-two requests to this website. This happens several times per second; that’s quite a lot of requests for an unsuspecting site. They hid this from the users inside a 1×1 pixel hidden div. They did this for some weeks until they were caught. This affected every version of Emerald.
The offending code has since been removed, but Google has it cached; if you don’t feel like visiting this page (which will, incidentally, cause you to also load these pages), look at this screenshot instead.
Even if you accept Emerald’s “boasting” claim, in this claim they refer to the targeted site as malicious. Why in their right mind would they force all their users to load a malicious site without telling them? Thirty-two times, for that matter.
Emerald has a tendency to attract drama. Much of it is unwarranted. I feel that this, however, crosses the line.
I first became aware of the issue when I caught up on my Second Life Twitter feed, and many of the pages and blogs that I’ve scanned this morning mention other third party viewers that are worthy of attention. I’ve tried Snowglobe – meh. I hadn’t really given much thought to Kristen‘s, but Imprudence keeps coming up and it’s on the official list of TPVs (suspect Emerald may not be on there long).
By many accounts, Imprudence has features that are designed to make building as pleasant as possible, rather than the unpleasant tedious chore that the official Viewer 2.0 is supposed to make it. So I’ll give a whirl.
“Wish me luck, I’m off to crash the server!”