Second Life Hit By Massive In-Game Worm

An anonymous reader writes, "At 2:46 CST today, the game Second Life was hit by a massive attack by a rogue programmer. Spinning gold rings began to appear in the air and on the ground, and as users interacted with them they began to chase and replicate. Apparently, most people are willing to touch an object they've never seen before and this invoked a worm script that was designed to multiply and spread across the 2,700+ servers run by Linden Labs in California, the game's owner. Many of the six hundred thousand active users experienced serious lag and lost connectivity to the servers, making it one of the largest known denial-of-service attacks in an online game. Linden Labs had to invoke martial law and lock out all logins by users except their staff as they began the task of cleaning the servers of what they began to term 'the grey goo.'" Comments in the SL blog entry indicate that Linden Labs had already deployed a "grey goo fence" before this worm struck, but someone found a hole in it.

And it was just getting good

[jibjibjib]

A few weeks ago I was hearing things about SL like that corporations were holding press conferences there, businesses were running there and making good profits, and its economy was worth millions of dollars. I thought SL was just beginning to become important, and show the world that a virtual economy was a viable idea.

Now we have CopyBot and grey goo and it seems like SL is just another dodgy online game after all.

Re:And it was just getting good

[DrMrLordX]

It's also a haven for sleaze. Say what you want about people's right to free expression, but there is such a thing as going too far. It's no wonder that Second Life has attracted so much ire. It was a "dodgy online game" long before Copybot and grey goo hit the scene.

What?

[JimXugle]

What? No Screenshot from anybody?

Getting close to "Snow Crash" here

[Animats]

This reads like something from Neal Stephenson's "Snow Crash".

I never thought we'd get real systems vulnerable to attacks with 3D visual components as an integral part of the attack. This is much closer to SF than expected.

Is there a video?

Re:Someone please explain

[TekPolitik]

How does this work in these games that someone is ever allowed to inject a code that can run on someone elses session?

Second Life users are able to create objects using a fairly complete scripting language. The scripts run on the servers, and an object can create more objects when somebody interacts with it. It "runs" in other peoples' sessions not because it's running on their system but because they're all viewing the same MMORPG environment.

And to preempt your inevitable comment, yes, it is very lame. I can't believe people are paying ongoing fees (in US dollars) to hold land in this thing.

Re:Not just misleading, but factually inaccurate t

[vtechpilot]

With 2700+ servers they have a hard time handling more than 10k users? Less than 4 users per server is tough enough?

The problem is that the world is Zone Based, meaning each server is responsible for a equal size geographic portion of the world. The result is that processing power is spread evenly over the whole world. The problem is that people like to congregate causing some geographic areas to have more players, and other servers to have none. Where you have more players, you have more work for the server causing everything on that server to slow down. So the result is that the places players most want to be are also the places with the greatest lag. The unfortunate result is that many players have a negative experience right away.

Really, the whole server architecture needs to be reworked to behave more like a proper cluster, but that is too large of a change to ever consider implementing without starting over from scratch.