[SLED] Lessons from the SL security problem

Robbins, Sarah Brooke sbrobbins at bsu.edu
Sun Sep 10 07:56:34 PDT 2006

I'm still a little confused about the breach. Did the hackers gain info beyond usernames and passwords or not? I've read that credit card info was on the same database and I've read that it wasn't. My students are scared and I need to comfort them.

Sarah "Intellagirl" Robbins
PhD Student in Rhetoric and Composition
Ball State University, Muncie IN
Yahoo: Intellagirl
SecondLife: Intellagirl Tully

-----Original Message-----
From: educators-bounces at lists.secondlife.com on behalf of Chris Hambly
Sent: Sun 9/10/2006 9:49 AM
To: SL Educators
Subject: Re: [SLED] Lessons from the SL security problem

My guess is that is not related, although as Giulio points out if your
password was the same as your LL (lesson to learn there) then it is feasible
an intruder could gain access.

When you say your domain, you might want to contact your web host to check
the server logs to see how the breach actually occurred, it might not be
just your domain if on a shared box. E-mail breaching is fairly typical as
it creates a great window for  spammers, to well, spam.

Guilio I think your points are valid to an extent though I have to say LL
(Robin) did respond to the outcry, and they provided a web-based solution
for account verification within 24 hours, that's very good.

Of course LL are looking forward to "more serious" usage of SL (hence the
attention given to academics) however, SL IS a game and always will be in
its current form, it is meant to entertain and always will, IMHO. As long as
bored housewifes/husbands (no offence anyone) keep spending 60 bucks USD a
month for land and shoes (and invite their friends) we know where the focus
will be.

Sure 3D worlds may be the future of the internet, or maybe not, maybe LL
will split into niche departments and offer educational versions of the
product (which I suspect more likely, hence Pathfinders job).

In any case the financial market of the Linden really does prevent anyone
making any real money in SL, sure we can break even and pay our tier
but......  If I advertise my standard USD courses in Linden, In-World,
avatars will run screaming!! - and they are not that high in terms of USD,
but when you can go to a freebie yard click on boxes all day and recieve
thousands of objects for your inventory, the value of commodity in-world, is
errrrr not worth a dime, it's like living in Tailand or some other low
currency value country.

I use SL to bring extra value to my already prosperous distance learning
model, if a student wishes to, and is able to in terms of hardware, we
invite them in to SL to hang out, but we do the serious stuff out of world
where on the internet 500 bucks is 500 bucks.

First mail of the day, I need coffee.


On 9/10/06, Giulio Prisco <gp at uvvy.com> wrote:
> Were you using the same password that you used for SL, or did any data
> in your SL profile permit guessing your email domain pwd?
> On 9/10/06, Evonne Heyning <evonne at amoration.org> wrote:
> > A disturbing email problem has shown up in the day since the breach was
> > announced.  My primary email account was hacked and multiple people have
> > created email accounts on our domain requesting conference rooms in Hong
> > Kong, meetings with technology firms in Columbia and sports agents in
> > New York.  We have not yet been able to track this problem or figure out
> > how to shut it down.  Ideas?
> >
> > I'd hate to shut down my entire email system over dumb griefers.
> >
> > ~in kenzo~
> > inkenzo at gmail.com
> >
> >
> > _______________________________________________
> > Educators mailing list
> > To unsubscribe
> > https://lists.secondlife.com/cgi-bin/mailman/listinfo/educators
> >
> _______________________________________________
> Educators mailing list
> To unsubscribe
> https://lists.secondlife.com/cgi-bin/mailman/listinfo/educators

More information about the Educators mailing list