New Indie Game, GridIron created by some of SL’s top designers hits Steam Platform

GridIron is an upcoming indie game now accepting closed Beta testers, The game is created by the Iconic Second Life duo of Blueberry (Second Life’s premier quality women’s mesh fashion) Gizem Mishi Akin as lead artist & lead designer/creator (her husband), Krevann Tiros.  We wish them all the success with their new venture! It looks fabulous!

Steam keys for the game are being given out soon, so best soon apply to get one here.

Feel free to join the Gridiron discord channel here.

 

No photo description available.

GridIron is a physics based online only game inspired by American Football. It takes the basic structure in a unique direction focusing on action oriented visceral gameplay in a multiplayer arena. The most unique aspect being that each player on the field is actually controlled by an individual rather than one individual controlling the entire team.

In GridIron every character on the field is actually a real player, making the gameplay of GridIron a completely unique football and sports experience!

Individual skill is key! GridIron was designed with intuitive gameplay in mind that is both easy to pick up and tough to master. You’ll need to have great aim to be a great quarterback, and fantastic coordination and timing to be a great receiver!

GridIron takes place in the far future, in a universe where many species other than our own have taken up the great game of football. Choose from a variety of uniquely designed races with differing and indepth backstories!

So kind of like Rocket League, but for football and with, you know, space aliens and robots and such.

Virtual worlds: High Fidelity vs Sansar

Years come and go but the question remains always the same: what the virtual worlds are concretely useful for? Virtual worlds like Second Life, that despite it’s not to the top of the fame anymore still attracts 900 thousand players a month, Sansar, the so called “new” Linden Lab‘s project that should start its open beta full on January, or High Fidelity, the new adventure of Second Life’s “daddy”, Philip Rosedale, that started already its open beta with 69 virtual worlds online at the moment.

High Fidelity wanna be the new web

An univocal answer has yet to be established, as confirmed article on Wired where Rosedale has confirmed to believe that High Fidelity could become, as Second Life should have been, “the new web”: “”High Fidelity is the internet. High Fidelity is not a company or a thing. High Fidelity is the net”.

That’s why High Fidelity is peer-to-peer, it was designed as a system of interconnected servers to realize a virtual world even wider than the real one, intended to resolve two of Second Life’s most persistent problems, scale and latency (since Second Life was built on Linden Lab’s servers it suffers of persistent lag problems and can’t host more than 40 avatars contemporary in a single sim), making money by charging a fee for domain registration, i.e. by acting as a “Go Daddy for VR”.

Open or closed platform

In order to do that and to give way to the people “to build anything they want” this time Philip Rosedale decided to develope an open platform, the opposite of Second Lilfe and of what has decided to do Ebbe Altberg with Sansar, developed as a closed platform for single experiences, to make possible to realize a crowd of virtual settings on small scale.

Alberg has invested a lot on Sansar, directing it towards VR as soon as Oculus Rift was bought by Facebook in March 2014 for 2.4 billion dollars: “we knew that people were going to want to create content” for VR in massive quantities, which right now “it’s too damned difficult” underlined Linden Lab’s Ceo on Wired.

Sansar, not connected settings

virtual worlds: SansarLess defined of in terms of graphic details, Sansar compared to High Fidelity appears to be based on a consumer-facing approach rather than a geek approach and as if in the case of the Philip Rosedale’s platform even Sansar wants to give the possibility to players to create their own VR content, its settings can be replicated, not connected.

Basically if two school group are visiting the VR reproduction of an Egyptian tomb, both can contemporarily wander inside, but they won’t be seen and they won’t interact among them because they will be in two identical but separate settings. Spaces that, like the current internet sites can be owned by big corporations or by individuals.

A different content management

Even VR content management will be different between High Fidelity and Sansar: while in High Fidelity users will be able to create and modify contents inside the platform, just as Second Life users do today, in Sansar it will is necessary to create or to modify the contents to the outside, for then to import them in the platform.

On the other hand this will reduce the necessity to memorize contents and will make useless the same idea to have to install and to interconnect servers among them as for Second Life (and High Fidelity). More similar to a game and less to the properly said virtual worlds, maybe, but Sansar will be enjoyable from that vast mass of consumers who doesn’t necessarily care to create contents, but rather to enjoy of it.

What virtual worlds are for?

virtual worlds: Second Life

Altberg and Rosedale regularly meet, to discuss of their own projects and of corresponding visions about the future of virtual reality, they are “frenemies” according to a definition of Altberg. Who knows if comparing themselves they will succeed in finding an univocal answer to the question: what virtual worlds and virtual reality are for, other than to realize beautiful graphic contents?

Till now with over million VR headsets sold and the New Oculus Go and early 2019 Oculus Quest sure to peek more interest still nobody is able to say it for sure, nor to ensure that, passed the initial enthusiasm, you don’t forget VR as already happened at the end of the eighties.

I say try it for yourself see what the hype is VR has come a long way since the first Oculus Rift was born. And although its still in infancy with High Fidelity and Sansar it still holds my interest  as there is so much more that is going to happen and I want to be there as both VR worlds develop. Also there are some really cool things you can do with Oculus such as Live concerts and sports, Realistic gaming and some virtual interactive movie’s that will scare the proverbial crap out of most.

Zoha Islands will be seeing you in VR real soon

Have a Happy and Safe New Year 2019

 

 

 

HARD DRIVES! Is Yours SMART Enough?

People sometimes ask me, “How long will my computer’s hard drive last?” Lacking a crystal ball, all I can say is that some factors can be monitored to provide you with early warnings that it’s time to get serious about making frequent backups and shopping for a new drive. Learn more about S.M.A.R.T. and other tools to monitor the health of your hard drive…

Hard Drive Health Check

Over time, hard drive makers have learned that there are traits of a hard drive that change as it approaches failure, providing tell-tale signs that a data disaster may be approaching. The industry standard for hard drive “failure anticipation” is called Self-Monitoring And Reporting Technology, or S.M.A.R.T. for short. In this article you’ll learn how it works, how you can take advantage of it, and if it’s a reliable indicator of the condition of your hard drive.

Hard disk failures arise from two general types of factors: 1) sudden, unpredictable catastrophes such as falls onto concrete floors or zaps from cosmic rays, and 2) gradual, relatively steady deterioration of mechanical components until one of them fails. About 60 percent of disk failures are due to the latter, predictable sort of factors; these are what S.M.A.R.T. monitors.

Traditional hard drives employ spinning magnetic platters, and S.M.A.R.T. monitors the rate at which the bearings under them are wearing, for instance. Using that rate, S.M.A.R.T. predicts when a bearing will be worn to a specified degree, called the “threshold value” for bearing wear. When S.M.A.R.T. determines that a bearing is X days from that threshold value, it generates an alert that effectively says, “Captain, she’s about t’blow!”

Dozens of such factors can cause a hard drive failure and are written into the S.M.A.R.T. standard. Every drive manufacturer is free to choose which factors it wants to monitor and what the failure threshold values will be for its drives. S.M.A.R.T. has evolved through three phases. The current phase goes beyond monitoring and reporting to actively attempt to prevent or forestall drive failures. Modern S.M.A.R.T. drives will try to “heal themselves” by reallocating data from disk sectors that are near failing to reserved “spare areas.” They still can’t change their own bearings, though.

How Can I View My S.M.A.R.T. Reporting?

For a quick look at your hard drive’s S.M.A.R.T. status, try the free Speccy utility. In the Hard Drives section of the Speccy results, you’ll see some technical gibberish under the S.M.A.R.T heading. If it says “Status: Good” at the bottom, that’s about all you need to know. The only other info there you might want to check out is the Reallocated Sectors Count. If that’s greater than zero, you may have some defective sectors on your hard drive.

For a more detailed look, you can monitor S.M.A.R.T. factors using software such as Argus Monitor for Windows or Disk Utility for Mac (in the Apple App Store). But before you shell out money for either program, you may want to know just how reliable a predictor of drive failure S.M.A.R.T. really is.

How Smart is S.M.A.R.T?

Google spent nine months monitoring over 100,000 drives back in 2007. A paper entitled Failure Trends in a Large Disk Drive Population reported the results. Four “strong” S.M.A.R.T. factors were identified as the best predictors of drive failure; the bad news is that 56 percent of the drives that failed did so without reporting a threshold level in a single one of these factors. So S.M.A.R.T. data alone is of limited value in predicting when a drive is going to fail.

Another issue is that S.M.A.R.T.’s implementation can (and does) vary widely from one manufacturer to another. There are dozens of S.M.A.R.T. factors that can be monitored, but a manufacturer need only implement one in order to legally call its drive “S.M.A.R.T. compatible.” Some removable drives cannot be monitored at all, or only with certain proprietary software such as Argus Monitor.

The bottom line is that S.M.A.R.T. won’t give you warning of impending drive failure with a high degree of reliability. I would not spend much time monitoring S.M.A.R.T. factors, and I definitely would not spend any money to do it. That said, it does predict failure in some cases, and if you do see a S.M.A.R.T warning along the lines of “SMART Failure Predicted on Hard Disk. Failure may be imminent” it should be taken seriously.

Other Hard Drive Health Tools

A disk checking utility called CHKDSK comes with Windows, and it’s pretty good at detecting bad files and physically damaged sectors. It will lock damaged sectors so that the computer will not attempt to write to them. To run CHKDSK, first open the “Computer” window. Right-click on the icon for the hard drive you want to check, and select Properties. On the “Tools” tab, click the “Check Now” button under Error-checking.

I’ll also repeat my bottom line advice: Most of the time, hard drive failures happen at unpredictable and inconvenient times. So backing up your data regularly is vital, and is your best defense against loss of data.

HAPPY CHRISTMAS FROM ALL OF US ON THE ZOHA ISLANDS TEAM

 

 

Email Bomb Threat Has Ties to Earlier ‘Sextortion’ Scam

The mass email bomb threat on Thursday that turned out to be a hoax was likely perpetrated by a group of spammers who have also been scamming people with an email ‘sextortion’ scheme, according to Cisco’s Talos security group. Our e-mail server was hit a few times during the past few weeks and is the reason we are making this post.

Thursday’s mass email bomb threat has been connected to a group of spammers who’ve also been bombarding inboxes with “sextortion” messages claiming to have recorded people watching porn.

Both email scams have been using the same IP addresses to send out the extortion messages to inboxes across the world, according to Cisco’s Talos security group, which said the spammers have been changing tactics in an effort to scare victims into paying them Bitcoin.

“The criminals conducting these extortion email attacks have demonstrated that they are willing to concoct any threat and story imaginable that they believe would fool the recipient,” Talos security researcher Jaeson Schultz wrote in a Friday blog post.

Bomb Threat Email Example

Thursday’s email bomb threat sparked alarm across the US; schools, businesses and community centers ordered building evacuations on fears the threat was real. However, the messages all appear to be a hoax, and so far police have discovered no explosives tied to the scheme.

It wasn’t the first time the spammers used empty threats to scam victims, according to Talos. In October, the company’s security researchers documented a mass sextortion campaign from the group that had been going on for months. It worked by scaring victims into thinking a hacker had taken over their computers and recorded them watching porn. If you wanted the embarrassing video kept secret, then you had to pay up.

Although the sextortion threat was a scam, the spammers were able to make at least $146,000 from the mass email messages, according to Talos’ research. It now appears the spammers have decided to go beyond threatening mere individuals to entire businesses and organizations as evidenced by yesterday’s bomb threats.

In an interview, Schultz said he estimated that the spammers sent “tens of thousands” of email bomb threats to people’s inboxes on Thursday before deciding to stop by the evening. Schultz made the estimate based on copies of messages detected by Cisco’s spam filtering solution, SpamCop.

Countries targeted by the bomb threats included the US, Canada, New Zealand, and Australia. But the emails themselves were specifically sourced to IP addresses belonging to a domain registrar and hosting provider in Russia, called Reg.ru. According to the Schultz, the spammers probably hacked accounts for domains hosted by the Russian provider to mass email the bomb threats.

Each IP address sent out only about 5 messages, none of which contained any malware. This may explain why the spam filtering on some people’s inboxes let the bomb threats through. “That small quantity per IP made it much more difficult to use the reputation of the IP address to block the mail,” Schultz said.

Talos noticed that the spammers were using at least 17 bitcoin addresses to receive their payments. But none of the addresses received the $20,000 extortion fee the culprits were seeking.

“They definitely didn’t make much money on this bomb threat,” Schultz said. But the scheme also backfired in attracting unwanted attention from US authorities, including the FBI and police departments across the country.

“With each new email campaign, there is a chance that the attackers will make a mistake, or otherwise give away a critical piece of information that may implicate them,” Schultz added.

Who, exactly, is behind the bomb threat isn’t known, but they appear to be changing tactics. “As of late yesterday, the bomb threat email attack morphed,” Schultz wrote. “The attackers have returned to their empty threats of harming the individual recipient. This time, they threaten to throw acid on the victim.”

Acid Throwing Threat Email

This new round of extortion emails have been sourced to different IP addresses coming from a separate Russian hosting company called TimeWeb. But Schultz suspects yesterday’s email bomb spammers are also behind the acid-throwing extortion’s scheme. That’s because the messages have been using identical subjects lines and similar text, he said.

Unfortunately, the spammers probably won’t stop unless they’re either caught or people stop falling for their extortion schemes. “DO NOT pay extortion payments,” Schultz advised. “Doing so will only confirm for the attackers that their social engineering approach is working, and victims’ money goes directly toward facilitating additional attacks.”

As I have said before DO NOT play into these threats. DO NOT open unknown e-mails and lastly DO NOT EVER be held hostage with your information. Secure your accounts NOW change your passwords frequently and for GODS sake don’t share your information with anyone unless trusted, when in doubt check’em out.

Have a great week from all of us on the ZI STAFF

Virtual Payment Cards – What You Need to Know

The year 2018 is on pace to be the second-worst ever in terms of data breaches, with over 3600 breaches that compromised more than 3 billion records. Corporate America is either unwilling or unable to protect consumers from the theft of credit/debit card data entrusted to e-commerce sites. And yes this means Linden Labs as well with numerous reports to our support system alone about account and credit card breaches!  So here are some tips to help you protect yourself…

Protect Yourself With Virtual Payment Cards

Data breaches are reported with alarming regularity, and can result in your name, address, phone number and credit card detail being sold online to the highest bidder on the dark web. This gives identity thieves and scammers all the information they need to place an online order, as if they were you.

Given that data breaches are likely to continue happening, consumers are well advised to seek out ways to buy things online without directly sharing their credit card details with online stores. Here are some ways to do that.

PayPal, Square Cash, and Venmo are examples of “payment agents.” PayPal, for example, stores your payment card data securely. It pays your tab when you check out on an e-commerce site, and charges the amount to your card. The seller never gets your card details. But not all e-tailers accept such indirect payments; they insist on card details. For them, another solution exists. “Virtual credit/debit cards” function like a temporary or disposal credit card that is valid for only one transaction. You get a card number, expiration date, and security code, minus the plastic. After you use that virtual card to pay for something, it can never be used again. Your real card is charged the amount of the transaction. The online store where you made the purchase never sees your real card’s details.

And guess what else? They can’t ding you for those sneaky recurring “membership,” “subscription,” or “renewal” fees.

Virtual cards are available from some card issuers, including Bank of America ShopSafe, Capital One ENO, and Citi Virtual Account Numbers. The latter are available only on select cards; log into your Citi account to see if your card qualifies. Some credit unions offer virtual debit card numbers that work with the Visa debit cards issued with new accounts. If your bank or credit union does not offer virtual cards, there are third-party services that can give your one-time virtual card details and charge the amount to a real card whose details you provide. Privacy.com is one such service. Blur Premium is a comprehensive privacy app that includes virtual card numbers as one feature (Blur calls them “masked” card numbers).

Other Options for Virtual Cards

There are more features to virtual cards than just “use once” security. You may also be able to create a virtual card that works repeatedly but only with one merchant that you specify. You may be able to set an expiration date of up to one year on a virtual card; that effectively shuts down automatic annual renewals. When used, these features can make stolen card numbers virtually useless to thieves, while sparing you the hassle of generating a new card number for every transaction.

Virtual cards are not accepted by all merchants, unfortunately. There are various reasons why a merchant might reject virtual cards; the most legitimate one is that additional fees of 2-4% associated with the use of virtual cards are taken out of the merchant’s receipts.

Virtual cards are not invulnerable protection against fraud. But they do provide strong protection against unauthorized use of your card details. Talk to your bank or card issuer about virtual cards and other enhanced security features you may not know about. Implementing enhanced security could spare you financial loss, and it will definitely give you greater peace of mind.

So be safe in every online transaction, and have a great week From all of us on the ZI Staff.

 

 

Got Malicious Chrome Extensions?

If you are like most Chrome is a staple in our everyday internet lives as well as the extension in Second Life web browser.Your web browser is your first line of defense against all manner of cyber attacks. But some disturbing reports of malicious Chrome extensions that resist most manual removal efforts have led me to wonder just how good Google is at keeping malicious extensions out of the Play Store, and how committed Google is to doing so. Read on for the scoop…

Is Google Doing All It Can To Protect Against Malicious Chrome Extensions?

Google puts a lot of effort into making the Chrome browser safe and secure. But when third-party extensions are added, your level of security may drop to zero. Browser extensions have nearly full access to the web pages you visit, so in addition to spying on your activity, a malicious extension can steal passwords, user your computer to mine cryptocurrency, and make you an unwitting participant in click fraud schemes.

The recent discovery of a uniquely stubborn rogue extension quickly led to revelations of others, and to the company’s alarming admission that over a thousand malicious apps are uploaded to the Play Store every single month. Equally disturbing is Google’s apparently lackadaisical response to the first extension; after being notified of its presence, Google took 19 days to remove it from the Play Store!

A company spokesperson stated that this extension and another user-resistant malicious app were “automatically removed… from the machines of affected users.” Now, “automatic” implies “fast,” but these removals did not happen until hours after Ars Technica published a post about them and the weeks-long delay in getting attention paid to the first one!

Malicious chrome extensions

The malicious apps in question were “Tiempo en Colombia en vivo” (Weather in Columbia Live), a Chrome extension, and “Play Red Bull version 4,” ostensibly a children’s game that runs in Chrome. They are both gone, but the way they were handled has left a sour taste in many mouths.

James Oppenheim, who reviews children’s games professionally, is one of those whose lips are twisted bitterly. The rogue “game” contained a logo that named his site, jamesgames.com, as the official home of the malware! James notes that he has never written an extension; he reviews games, he does not create them. appears that whoever published it knows enough about what I do reviewing kid’s software to think that my name would help make the malware more trustworthy,” Oppenheim told Ars.

Adding insult to that injury, he says that a week after he reported the offending app via the “REPORT ABUSE” button on its Play Store page, he had absolutely no response from Google and the malware remained available… and aimed at children, mind you!

You can protect yourself by installing only browser extensions to those that are well-established, with many thousands of positive reviews, and preferably millions of existing users. The Chrome Web Store displays star ratings, and the number of user reviews on the category pages. When you click to see the details of an extension, you can see how many users have installed it, and read the reviews.

The “game’s” page said it had 27,781 users at the time Oppenheim investigated it. Many of them posted warnings that the thing was malware. “Makes me wonder how seriously Google is taking this problem,” he said in his email to Ars Technica’s Security Editor, Dan Goodin.

Fumbling the Ball

I wonder too. Google’s spokesperson didn’t even get the word “Ball” right in the response that Goodin finally received, substituting “Bull.” Funny, that’s exactly what I think is Google’s response to this security failure! There’s a lot more to this story as told by Oppenheim and Goodin, but I think we have the gist: Google didn’t just fumble the ball, it was disgracefully late to the game.

I mentioned earlier that 1000+ malicious apps are uploaded to the Play Store every month, and the great majority of those are automatically flagged and removed. So it’s not fair to say that Google isn’t trying to protect their users. But you can only do so much with automation. When you’re dealing with numbers of users in the tens or hundreds of millions, a success rate of 99.9% is not nearly good enough.

I get it: Google Chrome is the world’s most-used browser by several country miles; it’s the first and often only target of every hacker. But Google knows that, and Google has plenty of money to throw at problems like this. If they don’t have enough people to handle problems like this, I refer you to the previous sentence. When problems are pro-actively reported by real humans who are saying “Hey, this is malware!” they should be acted on swiftly.

This sort of failure to protect, and delay in remediation, and defense of indefensible obtuseness, is simply unacceptable. Google, you must do better here. If you want better security just DON’T Use Chrome or it’s apps! Its really that simple use Firefox or Windows built in browser and make damn sure you have malwarebytes and a good anti-virus program and know where your apps are coming from.

Have a safe week from all of us on the ZI Staff