Category Archives: NEWS

DoublePulsar: The Undetectable Backdoor

by

Second Life as we know seems to be hard to hack, But is becoming more evident it’s an open source for hacks and Malware as much as just surfing the Interwebs. Our advice is, NEVER EVER click on links sent to you In World! Sure your friends could send you a seemingly harmless link they found and just have to have you see it, and BAM! you are now paying a ransom to get your computer back.! So folk’s just DON’T!

While everyone was preoccupied with the Wannacry ransomware epidemic that began in mid-May, a bigger threat was secretly spreading through tens of thousands of computers. It locks up files and demands a ransom, too, but that’s just a smoke screen designed to distract victims from what this sneaky malware is really up to. Here’s what you need to know about DoublePulsar…

What is DoublePulsar?

There are lots of movies that deal with the theme of “lab experiment gone wrong.” In Jurassic Park, for example, the dinosaurs created by well-meaning scientists escape from the lab and wreak havoc on the outside world. A similar thing has recently happened, but in the digital world this time.   

The U.S. government’s premier spy agency created a program called DoublePulsar that enables undetectable infiltration of a target computer. Then someone stole DoublePulsar and a bunch of other NSA spying tools. A hacker group known as the Shadow Brokers posted the NSA tools online, and they were immediately exploited.

Before encrypting an infected computer’s data, this malware scans documents, email, browser histories, and other targets looking for login credentials. With credentials, hackers can infiltrate an entire enterprise network and work all sorts of mischief. Data can be stolen; operations disrupted; and computers turned into slaves to hackers’ other projects.

NSA DoublePulsar hacking tool

For consumers on home networks, being enslaved as part of a botnet is the most serious danger. Some bots are being used to launch spam campaigns. Others are being exploited to “mine” cryptocurrency like Bitcoin, creating wealth for hackers from the computing resources of others.

The galling thing about this malware is that it uses a sophisticated hacking tool developed by the National Security Agency (NSA). DoublePulsar allows malware to enter target systems undetected by 99% of commercial security software. The malware can be injected into the kernel, the heart of an operating system, where the malware will have the highest system privileges.

Conscientious consumers can protect themselves. Microsoft has issued two sets of Windows patches designed to ward off the stolen NSA hacking tools. But the NSA has not been forthcoming about all of the Windows vulnerabilities it has discovered, prompting Microsoft president Brad Smith to blast the NSA and other government agencies that don’t share knowledge that could improve everyone’s security.

Undetectable malware is on the rise. In mid-June, 2017, a new technique called “fileless malware” was used to infect the point-of-sale systems of several hundred restaurants. This type of malware is never written to a disk; it is injected into RAM and does its dirty work there. Most anti-malware software scans for “signatures” in executable files, and overlooks fileless malware.

In the past, only governments had sophisticated hacking tools like these. But now, Shadow Brokers is offering subscription access to NSA tools, and a user interface called Metasploit that makes child’s play of plotting and executing a global ransomware or credential-stealing attack. Anyone with a few hundred bucks can wreak global havoc.

The biggest fear among security experts is that DoublePulsar and other NSA tools have been used to compromise the computers that run critical infrastructure such as power grids, hospitals, railroad systems, traffic lights, and so on. Lives could be at risk.

The best that consumers can do is keep their systems up to date with security patches. I mentioned earlier that Microsoft has issued Windows patches designed to ward off the stolen NSA hacking tools. Those patches were released back in March. So it was failure to apply security patches in a timely manner that allowed WannaCry and DoublePulsar to attack and spread widely.

If you’re not already configured for automatic Windows updates, you really should be. Here’s how to do it:

In Windows 7, click the Start button and enter “windows update” in the search box. Open Windows Update from the search results list. In the left sidebar, select “change settings.” Under “Important updates,” select “Install automatically” from the drop-down menu. Pick a convenient time for Windows to install updates and restart your PC, if necessary. The default is 3:00 a.m.

Windows 10 installs updates automatically by default. To fine-tune Win 10 updates, enter “windows update settings” in the search box on the taskbar, and click on that phrase in the search results. Next, click the Advanced link, and check the box next to “Use my sign-in…”. This allows Windows 10 to complete the installation of updates that require a restart. When this option is checked, Win 10 will log you out, restart and install updates, then log you back in.

If you use Microsoft products such as Office, check the box that enables updating of those as well as Windows. The rest of the options should be left as they are unless you have a compelling reason to change them.

I’d like to Thank Bob Rankin for Sharing his expertise in computer security and how to stay safe.

Have a Happy And Safe 4th of July

Deuce Marjeta

Linden Lab Special Interactive Gift for 14th Birthday

by

To celebrate, Linden Lab has put together a special (and somewhat mysterious) gift set.

We’re not entirely sure what a Sananok is, but the Moles assure us they are friendly creatures that tend to keep to themselves and need a good home. Each Sananok avatar comes with a mysterious egg, which is  in fact so mysterious, not even the Moles know what it will hatch into.

Sananok Avatar

SL14Blog.png

A wearable avatar that includes a shape and an alpha layer.

Mysterious Egg  (Rezzable or wearable)

Egg.png

Things you can do with the egg:

  • Rez it out your parcel, make it feel at home.
  • Add it to your avatar to carry it around with you (perhaps for a night on the town?).
  • Have a tea party with it, it’s all good.

Keep an eye on your Egg as it will, from time to time, tell you things (like when it’s getting ready to hatch!).

Stop by the SL14B Birthday Regions and grab this gift from any of the gift kiosks available!

Linden Lab Email Verification

by

Credits to Original Article: Modem World

Linden Lab and Second Life use e-mail in a wide variety of ways, from direct e-mail campaigns informing users of promotions, etc., through the users having a means to obtain IMs sent to them while they are not logged-in (and even reply to them within a certain time constraint).

However, many people sign-up to Second Life, either with new accounts or additional accounts, and offer e-mail addresses which are either made up, or unused. The former is a particular problem for the Lab, as it creates additional traffic passing through ISPs, which can mark the Lab as a purveyor of “spam”.

To try to reduce this problem, the Lab recently introduced e-mail verification. When you sign-up to Second Life, the e-mail account provided will receive a request to verify it (the usual click-on-the-link approach); if you change the e-mail address, you will receive a similar verification request.

In addition, there is also an option within the Change Email Settings of your Second Life dashboard where you can have your e-mail verified without having to change your e-mail address.

This is important because, starting in the very near future, the Lab will be making changes to their e-mail service which will eventually mean that outgoing e-mails will not be sent to any unverified e-mail addresses.

So, if you want to be sure you continue to receive SL-related e-mails – such as IMs to e-mail or Marketplace information sent to your e-mail as a Merchant, etc., – it is important you ensure the e-mail you use with Second Life is verified.

Here’s how:

  • Go to your dashboard at secondlife.com.
  • Click on Account at the top left of your dashboard to open the Account sub-menu.
  • Click on Change Email Address to open the Change Email Settings page (below).
  • Locate the Verify link next to your e-mail address and click on it.
The Verify link will allow you to have your current e-mail address verified

The Verify link will allow you to have the e-mail address associated with your SL account verified

  • A verification e-mail will be sent to your current e-mail address associated with Second Life, containing a link. Click the link to verify your e-mail address.
  • Wait a minute or so, then refresh the Change Email Settings page on your dashboard. It should be updated to show your e-mail address is verified (below).
A verified e-mail address

A verified e-mail address

There will be an official notification from the Lab when the work updating the e-mail service commences. However , this article can be treated as something as an advanced warning, courtesy of Oz Linden speaking at the January 27th TPV Developer meeting.

It’s not clear how long the changes will take to implement / propagate out, but it is important that if you rely on any e-mails sent to you by the Lab in relations to Second Life, you ensure your recorded e-mail address is verified, otherwise you will at some point no longer receive any e-mail notifications from the Lab until such time as you are using a verified address.

New Monthly Credit Process Limits Announced By Linden Labs

by

In case you missed it, Linden Labs announced that they were changing the LindeX billing & trading limits to help alleviate the potential for fraud back in December of 2016. Well, that time has now arrived!

The ability to purchase and “cash out” Lindens has been a big benefit to many of our fellow Second Lifers, especially those who have been able to establish thriving businesses in world. In a sense, having these regulations helps keep that benefit secured and streamlined for those of us who use it often.

The new limits are:

LindeX L$ Buy Limit (24 hr):                US $1999.00

LindeX L$ Buy Limit (30 days):            US $1999.00

LindeX L$ Sell Limit (24 hr):                 US $1999.00

LindeX L$ Sell Limit (30 days):            US $1999.00

US$ Process Credit (24 hr):                   US $999.00

US$ Process Credit (30 days):               US $999.00

 

You are able to see where you stand within those new limits at any time by logging into your account and going here.

While this may not affect many folks, this can especially impact those who generally work with a lot of L’s each month with Process Credits and may exceed those thresholds. You are able to request a case-by-case review of an increase if these limits don’t suit your needs by going here. So, it’s certainly not the end of the world for high-volume Linden earners and consumers, but just another way Linden Labs is making sure that they’re enforcing financially responsible measures!

 

Bria Oceanside

ZoHa Blogger/Social Media

Not sold on Sansar? 10 Reasons to Keep an Open Heart

by

This week some very lucky creators from Second Life were given exclusive beta access to the new Sansar Platform. Due to some hefty NDAs, we won’t be able to see yet whats in store.

Its important to understand that Sansar is not out to replace Second Life, it will be entirely different and mainly targeted toward creators and people who want to experience their creations. Second Life will remain alive and active, and its expected that Sansar users may be a demographic that were never a user of Second Life at all, not switching from Second Life. So try not to be too mad at this ‘younger sibling’ of just yet. In fact, while we believe it will serve entirely different purposes than SL – we do hope it will learn quite a bit from what SL has managed to achieve.

If you’re still not excited about the future that is fast upon us, here are some reasons why we think you may want to at least keep an open heart:

*We have not been in Sansar nor do we have definitive indication that these ‘theories’ are true.

1. Better Graphics Capabilities : Simple as that, Sansar will have more powerful graphics with less load on your system. You’ll still want to make sure your computer is up to speed, but we’re expecting a lot less crashing!

2. Higher Sim Capacities : If you’re as frustrated as I am with retrying over and over again to get into new events, then this will be a sigh of relief. Sansar may be able to host significantly more avatars – potentially unlimited? – at any given time. No more waiting in line!

3. Your own website : If you own land with an experience or business that you’d like others to visit, Sansar will have the ability to easily set up a website for you. This is primarily so that people who aren’t already users of Sansar kind find what you’ve created and create an account to experience it. It will be great for advertising to your fans as well!

4. Better Connectivity : Its still ambiguous how this will be achieved, but Linden Labs has acknowledged that its difficult to find communities to become a part of in Second Life. Will we have better chances of making friends and connections in Sansar? Would be interesting!

5. Virtual Reality : While its not yet become mainstream technology, Sansar will be fully equipped to handle virtual reality headsets of all kinds. Have you ever wanted to really BE in the place your avatar is at? Feel closer to the people around you? As the price of headsets lower, this will become a reality. A virtual one.

6. Mobile Compatibility : Mobile Apps for Second Life communication are wonky and can be a bit difficult to use. Sansar will be built with mobile usage in mind, meaning you’ll be able to experience your world with much more immersion than just text while on the go.

7. Lower Land Prices : Linden Labs is well aware that its extremely difficult for the vast majority of users to pay hundreds of dollars for their own private place to rez. Speculation has it that ‘sims’ in Sansar could be as low as $10/month. The capabilities of these parcels is still unknown.

8. Easier Shopping & Inventory Management : While a speculation, many other platforms have paved the way in making this experience easy and slick. Imagine a marketplace like the one we know an love, but in world. Imagine trying on clothing with one click – or already seeing an image of your avatar wearing it before you buy it. Imagine – stay with me – an inventory that is automatically organized for you, and images of your clothing so you know exactly what you’re about to put on. Speculation, but possible with this new platform.

9. Code Compatibility : You may not know that Second Life scripts are made up of their very own coding language – Linden Scripting Language. Its pretty amazing for a platform to work off of its very own syntax! However this does close a lot of doors and makes some of the great coders of the world very uninterested in creating for Second Life. Sansar will be scripted in C#, a well known and loved language that top scripters are well versed in – meaning we’ll see a lot more great stuff with a much higher capability popping up.

10. Physics : Imagine your avatar reaching down and picking up a box. Using their fingers to grab it and lift it into the air. Now imagine dropping that box onto another box. It falls through the air and lands on top of the box with a wiggle. Not falling through, but sitting right where you put it. Now imagine swinging your arm and hitting the boxes, watching them tumble over one another onto the ground. This type of physics engine just may be possible in Sansar.

I’ve loved Second Life for 8+ years and plan on keeping it that way, but I can’t help but being excited about the possibilities of new technology in virtual worlds. Keep an open mind, and don’t be afraid of losing the strong community that we’ve built. Second Life will keep going strong!

Delilah Greyson (Amoralie Triellis)
ZoHa Islands Blogger

Prim Increases In Second Life?? Here’s The Scoop!

by

This week brought about a huge change that few saw coming: Linden Labs started to increase the prim limits across second life. They acknowledged this has been a wishlist item for many for a long time, and our collective wishes have been granted.

What does this mean? This means that we’ll be able to do more with the same space. And this isn’t just a little increase. This excerpt from the main site goes into a bit more detail:

Land impact (object) capacity on Mainland Regions will go from 15,000 to 22,500 – that’s a lot more building capacity!

In addition to this, we will further carry the prim limit increases to the private estate regions shortly.  Keep your eye on our blogs for more information!

Designing Worlds created this chart to better understand the new (or anticipated) limits we’ll see across SL:

While this huge improvement has already hit the mainlands, do note that this will also be rolled out in the near future to private regions as well (which will be a big deal for our ZoHa Islands customers).

Of course, this set SL afire with a flurry of questions. Here’s a couple common ones that have been asked:

“Won’t more prims just cause more lag?”

If you folks haven’t noticed recently, Linden Labs has invested in upgrading their servers. So the prim increase isn’t something out of vanity; they’ve been planning this for a while so the increases wouldn’t be detrimental to gameplay.

“Won’t that mean they will charge more?”

Nope! Linden Labs is doing this to improve our gameplay and flexibility, and will not be increasing costs. And nor should your landlords! ZoHa Islands is happy to announce that this will NOT result in any fee increase, as it’s not something that is causing anyone any additional expense. In short, this is a really awesome FREE upgrade for all to enjoy! So once it’s rolled out to private estates, the only thing you will need to worry about is how you’re going to use all these extra prims!

“I’m not seeing any prim increases yet. Is it just for mainland?”

It’s currently rolled out on mainlands, but eventually will be rolled out grid-wide. We’ll have to stay tuned for a formal announcement from Linden Labs, but they do acknowledge it is happening soon!

So, let’s all rejoice! Not only is this a huge development for Second Life, but also a big indication that Linden Labs isn’t forgetting about us anytime soon. Server upgrades are not a light expense and they did something spectacular to show us some love.

What are YOU going to do with your extra prims??

You can check out the Designing Worlds episode here to get more detail into this great development:

Bria Oceanside

ZoHa Blogger/Social Media